Vulnerabilities > Missing Authentication for Critical Function
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2022-01-18 | CVE-2022-21691 | Missing Authentication for Critical Function vulnerability in Onionshare OnionShare is an open source tool that lets you securely and anonymously share files, host websites, and chat with friends using the Tor network. | 4.3 |
2022-01-14 | CVE-2022-23227 | Missing Authentication for Critical Function vulnerability in Nuuo Nvrmini2 Firmware NUUO NVRmini2 through 3.11 allows an unauthenticated attacker to upload an encrypted TAR archive, which can be abused to add arbitrary users because of the lack of handle_import_user.php authentication. | 9.8 |
2022-01-11 | CVE-2021-43974 | Missing Authentication for Critical Function vulnerability in Sysaid Itil 20.4.74 An issue was discovered in SysAid ITIL 20.4.74 b10. | 5.3 |
2022-01-04 | CVE-2021-43832 | Missing Authentication for Critical Function vulnerability in Linuxfoundation Spinnaker Spinnaker is an open source, multi-cloud continuous delivery platform. | 9.8 |
2022-01-01 | CVE-2021-43333 | Missing Authentication for Critical Function vulnerability in Datalogic DXU The Datalogic DXU service on (for example) DL-Axist devices does not require authentication for configuration changes or disclosure of configuration settings. | 6.5 |
2021-12-30 | CVE-2021-20150 | Missing Authentication for Critical Function vulnerability in Trendnet Tew-827Dru Firmware 2.08B01 Trendnet AC2600 TEW-827DRU version 2.08B01 improperly discloses information via redirection from the setup wizard. | 5.3 |
2021-12-30 | CVE-2021-20152 | Missing Authentication for Critical Function vulnerability in Trendnet Tew-827Dru Firmware 2.08B01 Trendnet AC2600 TEW-827DRU version 2.08B01 lacks proper authentication to the bittorrent functionality. | 6.5 |
2021-12-30 | CVE-2021-20158 | Missing Authentication for Critical Function vulnerability in Trendnet Tew-827Dru Firmware 2.08B01 Trendnet AC2600 TEW-827DRU version 2.08B01 contains an authentication bypass vulnerability. | 9.8 |
2021-12-30 | CVE-2021-20161 | Missing Authentication for Critical Function vulnerability in Trendnet Tew-827Dru Firmware 2.08B01 Trendnet AC2600 TEW-827DRU version 2.08B01 does not have sufficient protections for the UART functionality. | 6.8 |
2021-12-27 | CVE-2021-45232 | Missing Authentication for Critical Function vulnerability in Apache Apisix Dashboard In Apache APISIX Dashboard before 2.10.1, the Manager API uses two frameworks and introduces framework `droplet` on the basis of framework `gin`, all APIs and authentication middleware are developed based on framework `droplet`, but some API directly use the interface of framework `gin` thus bypassing the authentication. | 9.8 |