Vulnerabilities > Missing Authentication for Critical Function
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-02-08 | CVE-2022-43761 | Missing Authentication for Critical Function vulnerability in Br-Automation Industrial Automation Aprol Missing authentication when creating and managing the B&R APROL database in versions < R 4.2-07 allows reading and changing the system configuration. | 7.5 |
| 2023-02-08 | CVE-2022-45190 | Missing Authentication for Critical Function vulnerability in Microchip Rn4870 Firmware 1.43 An issue was discovered on Microchip RN4870 1.43 devices. | 5.3 |
| 2023-02-07 | CVE-2022-24990 | Missing Authentication for Critical Function vulnerability in Terra-Master Terramaster Operating System TerraMaster NAS 4.2.29 and earlier allows remote attackers to discover the administrative password by sending "User-Agent: TNAS" to module/api.php?mobile/webNasIPS and then reading the PWD field in the response. | 7.5 |
| 2023-02-03 | CVE-2021-37234 | Missing Authentication for Critical Function vulnerability in Modern Honey Network Project Modern Honey Network 20201123 Incorrect Access Control vulnerability in Modern Honey Network commit 0abf0db9cd893c6d5c727d036e1f817c02de4c7b allows remote attackers to view sensitive information via crafted PUT request to Web API. | 6.5 |
| 2023-02-02 | CVE-2023-25013 | Missing Authentication for Critical Function vulnerability in In2Code Femanager An issue was discovered in the femanager extension before 5.5.3, 6.x before 6.3.4, and 7.x before 7.1.0 for TYPO3. | 7.5 |
| 2023-02-02 | CVE-2023-25014 | Missing Authentication for Critical Function vulnerability in In2Code Femanager An issue was discovered in the femanager extension before 5.5.3, 6.x before 6.3.4, and 7.x before 7.1.0 for TYPO3. | 7.5 |
| 2023-01-23 | CVE-2021-43447 | Missing Authentication for Critical Function vulnerability in Onlyoffice Server 7.0.0.49 ONLYOFFICE all versions as of 2021-11-08 is affected by Incorrect Access Control. | 7.5 |
| 2023-01-20 | CVE-2023-0052 | Missing Authentication for Critical Function vulnerability in Sauter-Controls products SAUTER Controls Nova 200–220 Series with firmware version 3.3-006 and prior and BACnetstac version 4.2.1 and prior allows the execution of commands without credentials. | 8.8 |
| 2023-01-13 | CVE-2022-42276 | Missing Authentication for Critical Function vulnerability in Nvidia DGX A100 Firmware 1.8 NVIDIA DGX A100 contains a vulnerability in SBIOS in the SmiFlash, where a local user with elevated privileges can read, write and erase flash, which may lead to code execution, escalation of privileges, denial of service, and information disclosure. | 8.2 |
| 2023-01-13 | CVE-2022-42277 | Missing Authentication for Critical Function vulnerability in Nvidia DGX Station A100 Firmware NVIDIA DGX Station contains a vulnerability in SBIOS in the SmiFlash, where a local user with elevated privileges can read, write and erase flash, which may lead to code execution, escalation of privileges, denial of service, and information disclosure. | 8.2 |