Vulnerabilities > Missing Authentication for Critical Function

DATE	CVE	VULNERABILITY TITLE	RISK
2022-02-09	CVE-2022-22809	Missing Authentication for Critical Function vulnerability in Schneider-Electric products A CWE-306: Missing Authentication for Critical Function vulnerability exists that could allow modifications of the touch configurations in an unauthorized manner when an attacker attempts to modify the touch configurations. network low complexity schneider-electric CWE-306	5.3
2022-02-07	CVE-2022-21816	Missing Authentication for Critical Function vulnerability in Nvidia Cloud Gaming Virtual GPU and Virtual GPU NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager (nvidia.ko), where a user in the guest OS can cause a GPU interrupt storm on the hypervisor host, leading to a denial of service. local low complexity nvidia CWE-306	5.5
2022-02-04	CVE-2021-21964	Missing Authentication for Critical Function vulnerability in Sealevel Seaconnect 370W Firmware 1.3.34 A denial of service vulnerability exists in the Modbus configuration functionality of Sealevel Systems, Inc. network low complexity sealevel CWE-306	7.4
2022-01-31	CVE-2021-44255	Missing Authentication for Critical Function vulnerability in multiple products Authenticated remote code execution in MotionEye <= 0.42.1 and MotioneEyeOS <= 20200606 allows a remote attacker to upload a configuration backup file containing a malicious python pickle file which will execute arbitrary code on the server. network low complexity motioneye-project motioneyeos-project CWE-306	7.2
2022-01-28	CVE-2021-26264	Missing Authentication for Critical Function vulnerability in Emerson products A specially crafted script could cause the DeltaV Distributed Control System Controllers (All Versions) to restart and cause a denial-of-service condition. local low complexity emerson CWE-306	5.5
2022-01-25	CVE-2021-34870	Missing Authentication for Critical Function vulnerability in Netgear Xr1000 1.0.0.521.0.38 This vulnerability allows network-adjacent attackers to disclose sensitive information on affected installations of NETGEAR XR1000 1.0.0.52_1.0.38 routers. low complexity netgear CWE-306	6.5
2022-01-25	CVE-2022-23944	Missing Authentication for Critical Function vulnerability in Apache Shenyu 2.4.0/2.4.1 User can access /plugin api without authentication. network low complexity apache CWE-306 critical	9.1
2022-01-25	CVE-2022-23945	Missing Authentication for Critical Function vulnerability in Apache Shenyu 2.4.0/2.4.1 Missing authentication on ShenYu Admin when register by HTTP. network low complexity apache CWE-306	7.5
2022-01-21	CVE-2021-33843	Missing Authentication for Critical Function vulnerability in Fresenius-Kabi Agilia SP MC Wifi Firmware D25 Fresenius Kabi Agilia SP MC WiFi vD25 and prior has a default configuration page accessible without authentication. network low complexity fresenius-kabi CWE-306	5.3
2022-01-21	CVE-2022-23220	Missing Authentication for Critical Function vulnerability in Usbview Project Usbview USBView 2.1 before 2.2 allows some local users (e.g., ones logged in via SSH) to execute arbitrary code as root because certain Polkit settings (e.g., allow_any=yes) for pkexec disable the authentication requirement. local low complexity usbview-project CWE-306	7.8