Vulnerabilities > Missing Authentication for Critical Function

DATE	CVE	VULNERABILITY TITLE	RISK
2022-02-10	CVE-2022-24111	Missing Authentication for Critical Function vulnerability in Mahara In Mahara 21.04 before 21.04.3 and 21.10 before 21.10.1, portfolios created in groups that have not been shared with non-group members and portfolios created on the site and institution levels can be viewed without requiring a login if the URL to these portfolios is known. network low complexity mahara CWE-306	5.3
2022-02-07	CVE-2022-21816	Missing Authentication for Critical Function vulnerability in Nvidia Cloud Gaming Virtual GPU and Virtual GPU NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager (nvidia.ko), where a user in the guest OS can cause a GPU interrupt storm on the hypervisor host, leading to a denial of service. local low complexity nvidia CWE-306	5.5
2022-02-04	CVE-2021-21964	Missing Authentication for Critical Function vulnerability in Sealevel Seaconnect 370W Firmware 1.3.34 A denial of service vulnerability exists in the Modbus configuration functionality of Sealevel Systems, Inc. network low complexity sealevel CWE-306	7.4
2022-01-31	CVE-2021-44255	Missing Authentication for Critical Function vulnerability in multiple products Authenticated remote code execution in MotionEye <= 0.42.1 and MotioneEyeOS <= 20200606 allows a remote attacker to upload a configuration backup file containing a malicious python pickle file which will execute arbitrary code on the server. network low complexity motioneye-project motioneyeos-project CWE-306	7.2
2022-01-28	CVE-2021-26264	Missing Authentication for Critical Function vulnerability in Emerson products A specially crafted script could cause the DeltaV Distributed Control System Controllers (All Versions) to restart and cause a denial-of-service condition. local low complexity emerson CWE-306	5.5
2022-01-25	CVE-2022-23944	Missing Authentication for Critical Function vulnerability in Apache Shenyu 2.4.0/2.4.1 User can access /plugin api without authentication. network low complexity apache CWE-306 critical	9.1
2022-01-25	CVE-2022-23945	Missing Authentication for Critical Function vulnerability in Apache Shenyu 2.4.0/2.4.1 Missing authentication on ShenYu Admin when register by HTTP. network low complexity apache CWE-306	7.5
2022-01-21	CVE-2021-33843	Missing Authentication for Critical Function vulnerability in Fresenius-Kabi Agilia SP MC Wifi Firmware D25 Fresenius Kabi Agilia SP MC WiFi vD25 and prior has a default configuration page accessible without authentication. network low complexity fresenius-kabi CWE-306	5.3
2022-01-21	CVE-2022-23220	Missing Authentication for Critical Function vulnerability in Usbview Project Usbview USBView 2.1 before 2.2 allows some local users (e.g., ones logged in via SSH) to execute arbitrary code as root because certain Polkit settings (e.g., allow_any=yes) for pkexec disable the authentication requirement. local low complexity usbview-project CWE-306	7.8
2022-01-19	CVE-2021-23843	Missing Authentication for Critical Function vulnerability in Bosch products The Bosch software tools AccessIPConfig.exe and AmcIpConfig.exe are used to configure certains settings in AMC2 devices. local low complexity bosch CWE-306	7.8