Vulnerabilities > Missing Authentication for Critical Function

DATE CVE VULNERABILITY TITLE RISK
2025-03-11 CVE-2024-52285 A vulnerability has been identified in SiPass integrated AC5102 (ACC-G2) (All versions < V6.4.8), SiPass integrated ACC-AP (All versions < V6.4.8).
network
low complexity
CWE-306
5.3
2025-03-11 CVE-2025-23194 SAP NetWeaver Enterprise Portal OBN does not perform proper authentication check for a particular configuration setting.
network
low complexity
CWE-306
5.3
2025-02-19 CVE-2025-21355 Missing Authentication for Critical Function vulnerability in Microsoft Bing
Missing Authentication for Critical Function in Microsoft Bing allows an unauthorized attacker to execute code over a network
network
low complexity
microsoft CWE-306
critical
9.8
2025-02-13 CVE-2025-24865 Missing Authentication for Critical Function vulnerability in Myscada Mypro
The administrative web interface of mySCADA myPRO Manager can be accessed without authentication which could allow an unauthorized attacker to retrieve sensitive information and upload files without the associated password.
network
low complexity
myscada CWE-306
critical
9.8
2025-02-12 CVE-2025-0108 Missing Authentication for Critical Function vulnerability in Paloaltonetworks Pan-Os
An authentication bypass in the Palo Alto Networks PAN-OS software enables an unauthenticated attacker with network access to the management web interface to bypass the authentication otherwise required by the PAN-OS management web interface and invoke certain PHP scripts.
network
low complexity
paloaltonetworks CWE-306
critical
9.1
2025-02-08 CVE-2024-54176 IBM DevOps Deploy 8.0 through 8.0.1.4, 8.1 through 8.1.0.0 and IBM UrbanCode Deploy (UCD) 7.0 through 7.0.5.25, 7.1 through 7.1.2.21, 7.2 through 7.2.3.14 and 7.3 through 7.3.2 could allow an authenticated user to obtain sensitive information about other users on the system due to missing authorization for a function.
network
low complexity
CWE-306
4.3
2025-01-22 CVE-2024-12857 Missing Authentication for Critical Function vulnerability in Scriptsbundle Adforest
The AdForest theme for WordPress is vulnerable to authentication bypass in all versions up to, and including, 5.1.8.
network
low complexity
scriptsbundle CWE-306
critical
9.8
2025-01-21 CVE-2025-24456 Missing Authentication for Critical Function vulnerability in Jetbrains HUB
In JetBrains Hub before 2024.3.55417 privilege escalation was possible via LDAP authentication mapping
network
low complexity
jetbrains CWE-306
8.8
2025-01-16 CVE-2025-0456 The airPASS from NetVision Information has a Missing Authentication vulnerability, allowing unauthenticated remote attackers to access the specific administrative functionality to retrieve * all accounts and passwords.
network
low complexity
CWE-306
critical
9.8
2025-01-14 CVE-2024-35277 Missing Authentication for Critical Function vulnerability in Fortinet Fortimanager and Fortimanager Cloud
A missing authentication for critical function in Fortinet FortiPortal version 6.0.0 through 6.0.15, FortiManager version 7.4.0 through 7.4.2, 7.2.0 through 7.2.5, 7.0.0 through 7.0.12, 6.4.0 through 6.4.14 allows attacker to access to the configuration of the managed devices by sending specifically crafted packets
network
low complexity
fortinet CWE-306
7.5