854 matches found
Missing Authentication for Critical Function
Overview Affected versions of this package are vulnerable to Missing Authentication for Critical Function via improper path normalization in the whitelist logic. An attacker can gain unauthorized access to protected API endpoints by sending crafted requests that bypass authentication checks. This...
Exploit for Missing Authentication for Critical Function in Jetbrains Teamcity
Bash Command Examples Batch Scanning python teamcit...
CVE-2025-15026
Missing Authentication for Critical Function vulnerability in Centreon Infra Monitoring centreon-awie Awie import module allows Accessing Functionality Not Properly Constrained by ACLs. This issue affects Infra Monitoring: from 25.10.0 before 25.10.2, from 24.10.0 before 24.10.3, from 24.04.0...
CVE-2025-15026
CVE-2025-15026 affects Centreon Infra Monitoring, specifically the centreon-awie (Awie import module). The root cause is a missing authentication check for a critical function, allowing access to functionality not properly constrained by ACLs. Affected versions are: 25.10.0–25.10.1 (before 25.10....
EUVD-2026-0848
Missing Authentication for Critical Function vulnerability in Centreon Infra Monitoring centreon-awie Awie import module allows Accessing Functionality Not Properly Constrained by ACLs. This issue affects Infra Monitoring: from 25.10.0 before 25.10.2, from 24.10.0 before 24.10.3, from 24.04.0...
CVE-2025-66377
Pexip Infinity before 39.0 has Missing Authentication for a Critical Function in a product-internal API, allowing an attacker who already has access to execute code on one node within a Pexip Infinity installation to impact the operation of other nodes within the installation...
Exploit for Missing Authentication for Critical Function in Erlang Erlang\/Otp
cve...
EUVD-2025-205373
Pexip Infinity before 39.0 has Missing Authentication for a Critical Function in a product-internal API, allowing an attacker who already has access to execute code on one node within a Pexip Infinity installation to impact the operation of other nodes within the installation...
CVE-2025-66377
Pexip Infinity before 39.0 has Missing Authentication for a Critical Function in a product-internal API, allowing an attacker who already has access to execute code on one node within a Pexip Infinity installation to impact the operation of other nodes within the installation...
CVE-2025-12049
Missing Authentication for Critical Function vulnerability in Sharp Display Solutions Media Player MP-01 All Verisons allows a attacker may access to the web interface of the affected product without authentication and change settings or perform other operations, and deliver content from the...
CVE-2025-12049
Missing Authentication for Critical Function vulnerability in Sharp Display Solutions Media Player MP-01 All Verisons allows a attacker may access to the web interface of the affected product without authentication and change settings or perform other operations, and deliver content from the...
CVE-2025-12049
CVE-2025-12049 affects Sharp Display Solutions Media Player MP-01. The connected documents identify a Missing Authentication for Critical Function (CWE-306) vulnerability that allows an attacker to access the device’s web interface without authentication, change settings or perform other operatio...
EUVD-2025-204698
Missing Authentication for Critical Function vulnerability in Sharp Display Solutions Media Player MP-01 All Verisons allows a attacker may access to the web interface of the affected product without authentication and change settings or perform other operations, and deliver content from the...
Siemens LOGO! 8 BM Devices Buffer Copy Without Checking Size of Input (CVE-2025-40815)
A vulnerability has been identified in - LOGO! 12/24RCE 6ED1052-1MD08-0BA2 All versions - LOGO! 12/24RCEo 6ED1052-2MD08-0BA2 All versions - LOGO! 230RCE 6ED1052-1FB08-0BA2 All versions - LOGO! 230RCEo 6ED1052-2FB08-0BA2 All versions - LOGO! 24CE 6ED1052-1CC08-0BA2 All versions - LOGO! 24CEo...
Siemens LOGO! 8 BM Devices Buffer Copy Without Checking Size of Input (CVE-2025-40815)
A vulnerability has been identified in - LOGO! 12/24RCE 6ED1052-1MD08-0BA2 All versions - LOGO! 12/24RCEo 6ED1052-2MD08-0BA2 All versions - LOGO! 230RCE 6ED1052-1FB08-0BA2 All versions - LOGO! 230RCEo 6ED1052-2FB08-0BA2 All versions - LOGO! 24CE 6ED1052-1CC08-0BA2 All versions - LOGO! 24CEo...
Missing Authentication for Critical Function
Overview open-webui is an Open WebUI Affected versions of this package are vulnerable to Missing Authentication for Critical Function via the /api/config endpoint. An attacker can access sensitive system configuration data by sending unauthenticated GET requests to this endpoint. Remediation Ther...
Exploit for Missing Authentication for Critical Function in Langflow
Langflow RCE Exploit - CVE-2025-3248 ⚠️ Disclaimer...
CVE-2025-59516
Missing authentication for critical function in Windows Storage VSP Driver allows an authorized attacker to elevate privileges locally...
EUVD-2025-202233
Missing authentication for critical function in Windows Storage VSP Driver allows an authorized attacker to elevate privileges locally...
EUVD-2025-201167
Missing authentication for critical function vulnerability in BeeDrive in Synology BeeDrive for desktop before 1.4.2-13960 allows local users to execute arbitrary code via unspecified vectors...