Vulnerabilities > Improper Authentication
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-08-03 | CVE-2020-8108 | Improper Authentication vulnerability in Bitdefender Endpoint Security Improper Authentication vulnerability in Bitdefender Endpoint Security for Mac allows an unprivileged process to restart the main service and potentially inject third-party code into a trusted process. | 8.8 |
| 2020-07-31 | CVE-2020-5384 | Improper Authentication vulnerability in RSA Multifactor Authentication Agent 2.0 Authentication Bypass Vulnerability RSA MFA Agent 2.0 for Microsoft Windows contains an Authentication Bypass vulnerability. | 8.4 |
| 2020-07-30 | CVE-2020-14158 | Improper Authentication vulnerability in Abus Secvest Hybrid Fumo50110 Firmware The ABUS Secvest FUMO50110 hybrid module does not have any security mechanism that ensures confidentiality or integrity of RF packets that are exchanged with an alarm panel. | 9.1 |
| 2020-07-30 | CVE-2020-8206 | Improper Authentication vulnerability in multiple products An improper authentication vulnerability exists in Pulse Connect Secure <9.1RB that allows an attacker with a users primary credentials to bypass the Google TOTP. | 8.1 |
| 2020-07-29 | CVE-2019-20033 | Improper Authentication vulnerability in NEC Sv8100 Firmware On Aspire-derived NEC PBXes, including all versions of SV8100 devices, a set of documented, static login credentials may be used to access the DIM interface. | 9.8 |
| 2020-07-29 | CVE-2019-20027 | Improper Authentication vulnerability in NEC products Aspire-derived NEC PBXes, including the SV8100, SV9100, SL1100 and SL2100 with software releases 7.0 or higher contain the possibility if incorrectly configured to allow a blank username and password combination to be entered as a valid, successfully authenticating account. | 9.8 |
| 2020-07-28 | CVE-2020-16088 | Improper Authentication vulnerability in Openbsd iked in OpenIKED, as used in OpenBSD through 6.7, allows authentication bypass because ca.c has the wrong logic for checking whether a public key matches. | 9.8 |
| 2020-07-27 | CVE-2020-9077 | Improper Authentication vulnerability in Huawei P30 Firmware HUAWEI P30 smart phones with versions earlier than 10.1.0.160(C00E160R2P11) have an information exposure vulnerability. | 3.3 |
| 2020-07-24 | CVE-2020-8207 | Improper Authentication vulnerability in Citrix Workspace 1912/2002 Improper access control in Citrix Workspace app for Windows 1912 CU1 and 2006.1 causes privilege escalation and code execution when the automatic updater service is running. | 8.8 |
| 2020-07-24 | CVE-2020-15921 | Improper Authentication vulnerability in Midasolutions Eframework 2.8.0/2.8.9/2.9.0 Mida eFramework through 2.9.0 has a back door that permits a change of the administrative password and access to restricted functionalities, such as Code Execution. | 9.8 |