Vulnerabilities > Missing Authentication for Critical Function

DATE	CVE	VULNERABILITY TITLE	RISK
2022-02-04	CVE-2021-21964	Missing Authentication for Critical Function vulnerability in Sealevel Seaconnect 370W Firmware 1.3.34 A denial of service vulnerability exists in the Modbus configuration functionality of Sealevel Systems, Inc. network low complexity sealevel CWE-306	7.4
2022-01-31	CVE-2021-44255	Missing Authentication for Critical Function vulnerability in multiple products Authenticated remote code execution in MotionEye <= 0.42.1 and MotioneEyeOS <= 20200606 allows a remote attacker to upload a configuration backup file containing a malicious python pickle file which will execute arbitrary code on the server. network low complexity motioneye-project motioneyeos-project CWE-306	7.2
2022-01-28	CVE-2021-26264	Missing Authentication for Critical Function vulnerability in Emerson products A specially crafted script could cause the DeltaV Distributed Control System Controllers (All Versions) to restart and cause a denial-of-service condition. local low complexity emerson CWE-306	5.5
2022-01-25	CVE-2022-23944	Missing Authentication for Critical Function vulnerability in Apache Shenyu 2.4.0/2.4.1 User can access /plugin api without authentication. network low complexity apache CWE-306 critical	9.1
2022-01-25	CVE-2022-23945	Missing Authentication for Critical Function vulnerability in Apache Shenyu 2.4.0/2.4.1 Missing authentication on ShenYu Admin when register by HTTP. network low complexity apache CWE-306	7.5
2022-01-21	CVE-2021-33843	Missing Authentication for Critical Function vulnerability in Fresenius-Kabi Agilia SP MC Wifi Firmware D25 Fresenius Kabi Agilia SP MC WiFi vD25 and prior has a default configuration page accessible without authentication. network low complexity fresenius-kabi CWE-306	5.3
2022-01-21	CVE-2022-23220	Missing Authentication for Critical Function vulnerability in Usbview Project Usbview USBView 2.1 before 2.2 allows some local users (e.g., ones logged in via SSH) to execute arbitrary code as root because certain Polkit settings (e.g., allow_any=yes) for pkexec disable the authentication requirement. local low complexity usbview-project CWE-306	7.8
2022-01-19	CVE-2021-23843	Missing Authentication for Critical Function vulnerability in Bosch products The Bosch software tools AccessIPConfig.exe and AmcIpConfig.exe are used to configure certains settings in AMC2 devices. local low complexity bosch CWE-306	7.8
2022-01-18	CVE-2022-21691	Missing Authentication for Critical Function vulnerability in Onionshare OnionShare is an open source tool that lets you securely and anonymously share files, host websites, and chat with friends using the Tor network. network low complexity onionshare CWE-306	4.3
2022-01-14	CVE-2022-23227	Missing Authentication for Critical Function vulnerability in Nuuo Nvrmini2 Firmware NUUO NVRmini2 through 3.11 allows an unauthenticated attacker to upload an encrypted TAR archive, which can be abused to add arbitrary users because of the lack of handle_import_user.php authentication. network low complexity nuuo CWE-306 critical	9.8