855 matches found
CVE-2025-53191
CVE-2025-53191 entry is rejected/not used and does not represent an active vulnerability.
CVE-2025-53191
...
PT-2025-32568
Name of the Vulnerable Software and Affected Versions: ABB Aspect affected versions not specified Description: A missing authentication issue exists for a critical function in ABB Aspect. This allows unauthorized access to sensitive functionality. Recommendations: At the moment, there is no...
PT-2025-32195 · Aomei · Aomei Cyber Backup
Name of the Vulnerable Software and Affected Versions: AOMEI Cyber Backup affected versions not specified Description: AOMEI Cyber Backup suffers from a missing authentication flaw for a critical function, potentially leading to remote code execution. Recommendations: At the moment, there is no...
The vulnerability of the mcp dev tool for testing and debugging MCP servers, MCP Inspector, allows a attacker to perform a CSRF attack.
The vulnerability of the mcp dev tool for testing and debugging MCP servers, MCP Inspector, is related to the lack of authentication for the critical function. Exploiting this vulnerability allows a remote attacker to perform a CSRF attack...
PT-2025-31383 · Suse · Suse Manager Server Module 4.3 +4
Name of the Vulnerable Software and Affected Versions: SUSE Manager versions prior to 0.3.7-150600.3.6.2 SUSE Manager versions prior to 5.0.14-150600.4.17.1 Image SLES15-SP4-Manager-Server-4-3-BYOS versions prior to 4.3.33-150400.3.55.2 Image SLES15-SP4-Manager-Server-4-3-BYOS-Azure versions prio...
The vulnerability of Trend Micro Worry-Free Business Security (WFBS) and Worry-Free Business Security Services (WFBSS) lies in the lack of authentication for a critical function, allowing attackers to gain full control over the application.
The vulnerability of Trend Micro Worry-Free Business Security WFBS and Worry-Free Business Security Services WFBSS lies in the lack of authentication for a critical function. Exploiting this vulnerability can allow an attacker, operating remotely, to gain full control over the application...
CVE-2025-48733 DuraComm DP-10iN-100-MU Missing Authentication for Critical Function
DuraComm SPM-500 DP-10iN-100-MU lacks access controls for a function that should require user authentication. This could allow an attacker to repeatedly reboot the device...
Missing Authentication for Critical Function
Overview MoneyPrinterTurbo is a Simply provide a topic or keyword for a video, and it will automatically generate the video copy, video materials, video subtitles, and video background music before synthesizing a high-definition short video.. Affected versions of this package are vulnerable to...
Missing Authentication for Critical Function
Overview github.com/mattermost/mattermost/server/channels/app is a private-cloud Slack alternative Affected versions of this package are vulnerable to Missing Authentication for Critical Function in the deduplicateCreatePost method. An attacker can access posts in private channels without proper...
CVE-2025-7031
Missing Authentication for Critical Function vulnerability in Drupal Config Pages Viewer allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Config Pages Viewer: from 0.0.0 before 1.0.4...
Epson Web Installer for Mac vulnerable to missing authentication for critical function
Overview Epson Web Installer for Mac provided by SEIKO EPSON CORPORATION contains a missing authentication for critical function vulnerability. Epson Web Installer for Mac provided by SEIKO EPSON CORPORATION is used to install drivers for SEIKO EPSON's products. It contains "helper tool" and...
The vulnerability of the GFIAgent service, a software-based network filtering solution from Kerio Control, allows attackers to bypass existing security mechanisms.
The vulnerability of the GFIAgent software, a network filtering tool from Kerio Control, is related to the lack of authentication for a critical function. Exploiting this vulnerability allows an attacker to bypass existing security mechanisms by sending specially crafted HTTP requests...
Missing Authentication for Critical Function
Overview xinference is a Xorbits InferenceXinference is a powerful and versatile library designed to serve language, speech recognition, and multimodal models. With Xorbits Inference, you can effortlessly deploy and serve your or state-of-the-art built-in models using just a single command. Wheth...
CVE-2025-3699
Missing Authentication for Critical Function vulnerability in Mitsubishi Electric Corporation G-50 all versions, G-50-W all versions, G-50A all versions, GB-50 all versions, GB-50A all versions, GB-24A all versions, G-150AD all versions, AG-150A-A all versions, AG-150A-J all versions, GB-50AD all...
Missing Authentication for Critical Function
Overview Affected versions of this package are vulnerable to Missing Authentication for Critical Function via the rekey process. An attacker can disrupt critical security operations by sending unauthenticated requests to cancel root rekey and recovery rekey operations. This can result in denial o...
Missing Authentication for Critical Function
Overview Affected versions of this package are vulnerable to Missing Authentication for Critical Function via the rekey process. An attacker can disrupt critical security operations by sending unauthenticated requests to cancel root rekey and recovery rekey operations. This can result in denial o...
CVE-2025-3090
An unauthenticated remote attacker can obtain limited sensitive information and/or DoS the device due to missing authentication for critical function...
CVE-2025-3090
An unauthenticated remote attacker can obtain limited sensitive information and/or DoS the device due to missing authentication for critical function...
The vulnerability of the software for configuring and setting up devices of the Universal Relay (UR) series, GE Vernova Enervista UR Setup, stems from the lack of authenticity verification for a critical function. This allows attackers to carry out “man-in-the-middle” type attacks.
The vulnerability of the software for configuring and setting up Universal Relay UR devices from GE Vernova Enervista UR Setup is related to the lack of authenticity verification for a critical function. Exploiting this vulnerability allows an attacker who operates remotely to carry out...