Vulnerabilities > Improper Authentication
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-04-08 | CVE-2021-27522 | Improper Authentication vulnerability in Learnsite Project Learnsite 1.2.5.0 Learnsite 1.2.5.0 contains a remote privilege escalation vulnerability in /Manager/index.aspx through the JudgIsAdmin() function. | 8.8 |
| 2021-04-08 | CVE-2021-28174 | Improper Authentication vulnerability in Mitake Smart Stock Selection 20200623 Mitake smart stock selection system contains a broken authentication vulnerability. | 6.5 |
| 2021-04-08 | CVE-2021-1472 | Improper Authentication vulnerability in Cisco products Multiple vulnerabilities exist in the web-based management interface of Cisco Small Business RV Series Routers. | 9.8 |
| 2021-04-06 | CVE-2021-30158 | Improper Authentication vulnerability in multiple products An issue was discovered in MediaWiki before 1.31.12 and 1.32.x through 1.35.x before 1.35.2. | 5.3 |
| 2021-04-05 | CVE-2021-24175 | Improper Authentication vulnerability in Posimyth the Plus Addons for Elementor The Plus Addons for Elementor Page Builder WordPress plugin before 4.1.7 was being actively exploited to by malicious actors to bypass authentication, allowing unauthenticated users to log in as any user (including admin) by just providing the related username, as well as create accounts with arbitrary roles, such as admin. | 9.8 |
| 2021-04-02 | CVE-2019-20464 | Improper Authentication vulnerability in Sannce Smart HD Wifi Security Camera EAN 2 950004 595317 Firmware An issue was discovered on Sannce Smart HD Wifi Security Camera EAN 2 950004 595317 devices. | 7.5 |
| 2021-04-02 | CVE-2021-29012 | Improper Authentication vulnerability in Dmasoftlab DMA Radius Manager 4.4.0 DMA Softlab Radius Manager 4.4.0 assigns the same session cookie to every admin session. | 9.8 |
| 2021-04-01 | CVE-2021-23923 | Improper Authentication vulnerability in Devolutions Server An issue was discovered in Devolutions Server before 2020.3. | 8.1 |
| 2021-04-01 | CVE-2021-21982 | Improper Authentication vulnerability in VMWare Carbon Black Cloud Workload 1.0/1.0.1 VMware Carbon Black Cloud Workload appliance 1.0.0 and 1.01 has an authentication bypass vulnerability that may allow a malicious actor with network access to the administrative interface of the VMware Carbon Black Cloud Workload appliance to obtain a valid authentication token. | 9.1 |
| 2021-03-29 | CVE-2019-5317 | Improper Authentication vulnerability in multiple products A local authentication bypass vulnerability was discovered in some Aruba Instant Access Point (IAP) products in version(s): Aruba Instant 6.4.x: 6.4.4.8-4.2.4.18 and below; Aruba Instant 6.5.x: 6.5.4.15 and below; Aruba Instant 8.3.x: 8.3.0.11 and below; Aruba Instant 8.4.x: 8.4.0.5 and below; Aruba Instant 8.5.x: 8.5.0.6 and below; Aruba Instant 8.6.x: 8.6.0.2 and below. | 6.8 |