Vulnerabilities > Improper Authentication
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-08-13 | CVE-2020-8708 | Improper Authentication vulnerability in Intel products Improper authentication for some Intel(R) Server Boards, Server Systems and Compute Modules before version 1.59 may allow an unauthenticated user to potentially enable escalation of privilege via adjacent access. | 8.8 |
| 2020-08-12 | CVE-2020-13290 | Improper Authentication vulnerability in Gitlab In GitLab before 13.0.12, 13.1.6, and 13.2.3, improper access control was used on the Applications page | 7.2 |
| 2020-08-10 | CVE-2020-13292 | Improper Authentication vulnerability in Gitlab In GitLab before 13.0.12, 13.1.6 and 13.2.3, it is possible to bypass E-mail verification which is required for OAuth Flow. | 9.6 |
| 2020-08-07 | CVE-2020-15063 | Improper Authentication vulnerability in Digitus Da-70254 Firmware 2.073.000.E0008 DIGITUS DA-70254 4-Port Gigabit Network Hub 2.073.000.E0008 devices allow an attacker on the same network to bypass authentication via a web-administration request that lacks a password parameter. | 8.8 |
| 2020-08-07 | CVE-2020-15059 | Improper Authentication vulnerability in Lindy-International 42633 Firmware 2.078.000 Lindy 42633 4-Port USB 2.0 Gigabit Network Server 2.078.000 devices allow an attacker on the same network to bypass authentication via a web-administration request that lacks a password parameter. | 8.8 |
| 2020-08-07 | CVE-2020-15055 | Improper Authentication vulnerability in Tp-Link Tl-Ps310U Firmware TP-Link USB Network Server TL-PS310U devices before 2.079.000.t0210 allow an attacker on the same network to bypass authentication via a web-administration request that lacks a password parameter. | 8.8 |
| 2020-08-07 | CVE-2020-16169 | Improper Authentication vulnerability in Robotemi Robox OS 117.21/119.24 Authentication Bypass Using an Alternate Path or Channel in temi Robox OS prior to120, temi Android app up to 1.3.7931 allows remote attackers to gain elevated privileges on the temi and have it automatically answer the attacker's calls, granting audio, video, and motor control via unspecified vectors. | 9.8 |
| 2020-08-06 | CVE-2020-13365 | Improper Authentication vulnerability in Zyxel products Certain Zyxel products have a locally accessible binary that allows a non-root user to generate a password for an undocumented user account that can be used for a TELNET session as root. | 8.8 |
| 2020-08-05 | CVE-2020-5608 | Improper Authentication vulnerability in Yokogawa products CAMS for HIS CENTUM CS 3000 (includes CENTUM CS 3000 Small) R3.08.10 to R3.09.50, CENTUM VP (includes CENTUM VP Small, Basic) R4.01.00 to R6.07.00, B/M9000CS R5.04.01 to R5.05.01, and B/M9000 VP R6.01.01 to R8.03.01 allows a remote unauthenticated attacker to bypass authentication and send altered communication packets via unspecified vectors. | 9.8 |
| 2020-08-04 | CVE-2020-5616 | Improper Authentication vulnerability in multiple products [Calendar01], [Calendar02], [PKOBO-News01], [PKOBO-vote01], [Telop01], [Gallery01], [CalendarForm01], and [Link01] [Calendar01] free edition ver1.0.0, [Calendar02] free edition ver1.0.0, [PKOBO-News01] free edition ver1.0.3 and earlier, [PKOBO-vote01] free edition ver1.0.1 and earlier, [Telop01] free edition ver1.0.0, [Gallery01] free edition ver1.0.3 and earlier, [CalendarForm01] free edition ver1.0.3 and earlier, and [Link01] free edition ver1.0.0 allows remote attackers to bypass authentication and log in to the product with administrative privileges via unspecified vectors. network low complexity calendar02-project calendar01-project link01-project calendarform01-project gallery01-project telop01-project pkobo-vote01-project pkobo-news01-project CWE-287 critical | 9.8 |