Vulnerabilities > Missing Authentication for Critical Function
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-03-10 | CVE-2022-26143 | Missing Authentication for Critical Function vulnerability in Mitel Micollab and Mivoice Business Express The TP-240 (aka tp240dvr) component in Mitel MiCollab before 9.4 SP1 FP1 and MiVoice Business Express through 8.1 allows remote attackers to obtain sensitive information and cause a denial of service (performance degradation and excessive outbound traffic). | 9.8 |
| 2022-03-10 | CVE-2022-20060 | Missing Authentication for Critical Function vulnerability in Google Android 10.0/11.0/12.0 In preloader (usb), there is a possible permission bypass due to a missing proper image authentication. | 6.6 |
| 2022-03-04 | CVE-2021-46384 | Missing Authentication for Critical Function vulnerability in Mingsoft Mcms https://gitee.com/mingSoft/MCMS MCMS <=5.2.5 is affected by: RCE. | 9.8 |
| 2022-02-26 | CVE-2022-25359 | Missing Authentication for Critical Function vulnerability in Iclinks Scadaflex II Firmware and Weblib On ICL ScadaFlex II SCADA Controller SC-1 and SC-2 1.03.07 devices, unauthenticated remote attackers can overwrite, delete, or create files. | 9.1 |
| 2022-02-24 | CVE-2020-10640 | Missing Authentication for Critical Function vulnerability in Emerson Openenterprise Scada Server 2.8.3/3.1/3.3.3 Emerson OpenEnterprise versions through 3.3.4 may allow an attacker to run an arbitrary commands with system privileges or perform remote code execution via a specific communication service. | 9.8 |
| 2022-02-14 | CVE-2021-46371 | Missing Authentication for Critical Function vulnerability in Antd-Admin Project Antd-Admin 5.5.0 antd-admin 5.5.0 is affected by an incorrect access control vulnerability. | 7.5 |
| 2022-02-14 | CVE-2022-0188 | Missing Authentication for Critical Function vulnerability in Niteothemes CMP The CMP WordPress plugin before 4.0.19 allows any user, even not logged in, to arbitrarily change the coming soon page layout. | 5.3 |
| 2022-02-10 | CVE-2021-31814 | Missing Authentication for Critical Function vulnerability in Stormshield Network Security In Stormshield 1.1.0, and 2.1.0 through 2.9.0, an attacker can block a client from accessing the VPN and can obtain sensitive information through the SN VPN SSL Client. | 6.1 |
| 2022-02-10 | CVE-2022-24111 | Missing Authentication for Critical Function vulnerability in Mahara In Mahara 21.04 before 21.04.3 and 21.10 before 21.10.1, portfolios created in groups that have not been shared with non-group members and portfolios created on the site and institution levels can be viewed without requiring a login if the URL to these portfolios is known. | 5.3 |
| 2022-02-07 | CVE-2022-21816 | Missing Authentication for Critical Function vulnerability in Nvidia Cloud Gaming Virtual GPU and Virtual GPU NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager (nvidia.ko), where a user in the guest OS can cause a GPU interrupt storm on the hypervisor host, leading to a denial of service. | 5.5 |