Vulnerabilities > Missing Authentication for Critical Function

DATE CVE VULNERABILITY TITLE RISK
2024-10-28 CVE-2024-50477 Missing Authentication for Critical Function vulnerability in Stacksmarket Stacks Mobile APP Builder
Authentication Bypass Using an Alternate Path or Channel vulnerability in Stacks Stacks Mobile App Builder stacks-mobile-app-builder allows Authentication Bypass.This issue affects Stacks Mobile App Builder: from n/a through 5.2.3.
network
low complexity
stacksmarket CWE-306
critical
9.8
2024-10-28 CVE-2024-50486 Missing Authentication for Critical Function vulnerability in Acnoo Flutter API
Authentication Bypass Using an Alternate Path or Channel vulnerability in Acnoo Acnoo Flutter API allows Authentication Bypass.This issue affects Acnoo Flutter API: from n/a through 1.0.5.
network
low complexity
acnoo CWE-306
critical
9.8
2024-10-28 CVE-2024-50487 Missing Authentication for Critical Function vulnerability in Maantheme Maanstore API
Authentication Bypass Using an Alternate Path or Channel vulnerability in MaanTheme MaanStore API allows Authentication Bypass.This issue affects MaanStore API: from n/a through 1.0.1.
network
low complexity
maantheme CWE-306
critical
9.8
2024-10-28 CVE-2024-50489 Missing Authentication for Critical Function vulnerability in Realtyworkstation Realty Workstation
Authentication Bypass Using an Alternate Path or Channel vulnerability in Realty Workstation allows Authentication Bypass.This issue affects Realty Workstation: from n/a through 1.0.45.
network
low complexity
realtyworkstation CWE-306
critical
9.8
2024-10-25 CVE-2024-47406 Missing Authentication for Critical Function vulnerability in multiple products
Sharp and Toshiba Tec MFPs improperly process HTTP authentication requests, resulting in an authentication bypass vulnerability.
network
low complexity
toshibatec sharp CWE-306
critical
9.8
2024-10-23 CVE-2024-47575 Missing Authentication for Critical Function vulnerability in Fortinet Fortimanager and Fortimanager Cloud
A missing authentication for critical function in FortiManager 7.6.0, FortiManager 7.4.0 through 7.4.4, FortiManager 7.2.0 through 7.2.7, FortiManager 7.0.0 through 7.0.12, FortiManager 6.4.0 through 6.4.14, FortiManager 6.2.0 through 6.2.12, Fortinet FortiManager Cloud 7.4.1 through 7.4.4, FortiManager Cloud 7.2.1 through 7.2.7, FortiManager Cloud 7.0.1 through 7.0.12, FortiManager Cloud 6.4.1 through 6.4.7 allows attacker to execute arbitrary code or commands via specially crafted requests.
network
low complexity
fortinet CWE-306
critical
9.8
2024-10-23 CVE-2024-47902 Missing Authentication for Critical Function vulnerability in Siemens products
A vulnerability has been identified in InterMesh 7177 Hybrid 2.0 Subscriber (All versions < V8.2.12), InterMesh 7707 Fire Subscriber (All versions < V7.2.12 only if the IP interface is enabled (which is not the default configuration)).
network
low complexity
siemens CWE-306
critical
9.8
2024-10-22 CVE-2022-23862 Missing Authentication for Critical Function vulnerability in Ysoft Safeq 6.0
A Local Privilege Escalation issue was discovered in Y Soft SAFEQ 6 Build 53.
local
low complexity
ysoft CWE-306
7.8
2024-10-22 CVE-2024-10002 Missing Authentication for Critical Function vulnerability in Roveridx Rover IDX
The Rover IDX plugin for WordPress is vulnerable to Authentication Bypass in versions up to, and including, 3.0.0.2905.
network
low complexity
roveridx CWE-306
8.8
2024-10-20 CVE-2024-49328 Missing Authentication for Critical Function vulnerability in Vivektamrakar WP Rest API FNS
Authentication Bypass Using an Alternate Path or Channel vulnerability in Vivek Tamrakar WP REST API FNS allows Authentication Bypass.This issue affects WP REST API FNS: from n/a through 1.0.0.
network
low complexity
vivektamrakar CWE-306
critical
9.8