Vulnerabilities > Improper Authentication

DATE CVE VULNERABILITY TITLE RISK
2024-04-25 CVE-2024-4024 Improper Authentication vulnerability in Gitlab
An issue has been discovered in GitLab CE/EE affecting all versions starting from 7.8 before 16.9.6, all versions starting from 16.10 before 16.10.4, all versions starting from 16.11 before 16.11.1.
network
low complexity
gitlab CWE-287
8.8
2024-03-13 CVE-2023-38534 Improper Authentication vulnerability in Opentext Exceed Turbox 12.5.0/12.5.1
Improper authentication vulnerability in OpenText™ Exceed Turbo X affecting versions 12.5.0 and 12.5.1.
network
low complexity
opentext CWE-287
7.5
2024-03-08 CVE-2024-23255 Improper Authentication vulnerability in Apple Ipad OS and Iphone OS
An authentication issue was addressed with improved state management.
low complexity
apple CWE-287
2.4
2024-02-22 CVE-2023-52160 Improper Authentication vulnerability in multiple products
The implementation of PEAP in wpa_supplicant through 2.10 allows authentication bypass.
network
low complexity
debian redhat fedoraproject w1-fi CWE-287
6.5
2024-02-22 CVE-2023-52161 Improper Authentication vulnerability in Intel Inet Wireless Daemon
The Access Point functionality in eapol_auth_key_handle in eapol.c in iNet wireless daemon (IWD) before 2.14 allows attackers to gain unauthorized access to a protected Wi-Fi network.
network
low complexity
intel CWE-287
7.5
2024-02-16 CVE-2023-6451 Improper Authentication vulnerability in Alayacare Procura
Publicly known cryptographic machine key in AlayaCare's Procura Portal before 9.0.1.2 allows attackers to forge their own authentication cookies and bypass the application's authentication mechanisms.
network
low complexity
alayacare CWE-287
7.5
2024-02-13 CVE-2024-23813 Improper Authentication vulnerability in Siemens Polarion ALM 21.0/2304.0
A vulnerability has been identified in Polarion ALM (All versions < V2404.0).
network
low complexity
siemens CWE-287
critical
9.8
2024-02-09 CVE-2024-25313 Improper Authentication vulnerability in Code-Projects Simple School Management System 1.0
Code-projects Simple School Managment System 1.0 allows Authentication Bypass via the username and password parameters at School/teacher_login.php.
network
low complexity
code-projects CWE-287
8.8
2024-02-09 CVE-2023-51761 Improper Authentication vulnerability in Emerson products
In Emerson Rosemount GC370XA, GC700XA, and GC1500XA products, an unauthenticated user with network access could bypass authentication and acquire admin capabilities.
network
high complexity
emerson CWE-287
8.1
2024-02-08 CVE-2024-24496 Improper Authentication vulnerability in Remyandrade Daily Habit Tracker 1.0
An issue in Daily Habit Tracker v.1.0 allows a remote attacker to manipulate trackers via the home.php, add-tracker.php, delete-tracker.php, update-tracker.php components.
network
low complexity
remyandrade CWE-287
critical
9.8