Vulnerabilities > Improper Authentication
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-04-14 | CVE-2021-27990 | Improper Authentication vulnerability in Appspace 6.2.4 Appspace 6.2.4 is vulnerable to a broken authentication mechanism where pages such as /medianet/mail.aspx can be called directly and the framework is exposed with layouts, menus and functionalities. | 7.5 |
| 2021-04-13 | CVE-2021-21399 | Improper Authentication vulnerability in Ampache Ampache is a web based audio/video streaming application and file manager. | 7.5 |
| 2021-04-12 | CVE-2021-22497 | Improper Authentication vulnerability in Microfocus Netiq Advanced Authentication Advanced Authentication versions prior to 6.3 SP4 have a potential broken authentication due to improper session management issue. | 7.2 |
| 2021-04-10 | CVE-2021-20020 | Improper Authentication vulnerability in Sonicwall Global Management System 9.3 A command execution vulnerability in SonicWall GMS 9.3 allows a remote unauthenticated attacker to locally escalate privilege to root. | 9.8 |
| 2021-04-08 | CVE-2021-22507 | Improper Authentication vulnerability in Microfocus Operations Bridge Manager Authentication bypass vulnerability in Micro Focus Operations Bridge Manager affects versions 2019.05, 2019.11, 2020.05 and 2020.10. | 9.8 |
| 2021-04-08 | CVE-2021-27522 | Improper Authentication vulnerability in Learnsite Project Learnsite 1.2.5.0 Learnsite 1.2.5.0 contains a remote privilege escalation vulnerability in /Manager/index.aspx through the JudgIsAdmin() function. | 8.8 |
| 2021-04-08 | CVE-2021-28174 | Improper Authentication vulnerability in Mitake Smart Stock Selection 20200623 Mitake smart stock selection system contains a broken authentication vulnerability. | 6.5 |
| 2021-04-08 | CVE-2021-1472 | Improper Authentication vulnerability in Cisco products Multiple vulnerabilities exist in the web-based management interface of Cisco Small Business RV Series Routers. | 9.8 |
| 2021-04-06 | CVE-2021-30158 | Improper Authentication vulnerability in multiple products An issue was discovered in MediaWiki before 1.31.12 and 1.32.x through 1.35.x before 1.35.2. | 5.3 |
| 2021-04-05 | CVE-2021-24175 | Improper Authentication vulnerability in Posimyth the Plus Addons for Elementor The Plus Addons for Elementor Page Builder WordPress plugin before 4.1.7 was being actively exploited to by malicious actors to bypass authentication, allowing unauthenticated users to log in as any user (including admin) by just providing the related username, as well as create accounts with arbitrary roles, such as admin. | 9.8 |