Vulnerabilities > Missing Authentication for Critical Function
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-09-10 | CVE-2019-11466 | Missing Authentication for Critical Function vulnerability in Couchbase Server 5.5.0/6.0.0 In Couchbase Server 6.0.0 and 5.5.0, the eventing service exposes system diagnostic profile via an HTTP endpoint that does not require credentials on a port earmarked for internal traffic only. | 5.3 |
| 2019-09-10 | CVE-2019-12105 | Missing Authentication for Critical Function vulnerability in Supervisord Supervisor In Supervisor through 4.0.2, an unauthenticated user can read log files or restart a service. | 8.2 |
| 2019-09-10 | CVE-2019-15896 | Missing Authentication for Critical Function vulnerability in Lifterlms An issue was discovered in the LifterLMS plugin through 3.34.5 for WordPress. | 9.8 |
| 2019-09-09 | CVE-2019-15895 | Missing Authentication for Critical Function vulnerability in Search Exclude Project Search Exclude search-exclude.php in the "Search Exclude" plugin before 1.2.4 for WordPress allows unauthenticated options changes. | 7.5 |
| 2019-09-09 | CVE-2019-10668 | Missing Authentication for Critical Function vulnerability in Librenms An issue was discovered in LibreNMS through 1.47. | 9.1 |
| 2019-09-06 | CVE-2019-15102 | Missing Authentication for Critical Function vulnerability in Sahipro Sahi PRO An issue was discovered in Tyto Sahi Pro 6.x through 8.0.0. | 9.8 |
| 2019-09-03 | CVE-2019-15043 | Missing Authentication for Critical Function vulnerability in Grafana In Grafana 2.x through 6.x before 6.3.4, parts of the HTTP API allow unauthenticated use. | 7.5 |
| 2019-09-03 | CVE-2019-15858 | Missing Authentication for Critical Function vulnerability in Webcraftic Woody AD Snippets admin/includes/class.import.snippet.php in the "Woody ad snippets" plugin before 2.2.5 for WordPress allows unauthenticated options import, as demonstrated by storing an XSS payload for remote code execution. | 8.8 |
| 2019-08-30 | CVE-2019-15819 | Missing Authentication for Critical Function vulnerability in Restaurant Reservations Project Restaurant Reservations The nd-restaurant-reservations plugin before 1.5 for WordPress has no requirement for nd_rst_import_settings_php_function authentication. | 9.8 |
| 2019-08-29 | CVE-2019-13406 | Missing Authentication for Critical Function vulnerability in Androvideo VD 1 Firmware 230 A broken access control vulnerability found in Advan VD-1 firmware versions up to 230. | 7.5 |