Vulnerabilities > Missing Authentication for Critical Function

DATE CVE VULNERABILITY TITLE RISK
2023-02-02 CVE-2023-25014 Missing Authentication for Critical Function vulnerability in In2Code Femanager
An issue was discovered in the femanager extension before 5.5.3, 6.x before 6.3.4, and 7.x before 7.1.0 for TYPO3.
network
low complexity
in2code CWE-306
7.5
7.5
2023-01-23 CVE-2021-43447 Missing Authentication for Critical Function vulnerability in Onlyoffice Server 7.0.0.49
ONLYOFFICE all versions as of 2021-11-08 is affected by Incorrect Access Control.
network
low complexity
onlyoffice CWE-306
7.5
7.5
2023-01-20 CVE-2023-0052 Missing Authentication for Critical Function vulnerability in Sauter-Controls products
SAUTER Controls Nova 200–220 Series with firmware version 3.3-006 and prior and BACnetstac version 4.2.1 and prior allows the execution of commands without credentials.
network
low complexity
sauter-controls CWE-306
8.8
8.8
2023-01-13 CVE-2022-42276 Missing Authentication for Critical Function vulnerability in Nvidia DGX A100 Firmware 1.8
NVIDIA DGX A100 contains a vulnerability in SBIOS in the SmiFlash, where a local user with elevated privileges can read, write and erase flash, which may lead to code execution, escalation of privileges, denial of service, and information disclosure.
local
low complexity
nvidia CWE-306
8.2
8.2
2023-01-13 CVE-2022-42277 Missing Authentication for Critical Function vulnerability in Nvidia DGX Station A100 Firmware
NVIDIA DGX Station contains a vulnerability in SBIOS in the SmiFlash, where a local user with elevated privileges can read, write and erase flash, which may lead to code execution, escalation of privileges, denial of service, and information disclosure.
local
low complexity
nvidia CWE-306
8.2
8.2
2023-01-13 CVE-2022-42275 Missing Authentication for Critical Function vulnerability in Nvidia BMC
NVIDIA BMC IPMI handler allows an unauthenticated host to write to a host SPI flash bypassing secureboot protections.
local
low complexity
nvidia CWE-306
7.1
7.1
2023-01-13 CVE-2022-46463 Missing Authentication for Critical Function vulnerability in Linuxfoundation Harbor
An access control issue in Harbor v1.X.X to v2.5.3 allows attackers to access public and private image repositories without authentication.
network
low complexity
linuxfoundation CWE-306
7.5
7.5
2022-12-27 CVE-2022-45423 Missing Authentication for Critical Function vulnerability in Dahuasecurity products
Some Dahua software products have a vulnerability of unauthenticated request of MQTT credentials.
network
low complexity
dahuasecurity CWE-306
7.5
7.5
2022-12-27 CVE-2022-45424 Missing Authentication for Critical Function vulnerability in Dahuasecurity products
Some Dahua software products have a vulnerability of unauthenticated request of AES crypto key.
network
low complexity
dahuasecurity CWE-306
5.3
5.3
2022-12-25 CVE-2022-44013 Missing Authentication for Critical Function vulnerability in Simmeth Lieferantenmanager
An issue was discovered in Simmeth Lieferantenmanager before 5.6.
network
low complexity
simmeth CWE-306
critical
 9.1
9.1