Vulnerabilities > Improper Authentication
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-10-07 | CVE-2020-25867 | Improper Authentication vulnerability in Soplanning SoPlanning before 1.47 doesn't correctly check the security key used to publicly share plannings. | 5.3 |
| 2020-10-02 | CVE-2020-12126 | Improper Authentication vulnerability in Wavlink Wn530H4 Firmware M30H4.V5030.190403 Multiple authentication bypass vulnerabilities in the /cgi-bin/ endpoint of the WAVLINK WN530H4 M30H4.V5030.190403 allow an attacker to leak router settings, change configuration variables, and cause denial of service via an unauthenticated endpoint. | 9.8 |
| 2020-10-02 | CVE-2020-26511 | Improper Authentication vulnerability in Wpo365 Wordpress + Azure AD / Microsoft Office 365 The wpo365-login plugin before v11.7 for WordPress allows use of a symmetric algorithm to decrypt a JWT token. | 7.5 |
| 2020-09-30 | CVE-2018-11765 | Improper Authentication vulnerability in Apache Hadoop In Apache Hadoop versions 3.0.0-alpha2 to 3.0.0, 2.9.0 to 2.9.2, 2.8.0 to 2.8.5, any users can access some servlets without authentication when Kerberos authentication is enabled and SPNEGO through HTTP is not enabled. | 7.5 |
| 2020-09-29 | CVE-2020-24563 | Improper Authentication vulnerability in Trendmicro Apex ONE 2019/Saas A vulnerability in Trend Micro Apex One may allow a local attacker to manipulate the process of the security agent unload option (if configured), which then could be manipulated to gain a privilege escalation and code execution. | 7.8 |
| 2020-09-25 | CVE-2020-26105 | Improper Authentication vulnerability in Cpanel In cPanel before 88.0.3, insecure chkservd test credentials are used on a templated VM (SEC-554). | 9.8 |
| 2020-09-25 | CVE-2020-26101 | Improper Authentication vulnerability in Cpanel In cPanel before 88.0.3, insecure RNDC credentials are used for BIND on a templated VM (SEC-549). | 9.8 |
| 2020-09-23 | CVE-2019-15993 | Improper Authentication vulnerability in Cisco products A vulnerability in the web UI of Cisco Small Business Switches could allow an unauthenticated, remote attacker to access sensitive device information. | 5.3 |
| 2020-09-23 | CVE-2019-16028 | Improper Authentication vulnerability in Cisco Secure Firewall Management Center A vulnerability in the web-based management interface of Cisco Firepower Management Center (FMC) could allow an unauthenticated, remote attacker to bypass authentication and execute arbitrary actions with administrative privileges on an affected device. | 9.8 |
| 2020-09-18 | CVE-2020-8253 | Improper Authentication vulnerability in Citrix Xenmobile Server Improper authentication in Citrix XenMobile Server 10.12 before RP2, Citrix XenMobile Server 10.11 before RP4, Citrix XenMobile Server 10.10 before RP6 and Citrix XenMobile Server before 10.9 RP5 leads to the ability to access sensitive files. | 7.5 |