Vulnerabilities > Missing Authentication for Critical Function
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-02-25 | CVE-2019-9125 | Missing Authentication for Critical Function vulnerability in D-Link Dir-878 Firmware 1.12B01 An issue was discovered on D-Link DIR-878 1.12B01 devices. | 9.8 |
| 2019-02-24 | CVE-2019-9082 | Missing Authentication for Critical Function vulnerability in multiple products ThinkPHP before 3.2.4, as used in Open Source BMS v1.1.1 and other products, allows Remote Command Execution via public//?s=index/\think\app/invokefunction&function=call_user_func_array&vars[0]=system&vars[1][]= followed by the command. | 8.8 |
| 2019-02-21 | CVE-2019-8985 | Missing Authentication for Critical Function vulnerability in Netis-Systems Wf2411 Firmware and Wf2880 Firmware On Netis WF2411 with firmware 2.1.36123 and other Netis WF2xxx devices (possibly WF2411 through WF2880), there is a stack-based buffer overflow that does not require authentication. | 9.8 |
| 2019-02-15 | CVE-2019-0261 | Missing Authentication for Critical Function vulnerability in SAP Landscape Management 3.0 Under certain circumstances, SAP HANA Extended Application Services, advanced model (XS advanced) does not perform authentication checks properly for XS advanced platform and business users. | 9.8 |
| 2019-02-13 | CVE-2019-6543 | Missing Authentication for Critical Function vulnerability in Aveva Indusoft web Studio and Intouch Machine Edition 2014 AVEVA Software, LLC InduSoft Web Studio prior to Version 8.1 SP3 and InTouch Edge HMI (formerly InTouch Machine Edition) prior to Version 2017 Update. | 9.8 |
| 2019-02-12 | CVE-2019-6533 | Missing Authentication for Critical Function vulnerability in Kunbus Pr100088 Modbus Gateway Firmware 1.0.10232/1.1.13166 Registers used to store Modbus values can be read and written from the web interface without authentication in the PR100088 Modbus gateway versions prior to Release R02 (or Software Version 1.1.13166). | 9.1 |
| 2019-02-05 | CVE-2019-7390 | Missing Authentication for Critical Function vulnerability in Dlink Dir-823G Firmware 1.02B03 An issue was discovered in /bin/goahead on D-Link DIR-823G devices with firmware 1.02B03. | 8.6 |
| 2019-02-05 | CVE-2019-7389 | Missing Authentication for Critical Function vulnerability in Dlink Dir-823G Firmware 1.02B03 An issue was discovered in /bin/goahead on D-Link DIR-823G devices with the firmware 1.02B03. | 7.5 |
| 2019-01-16 | CVE-2019-6447 | Missing Authentication for Critical Function vulnerability in Estrongs ES File Explorer File Manager The ES File Explorer File Manager application through 4.1.9.7.4 for Android allows remote attackers to read arbitrary files or execute applications via TCP port 59777 requests on the local Wi-Fi network. | 8.1 |
| 2019-01-11 | CVE-2018-15466 | Missing Authentication for Critical Function vulnerability in Cisco Policy Suite for Mobile 12.0.0 A vulnerability in the Graphite web interface of the Policy and Charging Rules Function (PCRF) of Cisco Policy Suite (CPS) could allow an unauthenticated, remote attacker to access the Graphite web interface. | 3.7 |