Vulnerabilities > Missing Authentication for Critical Function
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-01-18 | CVE-2024-22212 | Missing Authentication for Critical Function vulnerability in Nextcloud Global Site Selector Nextcloud Global Site Selector is a tool which allows you to run multiple small Nextcloud instances and redirect users to the right server. | 9.8 |
| 2024-01-15 | CVE-2023-5253 | Missing Authentication for Critical Function vulnerability in Nozominetworks CMC and Guardian A missing authentication check in the WebSocket channel used for the Check Point IoT integration in Nozomi Networks Guardian and CMC, may allow an unauthenticated attacker to obtain assets data without authentication. Malicious unauthenticated users with knowledge on the underlying system may be able to extract limited asset information. | 7.5 |
| 2024-01-13 | CVE-2023-51062 | Missing Authentication for Critical Function vulnerability in Qstar Archive Storage Manager 30 An unauthenticated log file read in the component log-smblog-save of QStar Archive Solutions RELEASE_3-0 Build 7 Patch 0 allows attackers to disclose the SMB Log contents via executing a crafted command. | 5.3 |
| 2024-01-12 | CVE-2023-31033 | Missing Authentication for Critical Function vulnerability in Nvidia DGX A100 Firmware 00.19.07 NVIDIA DGX A100 BMC contains a vulnerability where a user may cause a missing authentication issue for a critical function by an adjacent network . | 8.0 |
| 2024-01-12 | CVE-2023-49255 | Missing Authentication for Critical Function vulnerability in Hongdian H8951-4G-Esp Firmware The router console is accessible without authentication at "data" field, and while a user needs to be logged in in order to modify the configuration, the session state is shared. | 9.8 |
| 2024-01-11 | CVE-2023-51987 | Missing Authentication for Critical Function vulnerability in Dlink Dir-822 Firmware 1.0.2 D-Link DIR-822+ V1.0.2 contains a login bypass in the HNAP1 interface, which allows attackers to log in to administrator accounts with empty passwords. | 9.8 |
| 2024-01-11 | CVE-2023-51989 | Missing Authentication for Critical Function vulnerability in Dlink Dir-822 Firmware 1.0.2 D-Link DIR-822+ V1.0.2 contains a login bypass in the HNAP1 interface, which allows attackers to log in to administrator accounts with empty passwords. | 9.8 |
| 2024-01-10 | CVE-2022-45794 | Missing Authentication for Critical Function vulnerability in Omron products An attacker with network access to the affected PLC (CJ-series and CS-series PLCs, all versions) may use a network protocol to read and write files on the PLC internal memory and memory card. | 7.5 |
| 2024-01-10 | CVE-2023-40393 | Missing Authentication for Critical Function vulnerability in Apple Macos An authentication issue was addressed with improved state management. | 7.5 |
| 2024-01-03 | CVE-2023-5881 | Missing Authentication for Critical Function vulnerability in Geniecompany Aladdin Connect Garage Door Opener Firmware Unauthenticated access permitted to web interface page The Genie Company Aladdin Connect (Retrofit-Kit Model ALDCM) "Garage Door Control Module Setup" and modify the Garage door's SSID settings. | 8.2 |