Vulnerabilities > Missing Authentication for Critical Function
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-09-22 | CVE-2020-3977 | Missing Authentication for Critical Function vulnerability in VMWare Horizon Daas 7.0.0/8.0.0/8.0.1 VMware Horizon DaaS (7.x and 8.x before 8.0.1 Update 1) contains a broken authentication vulnerability due to a flaw in the way it handled the first factor authentication. | 6.5 |
| 2020-09-15 | CVE-2020-23512 | Missing Authentication for Critical Function vulnerability in VR CAM P1 Firmware VR CAM P1 Model P1 v1 has an incorrect access control vulnerability where an attacker can obtain complete access of the device from web (remote) without authentication. | 9.8 |
| 2020-09-15 | CVE-2020-16098 | Missing Authentication for Critical Function vulnerability in Gallagher Command Centre It is possible to enumerate access card credentials via an unauthenticated network connection to the server in versions of Command Centre v8.20 prior to v8.20.1166(MR3), versions of 8.10 prior to v8.10.1211(MR5), versions of 8.00 prior to v8.00.1228(MR6), all versions of 7.90 and earlier. | 9.8 |
| 2020-09-14 | CVE-2020-13289 | Missing Authentication for Critical Function vulnerability in Gitlab A vulnerability was discovered in GitLab versions before 13.1.10, 13.2.8 and 13.3.4. | 5.4 |
| 2020-09-10 | CVE-2020-13920 | Missing Authentication for Critical Function vulnerability in multiple products Apache ActiveMQ uses LocateRegistry.createRegistry() to create the JMX RMI registry and binds the server to the "jmxrmi" entry. | 5.9 |
| 2020-09-10 | CVE-2020-5780 | Missing Authentication for Critical Function vulnerability in Icegram Email Subscribers & Newsletters Missing Authentication for Critical Function in Icegram Email Subscribers & Newsletters Plugin for WordPress prior to version 4.5.6 allows a remote, unauthenticated attacker to conduct unauthenticated email forgery/spoofing. | 5.3 |
| 2020-09-03 | CVE-2020-11579 | Missing Authentication for Critical Function vulnerability in Chadhaajay PHPkb 9.0 An issue was discovered in Chadha PHPKB 9.0 Enterprise Edition. | 7.5 |
| 2020-09-02 | CVE-2020-12621 | Missing Authentication for Critical Function vulnerability in Teamwire 5.3.0 The Teamwire application 5.3.0 for Android allows physically proximate attackers to exploit a flaw related to the pass-code component. | 6.1 |
| 2020-08-31 | CVE-2020-25048 | Missing Authentication for Critical Function vulnerability in Google Android 10.0 An issue was discovered on Samsung mobile devices with Q(10.0) (with ONEUI 2.1) software. | 4.6 |
| 2020-08-31 | CVE-2020-24363 | Missing Authentication for Critical Function vulnerability in Tp-Link Tl-Wa855Re Firmware 20200415 TP-Link TL-WA855RE V5 20200415-rel37464 devices allow an unauthenticated attacker (on the same network) to submit a TDDP_RESET POST request for a factory reset and reboot. | 8.8 |