Vulnerabilities > Missing Authentication for Critical Function
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-07-09 | CVE-2019-13338 | Missing Authentication for Critical Function vulnerability in Weseek Growi In WESEEK GROWI before 3.5.0, a remote attacker can obtain the password hash of the creator of a page by leveraging wiki access to make API calls for page metadata. | 7.5 |
| 2019-07-09 | CVE-2019-11020 | Missing Authentication for Critical Function vulnerability in Ddrt Dashcom Live Firmware 20190509 Lack of authentication in file-viewing components in DDRT Dashcom Live 2019-05-09 allows anyone to remotely access all claim details by visiting easily guessable dashboard/uploads/claim_files/claim_id_ URLs. | 7.5 |
| 2019-07-09 | CVE-2019-11019 | Missing Authentication for Critical Function vulnerability in Ddrt Dashcom Live Firmware 20190508 Lack of authentication in case-exporting components in DDRT Dashcom Live through 2019-05-08 allows anyone to remotely access all claim details by visiting easily guessable exportpdf/all_claim_detail.php?claim_id= URLs. | 7.5 |
| 2019-07-08 | CVE-2019-12174 | Missing Authentication for Critical Function vulnerability in Hide Hide.Me hide.me before 2.4.4 on macOS suffers from a privilege escalation vulnerability in the connectWithExecutablePath:configFilePath:configFileName method of the me_hide_vpnhelper.Helper class in the me.hide.vpnhelper macOS privilege helper tool. | 7.8 |
| 2019-07-05 | CVE-2019-13344 | Missing Authentication for Critical Function vulnerability in Crudlab WP Like Button An authentication bypass vulnerability in the CRUDLab WP Like Button plugin through 1.6.0 for WordPress allows unauthenticated attackers to change settings. | 5.3 |
| 2019-07-01 | CVE-2019-13131 | Missing Authentication for Critical Function vulnerability in Supermicro Superdoctor 5 Super Micro SuperDoctor 5, when restrictions are not implemented in agent.cfg, allows remote attackers to execute arbitrary commands via NRPE. | 9.8 |
| 2019-07-01 | CVE-2019-4337 | Missing Authentication for Critical Function vulnerability in IBM Robotic Process Automation With Automation Anywhere 11.0.0.0/11.0.0.1/11.0.0.2 IBM Robotic Process Automation with Automation Anywhere 11 could allow an attacker to obtain sensitive information due to missing authentication in Ignite nodes. | 5.3 |
| 2019-06-20 | CVE-2019-12919 | Missing Authentication for Critical Function vulnerability in Cylan products On Shenzhen Cylan Clever Dog Smart Camera DOG-2W and DOG-2W-V4 devices, an attacker on the local network has unauthenticated access to the internal SD card via the HTTP service on port 8000. | 5.5 |
| 2019-06-20 | CVE-2019-1897 | Missing Authentication for Critical Function vulnerability in Cisco Rv110W Firmware, Rv130W Firmware and Rv215W Firmware A vulnerability in the web-based management interface of Cisco RV110W, RV130W, and RV215W Routers could allow an unauthenticated, remote attacker to disconnect clients that are connected to the guest network on an affected router. | 5.3 |
| 2019-06-20 | CVE-2019-1876 | Missing Authentication for Critical Function vulnerability in Cisco Wide Area Application Services 5.5(7)/6.1(1)/6.4(3B) A vulnerability in the HTTPS proxy feature of Cisco Wide Area Application Services (WAAS) Software could allow an unauthenticated, remote attacker to use the Central Manager as an HTTPS proxy. | 5.3 |