Vulnerabilities > Missing Authentication for Critical Function
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-04-30 | CVE-2019-10950 | Missing Authentication for Critical Function vulnerability in Fujifilm products Fujifilm FCR Capsula X/ Carbon X/ FCR XC-2, model versions CR-IR 357 FCR Carbon X, CR-IR 357 FCR XC-2, FCR-IR 357 FCR Capsula X provide insecure telnet services that lack authentication requirements. | 9.8 |
| 2019-04-24 | CVE-2019-8993 | Missing Authentication for Critical Function vulnerability in Tibco products The administrative web server component of TIBCO Software Inc.'s TIBCO ActiveMatrix BPM, TIBCO ActiveMatrix BPM Distribution for TIBCO Silver Fabric, TIBCO ActiveMatrix Policy Director, TIBCO ActiveMatrix Service Bus, TIBCO ActiveMatrix Service Grid, TIBCO ActiveMatrix Service Grid Distribution for TIBCO Silver Fabric, TIBCO Silver Fabric Enabler for ActiveMatrix BPM, and TIBCO Silver Fabric Enabler for ActiveMatrix Service Grid contains a vulnerability that could theoretically allow an unauthenticated user to download a file with credentials information. | 9.8 |
| 2019-04-23 | CVE-2019-7727 | Missing Authentication for Critical Function vulnerability in Nice Engage 6.5 In NICE Engage through 6.5, the default configuration binds an unauthenticated JMX/RMI interface to all network interfaces, without restricting registration of MBeans, which allows remote attackers to execute arbitrary code via the RMI protocol by using the JMX connector. | 9.8 |
| 2019-04-19 | CVE-2019-10886 | Missing Authentication for Critical Function vulnerability in Sony Photo Sharing Plus 6.5830 An incorrect access control exists in the Sony Photo Sharing Plus application in the firmware before PKG6.5629 version (for the X7500D TV and other applicable TVs). | 5.9 |
| 2019-04-18 | CVE-2019-11321 | Missing Authentication for Critical Function vulnerability in Motorola CX2 Firmware and M2 Firmware An issue was discovered in Motorola CX2 1.01 and M2 1.01. | 5.3 |
| 2019-04-17 | CVE-2019-1654 | Missing Authentication for Critical Function vulnerability in Cisco Ap-Cos A vulnerability in the development shell (devshell) authentication for Cisco Aironet Series Access Points (APs) running the Cisco AP-COS operating system could allow an authenticated, local attacker to access the development shell without proper authentication, which allows for root access to the underlying Linux OS. | 7.8 |
| 2019-04-10 | CVE-2019-10946 | Missing Authentication for Critical Function vulnerability in Joomla Joomla! An issue was discovered in Joomla! before 3.9.5. | 7.5 |
| 2019-04-09 | CVE-2019-3941 | Missing Authentication for Critical Function vulnerability in Advantech Webaccess 8.3.4 Advantech WebAccess 8.3.4 allows unauthenticated, remote attackers to delete arbitrary files via IOCTL 10005 RPC. | 7.5 |
| 2019-04-01 | CVE-2019-5514 | Missing Authentication for Critical Function vulnerability in VMWare Fusion 11.0.0/11.0.1/11.0.2 VMware VMware Fusion (11.x before 11.0.3) contains a security vulnerability due to certain unauthenticated APIs accessible through a web socket. | 8.8 |
| 2019-03-28 | CVE-2019-6542 | Missing Authentication for Critical Function vulnerability in Enttec products ENTTEC Datagate MK2, Storm 24, Pixelator all firmware versions prior to (70044,70050,70060)_update_05032019-482 allows an unauthenticated user to initiate a remote reboot, which may be used to cause a denial of service condition. | 7.5 |