Vulnerabilities > Missing Authentication for Critical Function
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-03-10 | CVE-2022-24396 | Missing Authentication for Critical Function vulnerability in SAP Simple Diagnostics Agent The Simple Diagnostics Agent - versions 1.0 up to version 1.57, does not perform any authentication checks for functionalities that can be accessed via localhost on http port 3005. | 7.8 |
| 2022-03-10 | CVE-2022-20060 | Missing Authentication for Critical Function vulnerability in Google Android 10.0/11.0/12.0 In preloader (usb), there is a possible permission bypass due to a missing proper image authentication. | 6.6 |
| 2022-03-04 | CVE-2021-46384 | Missing Authentication for Critical Function vulnerability in Mingsoft Mcms https://gitee.com/mingSoft/MCMS MCMS <=5.2.5 is affected by: RCE. | 7.5 |
| 2022-02-26 | CVE-2022-25359 | Missing Authentication for Critical Function vulnerability in Iclinks Scadaflex II Firmware and Weblib On ICL ScadaFlex II SCADA Controller SC-1 and SC-2 1.03.07 devices, unauthenticated remote attackers can overwrite, delete, or create files. | 9.1 |
| 2022-02-24 | CVE-2020-10640 | Missing Authentication for Critical Function vulnerability in Emerson Openenterprise Scada Server 2.8.3/3.1/3.3.3 Emerson OpenEnterprise versions through 3.3.4 may allow an attacker to run an arbitrary commands with system privileges or perform remote code execution via a specific communication service. | 10.0 |
| 2022-02-14 | CVE-2021-46371 | Missing Authentication for Critical Function vulnerability in Antd-Admin Project Antd-Admin 5.5.0 antd-admin 5.5.0 is affected by an incorrect access control vulnerability. | 5.0 |
| 2022-02-14 | CVE-2022-0188 | Missing Authentication for Critical Function vulnerability in Niteothemes CMP The CMP WordPress plugin before 4.0.19 allows any user, even not logged in, to arbitrarily change the coming soon page layout. | 5.3 |
| 2022-02-11 | CVE-2021-22805 | Missing Authentication for Critical Function vulnerability in Schneider-Electric Interactive Graphical Scada System Data Collector A CWE-306: Missing Authentication for Critical Function vulnerability exists that could cause deletion of arbitrary files in the context of the user running IGSS due to lack of validation of network messages. | 5.0 |
| 2022-02-11 | CVE-2021-22823 | Missing Authentication for Critical Function vulnerability in Schneider-Electric Interactive Graphical Scada System Data Collector A CWE-306: Missing Authentication for Critical Function vulnerability exists that could cause deletion of arbitrary files in the context of the user running IGSS due to lack of validation of network messages. | 5.0 |
| 2022-02-10 | CVE-2021-31814 | Missing Authentication for Critical Function vulnerability in Stormshield Network Security In Stormshield 1.1.0, and 2.1.0 through 2.9.0, an attacker can block a client from accessing the VPN and can obtain sensitive information through the SN VPN SSL Client. | 6.1 |