849 matches found
CVE-2025-13483 Missing Authentication for Critical Function in SiRcom SMART Alert (SiSA)
SiRcom SMART Alert SiSA allows unauthorized access to backend APIs. This allows an unauthenticated attacker to bypass the login screen using browser developer tools, gaining access to restricted parts of the application...
CVE-2025-13483
SiRcom SMART Alert (SiSA) is affected by a Missing Authentication vulnerability that lets an unauthenticated attacker access backend APIs and bypass the login screen via browser developer tools, gaining access to restricted parts of the application. The CVE-2025-13483 entry notes a high-severity ...
Oracle Fusion Middleware Missing Authentication for Critical Function Vulnerability
Oracle Fusion Middleware contains a missing authentication for critical function vulnerability, allowing unauthenticated remote attackers to take over Identity Manager...
Missing Authentication for Critical Function
Overview Affected versions of this package are vulnerable to Missing Authentication for Critical Function due to the lack of multi-factor authentication enforcement in WebSocket connections. An attacker can gain unauthorized access to sensitive information by establishing a WebSocket connection...
Missing Authentication for Critical Function
Overview Affected versions of this package are vulnerable to Missing Authentication for Critical Function due to the lack of multi-factor authentication enforcement in WebSocket connections. An attacker can gain unauthorized access to sensitive information by establishing a WebSocket connection...
Missing Authentication for Critical Function
Overview Affected versions of this package are vulnerable to Missing Authentication for Critical Function via the MSTeams plugin OAuth flow. An attacker can modify arbitrary posts by sending a crafted OAuth redirect URL. Remediation Upgrade github.com/mattermost/mattermost/server/channels/api4 to...
Missing Authentication for Critical Function
Overview Affected versions of this package are vulnerable to Missing Authentication for Critical Function via the MSTeams plugin OAuth flow. An attacker can modify arbitrary posts by sending a crafted OAuth redirect URL. Remediation Upgrade...
Missing Authentication for Critical Function
Overview github.com/mattermost/mattermost/server/channels/app is a private-cloud Slack alternative Affected versions of this package are vulnerable to Missing Authentication for Critical Function via the MSTeams plugin OAuth flow. An attacker can modify arbitrary posts by sending a crafted OAuth...
Missing Authentication for Critical Function
Overview Affected versions of this package are vulnerable to Missing Authentication for Critical Function via the MSTeams plugin OAuth flow. An attacker can modify arbitrary posts by sending a crafted OAuth redirect URL. Remediation Upgrade...
Missing Authentication for Critical Function
Overview Affected versions of this package are vulnerable to Missing Authentication for Critical Function via the MSTeams plugin OAuth flow. An attacker can modify arbitrary posts by sending a crafted OAuth redirect URL. Remediation Upgrade...
Missing Authentication for Critical Function
Overview Affected versions of this package are vulnerable to Missing Authentication for Critical Function via the MSTeams plugin OAuth flow. An attacker can modify arbitrary posts by sending a crafted OAuth redirect URL. Remediation Upgrade github.com/mattermost/mattermost/server/public/model to...
Missing Authentication for Critical Function
Overview Affected versions of this package are vulnerable to Missing Authentication for Critical Function via the MSTeams plugin OAuth flow. An attacker can modify arbitrary posts by sending a crafted OAuth redirect URL. Remediation Upgrade github.com/mattermost/mattermost/server/channels/web to...
Missing Authentication for Critical Function
Overview Affected versions of this package are vulnerable to Missing Authentication for Critical Function via the MSTeams plugin OAuth flow. An attacker can modify arbitrary posts by sending a crafted OAuth redirect URL. Remediation Upgrade github.com/mattermost/mattermost/server/channels/store t...
Exploit for Missing Authentication for Critical Function in Erlang Erlang\/Otp
CVE-2025-3243...
CVE-2025-47357 Missing Authentication for Critical Function in SMSS
Information Disclosure when a user-level driver performs QFPROM read or write operations on Fuse regions...
CVE-2025-47357
CVE-2025-47357 describes an information-disclosure vulnerability in Qualcomm chipsets where a user-level driver can perform QFPROM read or write operations on fuse regions. The root cause is consistently described as an access-control/authorization issue that allows local (user-level) operations ...
Exploit for Missing Authentication for Critical Function in Oracle Marketing
⚠️ CVE‑2025‑53072 & CVE‑2025‑62481 Critical Vulnerabilities...
Siemens SIMATIC ET 200SP Communication Processors Missing Authentication For Critical Function (CVE-2025-40771)
Affected devices do not properly authenticate configuration connections. This could allow an unauthenticated remote attacker to access the configuration data. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900...
CVE-2025-43994
Dell Storage Center - Dell Storage Manager, versions DSM 20.1.21, contains a Missing Authentication for Critical Function vulnerability. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to Information disclosure...
Missing Authentication for Critical Function
Overview Affected versions of this package are vulnerable to Missing Authentication for Critical Function via the /api/v1/secret, and /api/v1/service endpoints. An attacker can retrieve sensitive cluster information by sending unauthenticated requests directly to exposed API paths. Workaround Thi...