855 matches found
GO-2025-3620 Mattermost Missing Authentication for Critical Function in github.com/mattermost/mattermost-server
Mattermost Missing Authentication for Critical Function in github.com/mattermost/mattermost-server...
The vulnerability of Prisma Access Browser lies in the lack of authentication checks for a critical function, allowing attackers to escalate their privileges.
The vulnerability of Prisma Access Browser is related to the lack of authentication checks for a critical function. Exploiting this vulnerability can allow an attacker, operating remotely, to increase their privileges...
Can LLMs Handle WebShell Detection? Overcoming Detection Challenges with Behavioral Function-Aware Framework
WebShell attacks, in which malicious scripts are injected into web servers, are a major cybersecurity threat. Traditional machine learning and deep learning methods are hampered by issues such as the need for extensive training data, catastrophic forgetting, and poor generalization. Recently, Lar...
CVE-2025-3474
Missing Authentication for Critical Function vulnerability in Drupal Panels allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Panels: from 0.0.0 before 4.9.0...
CVE-2025-3474
Missing Authentication for Critical Function vulnerability in Drupal Panels allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Panels: from 0.0.0 before 4.9.0...
CVE-2025-29870
Missing authentication for critical function vulnerability exists in Wi-Fi AP UNIT 'AC-WPS-11ac series'. If exploited, a remote unauthenticated attacker may obtain the product configuration information including authentication information...
Missing Authentication for Critical Function
Overview langflow is an A Python package with a built-in web application Affected versions of this package are vulnerable to Missing Authentication for Critical Function at the /api/v1/validate/code endpoint, which allows an attacker to execute arbitrary code by sending malicious HTTP requests...
CVE-2025-25060
CVE-2025-25060 affects Hammock AssetView and AssetView CLOUD with a missing authentication for a critical function (CWE-306). An unauthenticated remote attacker could obtain and/or delete files on the server running AssetView. Affected versions: AssetView prior to 13.2.0 and AssetView CLOUD prior...
CVE-2024-45483
A Missing Authentication for Critical Function vulnerability in the GRUB configuration used B APROL 4.4-01 may allow an unauthenticated physical attacker to alter the boot configuration of the operating system...
CVE-2024-45483
A Missing Authentication for Critical Function vulnerability in the GRUB configuration used B&R APROL 4.4-01 may allow an unauthenticated physical attacker to alter the boot configuration of the operating system...
Missing Authentication for Critical Function
Overview Affected versions of this package are vulnerable to Missing Authentication for Critical Function due to search APIs including user search, channel search, and team search failing to enforce multifactor authentication. Remediation Upgrade...
Missing Authentication for Critical Function
Overview Affected versions of this package are vulnerable to Missing Authentication for Critical Function due to servePluginRequest failing to enforce multifactor authentication for plugins, even when MFA is meant to be enabled. Remediation Upgrade...
Missing Authentication for Critical Function
Overview github.com/mattermost/mattermost/server/channels/app is a private-cloud Slack alternative Affected versions of this package are vulnerable to Missing Authentication for Critical Function due to servePluginRequest failing to enforce multifactor authentication for plugins, even when MFA is...
Missing Authentication for Critical Function
Overview Affected versions of this package are vulnerable to Missing Authentication for Critical Function due to servePluginRequest failing to enforce multifactor authentication for plugins, even when MFA is meant to be enabled. Remediation Upgrade...
Missing Authentication for Critical Function
Overview github.com/mattermost/mattermost/server/v8/channels/web is a platform for secure collaboration across the entire software development lifecycle Affected versions of this package are vulnerable to Missing Authentication for Critical Function due to servePluginRequest failing to enforce...
CVE-2024-23943
An unauthenticated remote attacker can gain access to the cloud API due to a lack of authentication for a critical function in the affected devices. Availability is not affected...
CVE-2024-23943 MB connect line: Cloud API access due to a lack of authentication for a critical function
An unauthenticated remote attacker can gain access to the cloud API due to a lack of authentication for a critical function in the affected devices. Availability is not affected...
CVE-2024-23943
CVE-2024-23943 affects MB Connect Line mbCONNECT24 devices. The root cause is a lack of authentication for a critical function, enabling unauthenticated remote attackers to access the cloud API. Vulnerable versions are mbCONNECT24 prior to 2.16.2; remediation is upgrading to 2.16.2 or later. Impa...
NVIDIA Riva gRPC API Missing Authentication for Critical Function Authentication Bypass Vulnerability
This vulnerability allows remote attackers to bypass authentication on affected installations of NVIDIA Riva. Authentication is not required to exploit this vulnerability. The specific flaw exists within the rivaquickstart component. The issue results from the lack of authentication prior to...
CVE-2025-27256
Missing Authentication for Critical Function vulnerability in GE Vernova Enervista UR Setup application allows Authentication Bypass due to a missing SSH server authentication. Since the client connection is not authenticated, an attacker may perform a man-in-the-middle attack on the network...