Vulnerabilities > Missing Authentication for Critical Function

DATE CVE VULNERABILITY TITLE RISK
2022-11-30 CVE-2022-4229 Missing Authentication for Critical Function vulnerability in Book Store Management System Project Book Store Management System 1.0
A vulnerability classified as critical was found in SourceCodester Book Store Management System 1.0.
network
low complexity
book-store-management-system-project CWE-306
critical
 9.8
9.8
2022-11-27 CVE-2022-45933 Missing Authentication for Critical Function vulnerability in Kubeview Project Kubeview
KubeView through 0.1.31 allows attackers to obtain control of a Kubernetes cluster because api/scrape/kube-system does not require authentication, and retrieves certificate files that can be used for authentication as kube-admin.
network
low complexity
kubeview-project CWE-306
critical
 9.8
9.8
2022-11-17 CVE-2022-44001 Missing Authentication for Critical Function vulnerability in Backclick 5.9.63
An issue was discovered in BACKCLICK Professional 5.9.63.
network
low complexity
backclick CWE-306
critical
 9.8
9.8
2022-11-17 CVE-2022-42982 Missing Authentication for Critical Function vulnerability in Bund BKG Professional Ntripcaster 2.0.39
BKG Professional NtripCaster 2.0.39 allows querying information over the UDP protocol without authentication.
network
low complexity
bund CWE-306
7.5
7.5
2022-11-16 CVE-2022-43999 Missing Authentication for Critical Function vulnerability in Backclick 5.9.63
An issue was discovered in BACKCLICK Professional 5.9.63.
network
low complexity
backclick CWE-306
critical
 9.8
9.8
2022-11-16 CVE-2022-4018 Missing Authentication for Critical Function vulnerability in Ikus-Soft Rdiffweb
Missing Authentication for Critical Function in GitHub repository ikus060/rdiffweb prior to 2.5.0a6.
network
low complexity
ikus-soft CWE-306
4.3
4.3
2022-11-15 CVE-2022-42785 Missing Authentication for Critical Function vulnerability in WUT products
Multiple W&T products of the ComServer Series are prone to an authentication bypass.
network
low complexity
wut CWE-306
critical
 9.8
9.8
2022-11-14 CVE-2022-45378 Missing Authentication for Critical Function vulnerability in Apache Soap 1.2/2.2/2.3
In the default configuration of Apache SOAP, an RPCRouterServlet is available without authentication.
network
low complexity
apache CWE-306
critical
 9.8
9.8
2022-11-09 CVE-2021-46852 Missing Authentication for Critical Function vulnerability in Huawei Emui and Harmonyos
The memory management module has the logic bypass vulnerability.
network
low complexity
huawei CWE-306
7.5
7.5
2022-11-08 CVE-2022-30515 Missing Authentication for Critical Function vulnerability in Zkteco Biotime 8.5.4/8.5.5
ZKTeco BioTime 8.5.4 is missing authentication on folders containing employee photos, allowing an attacker to view them through filename enumeration.
network
low complexity
zkteco CWE-306
5.3
5.3