Vulnerabilities > Missing Authentication for Critical Function

DATE CVE VULNERABILITY TITLE RISK
2024-06-13 CVE-2024-38279 Missing Authentication for Critical Function vulnerability in Motorola Vigilant Fixed LPR Coms BOX Firmware
The affected product is vulnerable to an attacker modifying the bootloader by using custom arguments to bypass authentication and gain access to the file system and obtain password hashes.
low complexity
motorola CWE-306
4.6
2024-06-11 CVE-2024-2013 Missing Authentication for Critical Function vulnerability in Hitachienergy Foxman-Un and Unem
An authentication bypass vulnerability exists in the FOXMAN-UN/UNEM server / API Gateway component that if exploited allows attackers without any access to interact with the services and the post-authentication attack surface.
network
low complexity
hitachienergy CWE-306
critical
10.0
2024-06-06 CVE-2024-22326 Missing Authentication for Critical Function vulnerability in IBM Ds8900F Firmware
IBM System Storage DS8900F 89.22.19.0, 89.30.68.0, 89.32.40.0, 89.33.48.0, 89.40.83.0, and 89.40.93.0 could allow a remote user to create an LDAP connection with a valid username and empty password to establish an anonymous connection.
network
low complexity
ibm CWE-306
6.3
2024-06-06 CVE-2024-37152 Missing Authentication for Critical Function vulnerability in Argoproj Argo CD
Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes.
network
low complexity
argoproj CWE-306
7.5
2024-05-29 CVE-2024-36470 Missing Authentication for Critical Function vulnerability in Jetbrains Teamcity
In JetBrains TeamCity before 2022.04.7, 2022.10.6, 2023.05.6, 2023.11.5 authentication bypass was possible in specific edge cases
network
low complexity
jetbrains CWE-306
critical
9.8
2024-05-08 CVE-2024-2860 Missing Authentication for Critical Function vulnerability in Broadcom Brocade Sannav
The PostgreSQL implementation in Brocade SANnav versions before 2.3.0a is vulnerable to an incorrect local authentication flaw.
local
low complexity
broadcom CWE-306
7.8
2024-05-06 CVE-2024-3661 Missing Authentication for Critical Function vulnerability in multiple products
DHCP can add routes to a client’s routing table via the classless static route option (121).
7.6
2024-05-03 CVE-2023-50199 Missing Authentication for Critical Function vulnerability in Dlink G416 Firmware 1.08B02
D-Link G416 httpd Missing Authentication for Critical Function Remote Code Execution Vulnerability.
low complexity
dlink CWE-306
8.8
2024-05-03 CVE-2023-41186 Missing Authentication for Critical Function vulnerability in Dlink Dap-1325 Firmware 1.07B01
D-Link DAP-1325 CGI Missing Authentication Information Disclosure Vulnerability.
low complexity
dlink CWE-306
6.5
2024-05-03 CVE-2023-41187 Missing Authentication for Critical Function vulnerability in Dlink Dap-1325 Firmware 1.07B01
D-Link DAP-1325 HNAP Missing Authentication Remote Code Execution Vulnerability.
low complexity
dlink CWE-306
8.8