Vulnerabilities > Missing Authentication for Critical Function
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-01-13 | CVE-2022-42275 | Missing Authentication for Critical Function vulnerability in Nvidia BMC NVIDIA BMC IPMI handler allows an unauthenticated host to write to a host SPI flash bypassing secureboot protections. | 7.1 |
| 2023-01-13 | CVE-2022-46463 | Missing Authentication for Critical Function vulnerability in Linuxfoundation Harbor An access control issue in Harbor v1.X.X to v2.5.3 allows attackers to access public and private image repositories without authentication. | 7.5 |
| 2022-12-27 | CVE-2022-45423 | Missing Authentication for Critical Function vulnerability in Dahuasecurity products Some Dahua software products have a vulnerability of unauthenticated request of MQTT credentials. | 7.5 |
| 2022-12-27 | CVE-2022-45424 | Missing Authentication for Critical Function vulnerability in Dahuasecurity products Some Dahua software products have a vulnerability of unauthenticated request of AES crypto key. | 5.3 |
| 2022-12-25 | CVE-2022-44013 | Missing Authentication for Critical Function vulnerability in Simmeth Lieferantenmanager An issue was discovered in Simmeth Lieferantenmanager before 5.6. | 9.1 |
| 2022-12-21 | CVE-2022-3188 | Missing Authentication for Critical Function vulnerability in Dataprobe products Dataprobe iBoot-PDU FW versions prior to 1.42.06162022 contain a vulnerability where unauthenticated users could open PHP index pages without authentication and download the history file from the device; the history file includes the latest actions completed by specific users. | 5.3 |
| 2022-12-16 | CVE-2022-47377 | Missing Authentication for Critical Function vulnerability in Sick Sim2000 Firmware 1.2.0 Password recovery vulnerability in SICK SIM2000ST Partnumber 2086502 with firmware version <1.13.4 allows an unprivileged remote attacker to gain access to the userlevel defined as RecoverableUserLevel by invocating the password recovery mechanism method. | 9.8 |
| 2022-12-14 | CVE-2022-31701 | Missing Authentication for Critical Function vulnerability in VMWare products VMware Workspace ONE Access and Identity Manager contain a broken authentication vulnerability. | 5.3 |
| 2022-12-05 | CVE-2022-45479 | Missing Authentication for Critical Function vulnerability in Beappsmobile PC Keyboard Wifi&Bluetooth PC Keyboard allows remote unauthenticated users to send instructions to the server to execute arbitrary code without any previous authorization or authentication. | 9.8 |
| 2022-12-05 | CVE-2022-45481 | Missing Authentication for Critical Function vulnerability in Lzmouse Lazy Mouse The default configuration of Lazy Mouse does not require a password, allowing remote unauthenticated users to execute arbitrary code with no prior authorization or authentication. | 9.8 |