858 matches found
CVE-2024-52437
CVE-2024-52437 affects the WordPress plugin Banner System (versions ≤ 1.0.0). It is a Missing Authentication for Critical Function vulnerability that allows Privilege Escalation . Public details identify the affected version range and the privilege-escalation impact; multiple sources (Wordfence I...
CVE-2024-52438
CVE-2024-52438 corresponds to a Missing Authentication for Critical Function vulnerability in the WordPress plugin de:branding (versions up to 1.0.2). The issue allows Privilege Escalation and affects the plugin as deployed (de:branding: from n/a through 1.0.2). Across connected sources, the vuln...
PT-2024-35278 · Unknown · De:Branding
Name of the Vulnerable Software and Affected Versions: de:branding versions 1.0.2 and earlier Description: The issue is related to a Missing Authentication for Critical Function vulnerability in de:branding, which allows Privilege Escalation. Recommendations: For versions 1.0.2 and earlier, updat...
The vulnerability of CODESYS V3 microprogramming software for WAGO controllers allows a hacker to gain full access to the controller or cause a service failure.
The vulnerability of CODESYS V3 microprogramming software for WAGO controllers is related to the absence of authentication for a critical function. Exploiting this vulnerability could allow an attacker, operating remotely, to gain full access to the controller or cause service failures...
Exploit for Missing Authentication for Critical Function in Paloaltonetworks Pan-Os
!imagehttps://github.com/user-attachments/assets/12f20c84-ca7...
CVE-2024-8074
Missing Authentication for Critical Function, Missing Authorization vulnerability in Nomysoft Informatics Nomysem allows Collect Data as Provided by Users. This issue affects Nomysem: before 13.10.2024...
Fortinet Fortigate - Improper authentication in fgfmd (FG-IR-24-032)
The version of Fortigate installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the FG-IR-24-032 advisory. - A missing authentication for critical function in Fortinet FortiManager version 7.4.0 through 7.4.2, 7.2.0 through 7.2.4,...
The vulnerability of the Schneider Electric Data Center Expert software monitoring tool for equipment information lies in the lack of authentication for a critical function, allowing attackers to gain access to confidential information.
The vulnerability of the Schneider Electric Data Center Expert monitoring software relates to the absence of authentication for a critical function. Exploiting this vulnerability could allow an attacker, operating remotely, to gain access to confidential information...
The vulnerability of the Connector/Python driver component of MySQL Connectors in the Oracle MySQL database management system allows a hacker to gain full control over the application.
The vulnerability of the Connector/Python driver component of MySQL Connectors in the Oracle MySQL database management system is related to the lack of authentication for the critical function. Exploiting this vulnerability allows a malicious actor to gain full control over the application using...
The vulnerability of the microprogrammed logic controller (PLC) Advantech ADAM-5630 software lies in the lack of authentication for a critical function. This allows a intruder to execute arbitrary commands and cause malfunctions in the device’s operation.
The vulnerability of the microprogrammed logic controller PLC Advantech ADAM-5630 software is related to the absence of authentication for the critical function. Exploiting this vulnerability allows a malicious actor to execute arbitrary commands and cause malfunctions in the system...
The vulnerability of the Visual Studio Code extension for Arduino, a code editor for Visual Studio Code, arises from the lack of authentication for a critical function. This allows a hacker to execute arbitrary code.
The vulnerability of the Visual Studio Code extension for Arduino code editor involves a lack of authentication for a critical function. Exploiting this vulnerability allows an attacker to execute arbitrary code remotely...
CVE-2024-9137 Moxa Service Missing Authentication for Critical Function
The affected product lacks an authentication check when sending commands to the server via the Moxa service. This vulnerability allows an attacker to execute specified commands, potentially leading to unauthorized downloads or uploads of configuration files and system compromise...
CVE-2024-8530
CWE-306: Missing Authentication for Critical Function vulnerability exists that could cause exposure of private data when an already generated “logcaptures” archive is accessed directly by HTTPS...
CVE-2024-8530
Schneider Electric Data Center Expert suffers a Missing Authentication for Critical Function (CWE-306) vulnerability that could disclose private data when a pre-generated logcaptures archive is accessed via HTTPS. Affected: Data Center Expert (versions up to 8.1.1.3 and prior). Root cause: lack o...
CVE-2024-8530
CWE-306: Missing Authentication for Critical Function vulnerability exists that could cause exposure of private data when an already generated “logcaptures” archive is accessed directly by HTTPS...
TEM Opera Plus FM Family Transmitter
View CSAF 1. EXECUTIVE SUMMARY CVSS v4 9.3 ATTENTION : Exploitable remotely/low attack complexity/public exploits are available Vendor : TEM Equipment : Opera Plus FM Family Transmitter Vulnerabilities : Missing Authentication for Critical Function, Cross-Site Request Forgery CSRF 2. RISK...
CVE-2024-35293
An unauthenticated remote attacker may use a missing authentication for critical function vulnerability to reboot or erase the affected devices resulting in data loss and/or a DoS...
CVE-2024-35293 Schneider Elektronik Series 700 prone to missing authentication for critical reset function
An unauthenticated remote attacker may use a missing authentication for critical function vulnerability to reboot or erase the affected devices resulting in data loss and/or a DoS...
CVE-2024-35293 Schneider Elektronik Series 700 prone to missing authentication for critical reset function
An unauthenticated remote attacker may use a missing authentication for critical function vulnerability to reboot or erase the affected devices resulting in data loss and/or a DoS...
PT-2024-26419 · Schneider Elektronik · Series 700
Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided descriptions. Description: An unauthenticated remote attacker may use a missing authentication for critical function vulnerability to reboot or erase the affected devices, resulti...