Vulnerabilities > Missing Authentication for Critical Function
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2019-12-10 | CVE-2013-1793 | Missing Authentication for Critical Function vulnerability in Redhat Openstack and Openstack Essex openstack-utils openstack-db has insecure password creation | 5.0 |
2019-12-03 | CVE-2019-5164 | Missing Authentication for Critical Function vulnerability in multiple products An exploitable code execution vulnerability exists in the ss-manager binary of Shadowsocks-libev 3.3.2. | 4.6 |
2019-12-03 | CVE-2019-5163 | Missing Authentication for Critical Function vulnerability in multiple products An exploitable denial-of-service vulnerability exists in the UDPRelay functionality of Shadowsocks-libev 3.3.2. | 4.3 |
2019-12-02 | CVE-2019-12503 | Missing Authentication for Critical Function vulnerability in Inateck Bcst-60 Firmware Due to unencrypted and unauthenticated data communication, the wireless barcode scanner Inateck BCST-60 is prone to keystroke injection attacks. | 10.0 |
2019-12-02 | CVE-2019-12392 | Missing Authentication for Critical Function vulnerability in Anviz Firmware Anviz access control devices allow remote attackers to issue commands without a password. | 7.5 |
2019-12-02 | CVE-2019-12390 | Missing Authentication for Critical Function vulnerability in Anviz Firmware Anviz access control devices expose private Information (pin code and name) by allowing remote attackers to query this information without credentials via port tcp/5010. | 5.0 |
2019-12-02 | CVE-2019-12389 | Missing Authentication for Critical Function vulnerability in Anviz Firmware Anviz access control devices expose credentials (names and passwords) by allowing remote attackers to query this information without credentials via port tcp/5010. | 5.0 |
2019-11-27 | CVE-2011-2187 | Missing Authentication for Critical Function vulnerability in multiple products xscreensaver before 5.14 crashes during activation and leaves the screen unlocked when in Blank Only Mode and when DPMS is disabled, which allows local attackers to access resources without authentication. | 4.6 |
2019-11-26 | CVE-2019-16243 | Missing Authentication for Critical Function vulnerability in Alcatelmobile Cingular Flip 2 Firmware B9Huah1 On TCL Alcatel Cingular Flip 2 B9HUAH1 devices, there is an undocumented web API that allows unprivileged JavaScript, including JavaScript running within the KaiOS browser, to view and edit the device's firmware over-the-air update settings. | 4.3 |
2019-11-14 | CVE-2019-18980 | Missing Authentication for Critical Function vulnerability in Philips Taolight Smart Wi-Fi WIZ Connected LED Bulb 9290022656 Firmware On Signify Philips Taolight Smart Wi-Fi Wiz Connected LED Bulb 9290022656 devices, an unprotected API lets remote users control the bulb's operation. | 5.0 |