Vulnerabilities > Improper Authentication
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-06-03 | CVE-2023-43551 | Improper Authentication vulnerability in Qualcomm products Cryptographic issue while performing attach with a LTE network, a rogue base station can skip the authentication phase and immediately send the Security Mode Command. | 7.5 |
| 2024-05-15 | CVE-2024-3487 | Improper Authentication vulnerability in Microfocus Imanager Broken Authentication vulnerability discovered in OpenText™ iManager 3.2.6.0200. This vulnerability allows an attacker to manipulate certain parameters to bypass authentication. | 9.8 |
| 2024-05-07 | CVE-2024-20856 | Improper Authentication vulnerability in Samsung Android 14.0 Improper Authentication vulnerability in Secure Folder prior to SMR May-2024 Release 1 allows physical attackers to access Secure Folder without proper authentication in a specific scenario. | 4.3 |
| 2024-04-25 | CVE-2024-4024 | Improper Authentication vulnerability in Gitlab An issue has been discovered in GitLab CE/EE affecting all versions starting from 7.8 before 16.9.6, all versions starting from 16.10 before 16.10.4, all versions starting from 16.11 before 16.11.1. | 8.8 |
| 2024-03-13 | CVE-2023-38534 | Improper Authentication vulnerability in Opentext Exceed Turbox 12.5.0/12.5.1 Improper authentication vulnerability in OpenText™ Exceed Turbo X affecting versions 12.5.0 and 12.5.1. | 7.5 |
| 2024-03-08 | CVE-2024-23255 | Improper Authentication vulnerability in Apple Ipad OS and Iphone OS An authentication issue was addressed with improved state management. | 2.4 |
| 2024-02-22 | CVE-2023-52160 | Improper Authentication vulnerability in multiple products The implementation of PEAP in wpa_supplicant through 2.10 allows authentication bypass. | 6.5 |
| 2024-02-22 | CVE-2023-52161 | Improper Authentication vulnerability in Intel Inet Wireless Daemon The Access Point functionality in eapol_auth_key_handle in eapol.c in iNet wireless daemon (IWD) before 2.14 allows attackers to gain unauthorized access to a protected Wi-Fi network. | 7.5 |
| 2024-02-16 | CVE-2023-6451 | Improper Authentication vulnerability in Alayacare Procura Publicly known cryptographic machine key in AlayaCare's Procura Portal before 9.0.1.2 allows attackers to forge their own authentication cookies and bypass the application's authentication mechanisms. | 7.5 |
| 2024-02-13 | CVE-2024-23813 | Improper Authentication vulnerability in Siemens Polarion ALM 21.0/2304.0 A vulnerability has been identified in Polarion ALM (All versions < V2404.0). | 9.8 |