Vulnerabilities > Missing Authentication for Critical Function

DATE CVE VULNERABILITY TITLE RISK
2023-12-21 CVE-2023-29485 Missing Authentication for Critical Function vulnerability in Heimdalsecurity Thor
An issue was discovered in Heimdal Thor agent versions 3.4.2 and before on Windows and 2.6.9 and before on macOS, allows attackers to bypass network filtering, execute arbitrary code, and obtain sensitive information via DarkLayer Guard threat prevention module.
network
low complexity
heimdalsecurity CWE-306
critical
9.8
2023-12-14 CVE-2023-6368 Missing Authentication for Critical Function vulnerability in Progress Whatsup Gold 22.1.0
In WhatsUp Gold versions released before 2023.1, an API endpoint was found to be missing an authentication mechanism.
network
low complexity
progress CWE-306
5.3
2023-12-14 CVE-2023-6595 Missing Authentication for Critical Function vulnerability in Progress Whatsup Gold 22.1.0
In WhatsUp Gold versions released before 2023.1, an API endpoint was found to be missing an authentication mechanism.
network
low complexity
progress CWE-306
5.3
2023-12-13 CVE-2023-6718 Missing Authentication for Critical Function vulnerability in Europeana Repox 2.3.7
An authentication bypass vulnerability has been found in Repox, which allows a remote user to send a specially crafted POST request, due to the lack of any authentication method, resulting in the alteration or creation of users.
network
low complexity
europeana CWE-306
7.5
2023-12-12 CVE-2023-50263 Missing Authentication for Critical Function vulnerability in Networktocode Nautobot
Nautobot is a Network Source of Truth and Network Automation Platform built as a web application atop the Django Python framework with a PostgreSQL or MySQL database.
network
low complexity
networktocode CWE-306
5.3
2023-12-08 CVE-2023-32460 Missing Authentication for Critical Function vulnerability in Dell products
Dell PowerEdge BIOS contains an improper privilege management security vulnerability.
local
low complexity
dell CWE-306
7.8
2023-11-29 CVE-2023-49693 Missing Authentication for Critical Function vulnerability in Netgear Prosafe Network Management System
NETGEAR ProSAFE Network Management System has Java Debug Wire Protocol (JDWP) listening on port 11611 and it is remotely accessible by unauthenticated users, allowing attackers to execute arbitrary code.
network
low complexity
netgear CWE-306
critical
9.8
2023-11-28 CVE-2023-29061 Missing Authentication for Critical Function vulnerability in BD Facschorus
There is no BIOS password on the FACSChorus workstation.
low complexity
bd CWE-306
5.2
2023-11-28 CVE-2023-29063 Missing Authentication for Critical Function vulnerability in BD Facschorus
The FACSChorus workstation does not prevent physical access to its PCI express (PCIe) slots, which could allow a threat actor to insert a PCI card designed for memory capture.
low complexity
bd CWE-306
2.4
2023-11-28 CVE-2023-29060 Missing Authentication for Critical Function vulnerability in BD Facschorus
The FACSChorus workstation operating system does not restrict what devices can interact with its USB ports.
low complexity
bd CWE-306
5.7