Vulnerabilities > Missing Authentication for Critical Function
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-12-21 | CVE-2023-29485 | Missing Authentication for Critical Function vulnerability in Heimdalsecurity Thor An issue was discovered in Heimdal Thor agent versions 3.4.2 and before on Windows and 2.6.9 and before on macOS, allows attackers to bypass network filtering, execute arbitrary code, and obtain sensitive information via DarkLayer Guard threat prevention module. | 9.8 |
| 2023-12-14 | CVE-2023-6368 | Missing Authentication for Critical Function vulnerability in Progress Whatsup Gold In WhatsUp Gold versions released before 2023.1, an API endpoint was found to be missing an authentication mechanism. | 5.3 |
| 2023-12-14 | CVE-2023-6595 | Missing Authentication for Critical Function vulnerability in Progress Whatsup Gold In WhatsUp Gold versions released before 2023.1, an API endpoint was found to be missing an authentication mechanism. | 5.3 |
| 2023-12-13 | CVE-2023-6718 | Missing Authentication for Critical Function vulnerability in Europeana Repox 2.3.7 An authentication bypass vulnerability has been found in Repox, which allows a remote user to send a specially crafted POST request, due to the lack of any authentication method, resulting in the alteration or creation of users. | 7.5 |
| 2023-12-12 | CVE-2023-50263 | Missing Authentication for Critical Function vulnerability in Networktocode Nautobot Nautobot is a Network Source of Truth and Network Automation Platform built as a web application atop the Django Python framework with a PostgreSQL or MySQL database. | 5.3 |
| 2023-12-08 | CVE-2023-32460 | Missing Authentication for Critical Function vulnerability in Dell products Dell PowerEdge BIOS contains an improper privilege management security vulnerability. | 7.8 |
| 2023-11-29 | CVE-2023-49693 | Missing Authentication for Critical Function vulnerability in Netgear Prosafe Network Management System NETGEAR ProSAFE Network Management System has Java Debug Wire Protocol (JDWP) listening on port 11611 and it is remotely accessible by unauthenticated users, allowing attackers to execute arbitrary code. | 9.8 |
| 2023-11-28 | CVE-2023-29061 | Missing Authentication for Critical Function vulnerability in BD Facschorus There is no BIOS password on the FACSChorus workstation. | 5.2 |
| 2023-11-28 | CVE-2023-29063 | Missing Authentication for Critical Function vulnerability in BD Facschorus The FACSChorus workstation does not prevent physical access to its PCI express (PCIe) slots, which could allow a threat actor to insert a PCI card designed for memory capture. | 2.4 |
| 2023-11-28 | CVE-2023-29060 | Missing Authentication for Critical Function vulnerability in BD Facschorus The FACSChorus workstation operating system does not restrict what devices can interact with its USB ports. | 5.7 |