CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

855 matches found

NVD•added 2023/11/16 8:15 a.m.•18 views

CVE-2023-47674

Missing authentication for critical function vulnerability in First Corporation's DVRs allows a remote unauthenticated attacker to rewrite or obtain the configuration information of the affected device. Note that updates are provided only for Late model of CFR-4EABC, CFR-4EAB, CFR-8EAB, CFR-16EAB...

9.8CVSS0.01264EPSS

Exploits0References3

Cvelist•added 2023/11/16 7:28 a.m.•27 views

CVE-2023-47674

9.7AI score0.01264EPSS

Exploits0References3

Vulnrichment•added 2023/11/16 7:28 a.m.•4 views

CVE-2023-47674

7.3AI score0.01264EPSS

Exploits0References3

CISA KEV Catalog•added 2023/11/13 12:0 a.m.•20 views

Juniper Junos OS SRX Series Missing Authentication for Critical Function Vulnerability

Juniper Junos OS on SRX Series contains a missing authentication for critical function vulnerability that allows an unauthenticated, network-based attacker to cause limited impact to the file system integrity. With a specific request to webauthoperation.php that doesn't require authentication, an...

5.3CVSS7.8AI score0.011EPSS

In wildExploits0

CISA KEV Catalog•added 2023/11/13 12:0 a.m.•24 views

Juniper Junos OS EX Series Missing Authentication for Critical Function Vulnerability

Juniper Junos OS on EX Series contains a missing authentication for critical function vulnerability that allows an unauthenticated, network-based attacker to cause limited impact to the file system integrity. With a specific request to installAppPackage.php that doesn't require authentication, an...

5.3CVSS7.8AI score0.84692EPSS

In wildExploits2

CISA KEV Catalog•added 2023/11/13 12:0 a.m.•36 views

Juniper Junos OS SRX Series Missing Authentication for Critical Function Vulnerability

Juniper Junos OS on SRX Series contains a missing authentication for critical function vulnerability that allows an unauthenticated, network-based attacker to cause limited impact to the file system integrity. With a specific request to user.php that doesn't require authentication, an attacker is...

5.3CVSS7.8AI score0.94205EPSS

In wildExploits4

BDU FSTEC•added 2023/11/02 12:0 a.m.•6 views

The vulnerability of the microprogrammed software of the programmable logic controller LS ELECTRIC XBC-DN32U lies in the lack of authentication for a critical function. This allows attackers to escalate their privileges and gain control over the device.

The vulnerability of the microprogrammed logic controller LS ELECTRIC XBC-DN32U lies in the absence of authentication for a critical function. Exploiting this vulnerability allows an attacker to enhance their privileges and gain control over the device...

10CVSS7.8AI score0.00708EPSS

Exploits0References2Affected Software1

BDU FSTEC•added 2023/11/02 12:0 a.m.•4 views

The vulnerability of the Kavita Kavitareader software for reading e-books in the Kavita format lies in the lack of authentication for a critical function. This allows attackers to influence the confidentiality and integrity of the protected information.

The vulnerability of the Kavita Kavitareader software for reading e-books in the Kavita format is related to the lack of authentication for a critical function. Exploiting this vulnerability could allow an attacker to influence the confidentiality and integrity of the protected information...

8.5CVSS5.5AI score0.00484EPSS

Exploits1References3Affected Software1

GithubExploit•added 2023/11/01 9:31 a.m.•633 views

Exploit for Missing Authentication for Critical Function in F5 Big-Ip_Access_Policy_Manager

Vulnerability Details fofa： title="BIG-IP" || i...

9.8CVSS9.6AI score0.96515EPSS

Exploits17

BDU FSTEC•added 2023/10/12 12:0 a.m.•2 views

The vulnerability of the software implementation of the GTP protocol (GPRS Tunneling Protocol) for Open5GS mobile communication networks lies in the lack of authentication for a critical function, allowing attackers to access confidential information.

The vulnerability of the software implementation of the GTP protocol GPRS Tunneling Protocol for mobile communication networks based on Open5GS is related to the absence of authentication for the critical function. Exploiting this vulnerability can allow a malicious actor to gain access to...

7.8CVSS7.2AI score0.00427EPSS

Exploits0References2Affected Software1

Veracode•added 2023/09/28 5:55 a.m.•15 views

Missing Authentication For Critical Function

github.com/cilium/cilium is vulnerable to Missing Authentication. The vulnerability is due to the ValidateCNP function in validator.go which lacks checks for a policy with any malicious or incorrectly match configurations, allowing an attacker to create policies that bypass namespace restrictions...

8.1CVSS6.7AI score0.00408EPSS

Exploits0References6Affected Software1

ATTACKERKB•added 2023/09/27 3:18 p.m.•33 views

CVE-2023-36851

A Missing Authentication for Critical Function vulnerability in Juniper Networks Junos OS on SRX Series allows an unauthenticated, network-based attacker to cause limited impact to the file system integrity. With a specific request to webauthoperation.php that doesn't require authentication, an...

5.3CVSS6.4AI score0.011EPSS

In wildExploits0References2Affected Software1

NVD•added 2023/09/14 9:15 a.m.•18 views

CVE-2023-4516

A CWE-306: Missing Authentication for Critical Function vulnerability exists in the IGSS Update Service that could allow a local attacker to change update source, potentially leading to remote code execution when the attacker force an update containing malicious content...

7.8CVSS7.5AI score0.00173EPSS

Exploits0References1