Vulnerabilities > Missing Authentication for Critical Function
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2017-07-04 | CVE-2017-10804 | Missing Authentication for Critical Function vulnerability in Odoo 10.0/8.0/9.0 In Odoo 8.0, Odoo Community Edition 9.0 and 10.0, and Odoo Enterprise Edition 9.0 and 10.0, remote attackers can bypass authentication under certain circumstances because parameters containing 0x00 characters are truncated before reaching the database layer. | 9.8 |
2017-06-30 | CVE-2017-6044 | Missing Authentication for Critical Function vulnerability in Sierra Wireless products An Improper Authorization issue was discovered in Sierra Wireless AirLink Raven XE, all versions prior to 4.0.14, and AirLink Raven XT, all versions prior to 4.0.11. | 9.8 |
2017-06-20 | CVE-2017-3216 | Missing Authentication for Critical Function vulnerability in multiple products WiMAX routers based on the MediaTek SDK (libmtk) that use a custom httpd plugin are vulnerable to an authentication bypass allowing a remote, unauthenticated attacker to gain administrator access to the device by performing an administrator password change on the device via a crafted POST request. | 9.8 |
2017-06-13 | CVE-2015-9030 | Missing Authentication for Critical Function vulnerability in Google Android In all Android releases from CAF using the Linux kernel, the Hypervisor API could be misused to bypass authentication. | 7.8 |
2017-06-09 | CVE-2016-7830 | Missing Authentication for Critical Function vulnerability in Sony products Sony PCS-XG100, PCS-XG100S, PCS-XG100C, PCS-XG77, PCS-XG77S, PCS-XG77C devices with firmware versions prior to Ver.1.51 and PCS-XC1 devices with firmware version prior to Ver.1.22 allow an attacker on the same network segment to bypass authentication to perform administrative operations via unspecified vectors. | 8.8 |
2017-04-10 | CVE-2016-5053 | Missing Authentication for Critical Function vulnerability in Osram Lightify Home 1.6.1 OSRAM SYLVANIA Osram Lightify Home before 2016-07-26 allows remote attackers to execute arbitrary commands via TCP port 4000. | 9.8 |
2017-04-10 | CVE-2015-2888 | Missing Authentication for Critical Function vulnerability in Summerinfant Baby Zoom Wifi Monitor Firmware Summer Baby Zoom Wifi Monitor & Internet Viewing System allows remote attackers to bypass authentication, related to the MySnapCam web service. | 9.8 |
2017-03-15 | CVE-2017-3819 | Missing Authentication for Critical Function vulnerability in Cisco ASR 5000 Series Software and Virtualized Packet Core A privilege escalation vulnerability in the Secure Shell (SSH) subsystem in the StarOS operating system for Cisco ASR 5000 Series, ASR 5500 Series, ASR 5700 Series devices, and Cisco Virtualized Packet Core could allow an authenticated, remote attacker to gain unrestricted, root shell access. | 8.8 |
2017-03-02 | CVE-2017-6409 | Missing Authentication for Critical Function vulnerability in Veritas Netbackup and Netbackup Appliance An issue was discovered in Veritas NetBackup 8.0 and earlier and NetBackup Appliance 3.0 and earlier. | 9.8 |
2017-02-13 | CVE-2016-8355 | Missing Authentication for Critical Function vulnerability in Smiths-Medical Cadd-Solis Medication Safety Software An issue was discovered in Smiths-Medical CADD-Solis Medication Safety Software, Version 1.0; 2.0; 3.0; and 3.1. | 9.9 |