Vulnerabilities > Missing Authentication for Critical Function
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-08-23 | CVE-2022-35733 | Missing Authentication for Critical Function vulnerability in Unimo products Missing authentication for critical function vulnerability in UNIMO Technology digital video recorders (UDR-JA1004/JA1008/JA1016 firmware versions v1.0.20.13 and earlier, and UDR-JA1016 firmware versions v2.0.20.13 and earlier) allows a remote unauthenticated attacker to execute an arbitrary OS command by sending a specially crafted request to the affected device web interface. | 9.8 |
| 2022-08-18 | CVE-2022-37062 | Missing Authentication for Critical Function vulnerability in Flir AX8 Firmware All FLIR AX8 thermal sensor cameras version up to and including 1.46.16 are affected by an insecure design vulnerability due to an improper directory access restriction. | 7.5 |
| 2022-08-17 | CVE-2022-35122 | Missing Authentication for Critical Function vulnerability in Ecowitt Gw1100 Firmware An access control issue in Ecowitt GW1100 Series Weather Stations <=GW1100B_v2.1.5 allows unauthenticated attackers to access sensitive information including device and local WiFi passwords. | 9.1 |
| 2022-08-11 | CVE-2022-2765 | Missing Authentication for Critical Function vulnerability in Company Website CMS Project Company Website CMS 1.0 A vulnerability was found in SourceCodester Company Website CMS 1.0. | 9.8 |
| 2022-07-28 | CVE-2022-30313 | Missing Authentication for Critical Function vulnerability in Honeywell Safety Manager Firmware Honeywell Experion PKS Safety Manager through 2022-05-06 has Missing Authentication for a Critical Function. | 7.5 |
| 2022-07-27 | CVE-2022-36884 | Missing Authentication for Critical Function vulnerability in Jenkins GIT The webhook endpoint in Jenkins Git Plugin 4.11.3 and earlier provide unauthenticated attackers information about the existence of jobs configured to use an attacker-specified Git repository. | 5.3 |
| 2022-07-26 | CVE-2022-30276 | Missing Authentication for Critical Function vulnerability in Motorola products The Motorola MOSCAD and ACE line of RTUs through 2022-05-02 omit an authentication requirement. | 7.5 |
| 2022-07-26 | CVE-2022-36129 | Missing Authentication for Critical Function vulnerability in Hashicorp Vault HashiCorp Vault Enterprise 1.7.0 through 1.9.7, 1.10.4, and 1.11.0 clusters using Integrated Storage expose an unauthenticated API endpoint that could be abused to override the voter status of a node within a Vault HA cluster, introducing potential for future data loss or catastrophic failure. | 9.1 |
| 2022-07-26 | CVE-2022-29951 | Missing Authentication for Critical Function vulnerability in Jtekt products JTEKT TOYOPUC PLCs through 2022-04-29 mishandle authentication. | 9.1 |
| 2022-07-26 | CVE-2022-29952 | Missing Authentication for Critical Function vulnerability in Bakerhughes products Bently Nevada condition monitoring equipment through 2022-04-29 mishandles authentication. | 9.1 |