Vulnerabilities > Missing Authentication for Critical Function
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-01-21 | CVE-2022-23220 | Missing Authentication for Critical Function vulnerability in Usbview Project Usbview USBView 2.1 before 2.2 allows some local users (e.g., ones logged in via SSH) to execute arbitrary code as root because certain Polkit settings (e.g., allow_any=yes) for pkexec disable the authentication requirement. | 7.8 |
| 2022-01-19 | CVE-2021-23843 | Missing Authentication for Critical Function vulnerability in Bosch products The Bosch software tools AccessIPConfig.exe and AmcIpConfig.exe are used to configure certains settings in AMC2 devices. | 4.6 |
| 2022-01-18 | CVE-2022-21691 | Missing Authentication for Critical Function vulnerability in Onionshare OnionShare is an open source tool that lets you securely and anonymously share files, host websites, and chat with friends using the Tor network. | 4.0 |
| 2022-01-14 | CVE-2022-23227 | Missing Authentication for Critical Function vulnerability in Nuuo Nvrmini2 Firmware NUUO NVRmini2 through 3.11 allows an unauthenticated attacker to upload an encrypted TAR archive, which can be abused to add arbitrary users because of the lack of handle_import_user.php authentication. | 10.0 |
| 2022-01-11 | CVE-2021-43974 | Missing Authentication for Critical Function vulnerability in Sysaid Itil 20.4.74 An issue was discovered in SysAid ITIL 20.4.74 b10. | 5.0 |
| 2022-01-04 | CVE-2021-43832 | Missing Authentication for Critical Function vulnerability in Linuxfoundation Spinnaker Spinnaker is an open source, multi-cloud continuous delivery platform. | 7.5 |
| 2022-01-01 | CVE-2021-43333 | Missing Authentication for Critical Function vulnerability in Datalogic DXU The Datalogic DXU service on (for example) DL-Axist devices does not require authentication for configuration changes or disclosure of configuration settings. | 5.8 |
| 2021-12-30 | CVE-2021-20150 | Missing Authentication for Critical Function vulnerability in Trendnet Tew-827Dru Firmware 2.08B01 Trendnet AC2600 TEW-827DRU version 2.08B01 improperly discloses information via redirection from the setup wizard. | 5.0 |
| 2021-12-30 | CVE-2021-20152 | Missing Authentication for Critical Function vulnerability in Trendnet Tew-827Dru Firmware 2.08B01 Trendnet AC2600 TEW-827DRU version 2.08B01 lacks proper authentication to the bittorrent functionality. | 5.8 |
| 2021-12-30 | CVE-2021-20158 | Missing Authentication for Critical Function vulnerability in Trendnet Tew-827Dru Firmware 2.08B01 Trendnet AC2600 TEW-827DRU version 2.08B01 contains an authentication bypass vulnerability. | 7.5 |