| 2025-02-19 | CVE-2025-21355 | Missing Authentication for Critical Function in Microsoft Bing allows an unauthorized attacker to execute code over a network | 8.6 |
| 2025-02-12 | CVE-2025-0108 | Missing Authentication for Critical Function vulnerability in Paloaltonetworks Pan-Os
An authentication bypass in the Palo Alto Networks PAN-OS software enables an unauthenticated attacker with network access to the management web interface to bypass the authentication otherwise required by the PAN-OS management web interface and invoke certain PHP scripts. | 9.1 |
| 2025-02-08 | CVE-2024-54176 | IBM DevOps Deploy 8.0 through 8.0.1.4, 8.1 through 8.1.0.0 and IBM UrbanCode Deploy (UCD) 7.0 through 7.0.5.25, 7.1 through 7.1.2.21, 7.2 through 7.2.3.14 and 7.3 through 7.3.2 could allow an authenticated user to obtain sensitive information about other users on the system due to missing authorization for a function. | 4.3 |
| 2025-01-22 | CVE-2024-12857 | Missing Authentication for Critical Function vulnerability in Scriptsbundle Adforest
The AdForest theme for WordPress is vulnerable to authentication bypass in all versions up to, and including, 5.1.8. | 9.8 |
| 2025-01-21 | CVE-2025-24456 | Missing Authentication for Critical Function vulnerability in Jetbrains HUB
In JetBrains Hub before 2024.3.55417 privilege escalation was possible via LDAP authentication mapping | 8.8 |
| 2025-01-16 | CVE-2025-0456 | The airPASS from NetVision Information has a Missing Authentication vulnerability, allowing unauthenticated remote attackers to access the specific administrative functionality to retrieve * all accounts and passwords. network low complexity CWE-306 critical | 9.8 |
| 2025-01-14 | CVE-2024-35277 | Missing Authentication for Critical Function vulnerability in Fortinet Fortimanager and Fortimanager Cloud
A missing authentication for critical function in Fortinet FortiPortal version 6.0.0 through 6.0.15, FortiManager version 7.4.0 through 7.4.2, 7.2.0 through 7.2.5, 7.0.0 through 7.0.12, 6.4.0 through 6.4.14 allows attacker to access to the configuration of the managed devices by sending specifically crafted packets | 7.5 |
| 2024-12-31 | CVE-2024-12106 | Missing Authentication for Critical Function vulnerability in Progress Whatsup Gold
In WhatsUp Gold versions released before 2024.0.2, an unauthenticated attacker can configure LDAP settings. | 7.5 |
| 2024-12-10 | CVE-2024-11639 | Missing Authentication for Critical Function vulnerability in Ivanti Cloud Services Appliance 4.5/4.6/5.0
An authentication bypass in the admin web console of Ivanti CSA before 5.0.3 allows a remote unauthenticated attacker to gain administrative access | 9.8 |
| 2024-12-04 | CVE-2024-54153 | Missing Authentication for Critical Function vulnerability in Jetbrains Youtrack
In JetBrains YouTrack before 2024.3.51866 unauthenticated database backup download was possible via vulnerable query parameter | 6.5 |