Vulnerabilities > Missing Authentication for Critical Function
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-07-17 | CVE-2022-28809 | Missing Authentication for Critical Function vulnerability in Opendesign Drawings SDK An issue was discovered in Open Design Alliance Drawings SDK before 2023.3. | 7.8 |
| 2022-07-17 | CVE-2022-31260 | Missing Authentication for Critical Function vulnerability in Montala Resourcespace In Montala ResourceSpace through 9.8 before r19636, csv_export_results_metadata.php allows attackers to export collection metadata via a non-NULL k value. | 6.5 |
| 2022-07-16 | CVE-2021-34538 | Missing Authentication for Critical Function vulnerability in Apache Hive Apache Hive before 3.1.3 "CREATE" and "DROP" function operations does not check for necessary authorization of involved entities in the query. | 7.5 |
| 2022-07-12 | CVE-2021-44222 | Missing Authentication for Critical Function vulnerability in Siemens Simatic Easie Core Package A vulnerability has been identified in SIMATIC eaSie Core Package (All versions < V22.00). | 9.1 |
| 2022-07-12 | CVE-2022-33138 | Missing Authentication for Critical Function vulnerability in Siemens products A vulnerability has been identified in SIMATIC MV540 H (All versions < V3.3), SIMATIC MV540 S (All versions < V3.3), SIMATIC MV550 H (All versions < V3.3), SIMATIC MV550 S (All versions < V3.3), SIMATIC MV560 U (All versions < V3.3), SIMATIC MV560 X (All versions < V3.3). | 7.5 |
| 2022-06-30 | CVE-2022-23719 | Missing Authentication for Critical Function vulnerability in Pingidentity Pingid Integration for Windows Login PingID Windows Login prior to 2.8 does not authenticate communication with a local Java service used to capture security key requests. | 6.4 |
| 2022-06-29 | CVE-2022-29270 | Missing Authentication for Critical Function vulnerability in Nagios XI In Nagios XI through 5.8.5, it is possible for a user without password verification to change his e-mail address. | 4.3 |
| 2022-06-29 | CVE-2022-31266 | Missing Authentication for Critical Function vulnerability in Ilias In ILIAS through 7.10, lack of verification when changing an email address (on the Profile Page) allows remote attackers to take over accounts. | 4.3 |
| 2022-06-16 | CVE-2022-24562 | Missing Authentication for Critical Function vulnerability in Iobit Iotransfer 4.3.1.1561 In IOBit IOTransfer 4.3.1.1561, an unauthenticated attacker can send GET and POST requests to Airserv and gain arbitrary read/write access to the entire file-system (with admin privileges) on the victim's endpoint, which can result in data theft and remote code execution. | 9.8 |
| 2022-06-15 | CVE-2021-41418 | Missing Authentication for Critical Function vulnerability in Ariang Project Ariang AriaNg v0.1.0~v1.2.2 is affected by an incorrect access control vulnerability through not authenticating visitors' access rights. | 9.8 |