MoneyPrinterTurbo 访问控制错误漏洞

MoneyPrinterTurbo is a software by Harry's personal developer that generates short HD videos using AI macromodels. An access control error vulnerability exists in MoneyPrinterTurbo version 1.2.6 and earlier, which stems from a lack of authentication in the function verifytoken in the file...

CyberArk Conjur 安全漏洞

CyberArk Conjur is an open source key management software from CyberArk. A security vulnerability exists in CyberArk Conjur that stems from a lack of authentication and could lead to privilege bypass...

NovelSat NS3000和NovelSat NS2000 安全漏洞

The NovelSat NS3000 and NovelSat NS2000 are both satellite modems from NovelSat, an Israeli company. A security vulnerability exists in NovelSat NS3000 and NovelSat NS2000 that stems from a lack of authentication checks and could lead to session hijacking. The following products and versions are...

Mitsubishi Electric多款产品 访问控制错误漏洞

The Mitsubishi Electric G-50, among others, is an air conditioning centralized controller from Mitsubishi Electric Mitsubishi Electric of Japan. An access control error vulnerability exists in various Mitsubishi Electric products, which stems from a lack of authentication for critical functions a...

The vulnerability of the Rockwell Automation FactoryTalk View SE HMI software lies in the lack of authentication for critical functions. This allows attackers to bypass security restrictions and write arbitrary files.

The vulnerability of the Rockwell Automation FactoryTalk View SE human-machine interface control software is related to the lack of authentication for critical functions. Exploiting this vulnerability allows a malicious actor to bypass security restrictions and write arbitrary files...

CVE-2025-5906

A vulnerability classified as critical has been found in code-projects Laundry System 1.0. This affects an unknown part of the file /data/. The manipulation leads to missing authentication. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be use...

eGauge EG3000 Energy Monitor 访问控制错误漏洞

The eGauge EG3000 Energy Monitor is an energy monitor from eGauge, Inc. An access control error vulnerability exists in eGauge EG3000 Energy Monitor version 3.6.3, which stems from a lack of authentication...

PT-2025-24427 · Lucky · Lucky Lm-520-Fsc +2

Name of the Vulnerable Software and Affected Versions: Lucky LM-520-SC, LM-520-FSC and LM-520-FSC-SAM up to 20250321 Description: A vulnerability classified as problematic was found in the affected devices, leading to missing authentication. The manipulation can be launched remotely, and the...

CVE-2025-2407

Missing Authentication & Authorization in Web-API in Mobatime AMX MTAPI v6 on IIS allows adversaries to unrestricted access via the network. The vulnerability is fixed in Version 1.5...

The vulnerability of Nomad application orchestrators, related to the lack of authorization, allows attackers to gain unauthorized access to protected information.

The vulnerability of Nomad application orchestrators is related to the lack of authentication. Exploiting this vulnerability can allow an attacker operating remotely to gain unauthorized access to protected information...

CVE-2024-20391

A vulnerability in the Network Access Manager NAM module of Cisco Secure Client could allow an unauthenticated attacker with physical access to an affected device to elevate privileges to SYSTEM. This vulnerability is due to a lack of authentication on a specific function. A successful exploit...

CVE-2024-9866

The Event Tickets with Ticket Scanner plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'data' parameters in all versions up to, and including, 2.4.4 due to insufficient input sanitization and output escaping and missing authorization on the functionality to manage tickets...

CVE-2023-0116

The reminder module lacks an authentication mechanism for broadcasts received. Successful exploitation of this vulnerability may affect availability...

CVE-2023-27256

Missing authentication in the GetLogFiles method in IDAttend’s IDWeb application 3.1.052 and earlier allows retrieval of sensitive log files by unauthenticated attackers...

CVE-2023-27259

Missing authentication in the GetAssignmentsDue method in IDAttend’s IDWeb application 3.1.052 and earlier allows extraction of sensitive student and teacher data by unauthenticated attackers...

Checkmk 安全漏洞

Checkmk is an IT monitoring platform from Checkmk, Inc. A security vulnerability exists in Checkmk version 2.4.0 that originates from accessing agent deployment files containing sensitive information without authentication...

The vulnerability of the SSH protocol implementation in the Erlang/OTP library lies in the lack of authentication checks for a critical function, allowing attackers to execute arbitrary code.

The vulnerability of the SSH protocol implementation in the Erlang/OTP library set is related to the lack of authentication checks for a critical function. Exploiting this vulnerability allows an attacker operating remotely to execute arbitrary code by sending specially crafted SSH packets...

CVE-2025-31381 WordPress Booking Calendar and Notification plugin <= 4.0.3 - Broken Authentication vulnerability

Missing Authorization vulnerability in shiptrack Booking Calendar and Notification allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Booking Calendar and Notification: from n/a through 4.0.3...

The vulnerability of the monitoring and control application for SAP Just In Time lies in the lack of authorization, which allows a perpetrator to compromise the integrity of the protected information.

The vulnerability of the monitoring and control application for SAP Just In Time is related to the absence of authentication. Exploiting this vulnerability allows a malicious actor to remotely influence the integrity of the protected information...

IBM UrbanCode Deploy（IBM UCD）和IBM DevOps Deploy 安全漏洞

IBM UrbanCode Deploy IBM UCD and IBM DevOps Deploy are both products of International Business Machines IBM.IBM UrbanCode Deploy is a suite of application automation deployment tools. The tool is based on an application deployment automation management information model, and through remote agent...