CVE-2025-5192

A missing authentication for critical function vulnerability in the client application of Soar Cloud HRD Human Resource Management System through version 7.3.2025.0408 allows remote attackers to bypass authentication and access application functions...

CVE-2025-5192

A missing authentication for critical function vulnerability in the client application of Soar Cloud HRD Human Resource Management System through version 7.3.2025.0408 allows remote attackers to bypass authentication and access application functions...

CVE-2025-5192

Affected software: Soar Cloud HRD Human Resource Management System (client application) up to version 7.3.2025.0408. Vulnerability: Missing authentication for a critical function, allowing remote attackers to bypass authentication and access application functions. Root cause / details: Described ...

The vulnerability of the JetBrains YouTrack project and task management software, related to the lack of authentication for a critical function, allows attackers to gain unauthorized access to protected information.

The vulnerability of the JetBrains YouTrack project and task management software lies in the lack of authentication for a critical function. Exploiting this vulnerability could allow an attacker to gain unauthorized access to protected information...

CVE-2025-1907 Instantel Micromate Missing Authentication for Critical Function

Instantel Micromate lacks authentication on a configuration port which could allow an attacker to execute commands if connected...

CVE-2025-41651

Due to missing authentication on a critical function of the devices an unauthenticated remote attacker can execute arbitrary commands, potentially enabling unauthorized upload or download of configuration files and leading to full system compromise...

CVE-2025-48746

Netwrix Directory Manager formerly Imanami GroupID v.11.0.0.0 and before, as well as after v.11.1.25134.03 lacks Authentication for a Critical Function...

CVE-2025-22252

A missing authentication for critical function in Fortinet FortiProxy versions 7.6.0 through 7.6.1, FortiSwitchManager version 7.2.5, and FortiOS versions 7.4.4 through 7.4.6 and version 7.6.0 may allow an attacker with knowledge of an existing admin account to access the device as a valid admin...

CVE-2025-48746

Netwrix Directory Manager formerly Imanami GroupID v.11.0.0.0 and before, as well as after v.11.1.25134.03 lacks Authentication for a Critical Function...

CVE-2025-48746

Netwrix Directory Manager (formerly Imanami GroupID) v11.0.0.0 and earlier, and post-v11.1.25134.03, lack authentication for a critical function. Root cause beyond “lack of authentication” is not detailed in the provided sources. CVSSv3.1 base score 6.5 (NETWORK, LOW confidentiality/integrity imp...

CVE-2024-43272

Missing Authentication for Critical Function vulnerability in icegram Icegram allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Icegram: from n/a through 3.1.24...

CVE-2024-8530

CWE-306: Missing Authentication for Critical Function vulnerability exists that could cause exposure of private data when an already generated “logcaptures” archive is accessed directly by HTTPS...

CVE-2024-38643

A missing authentication for critical function vulnerability has been reported to affect Notes Station 3. If exploited, the vulnerability could allow remote attackers to gain access to and execute certain functions. We have already fixed the vulnerability in the following version: Notes Station 3...

CVE-2023-22441

Missing authentication for critical function exists in Seiko Solutions SkyBridge series, which may allow a remote attacker to obtain or alter the setting information of the product or execute some critical functions without authentication, e.g., rebooting the product. Affected products and versio...

CVE-2023-1837

Missing Authentication for critical function vulnerability in HYPR Server allows Authentication Bypass when using Legacy APIs.This issue affects HYPR Server: before 8.0 with enabled Legacy APIs...

CVE-2023-37226

Loftware Spectrum before 4.6 HF14 has Missing Authentication for a Critical Function...

CVE-2023-23453

Missing Authentication for Critical Function in SICK FX0-GENT v3 Firmware Version V3.04 and V3.05 allows an unprivileged remote attacker to achieve arbitrary remote code execution via maliciously crafted RK512 commands to the listener on TCP port 9000...

CVE-2023-23906

Missing authentication for critical function exists in SkyBridge MB-A100/110 firmware Ver. 4.2.0 and earlier, which may allow a remote unauthenticated attacker to execute some critical functions without authentication, e.g., rebooting the product...

CVE-2023-27980

A CWE-306: Missing Authentication for Critical Function vulnerability exists in the Data Server TCP interface that could allow the creation of a malicious report file in the IGSS project report directory, this could lead to remote code execution when a victim eventually opens the report. Affected...

CVE-2022-30317

Honeywell Experion LX through 2022-05-06 has Missing Authentication for a Critical Function. According to FSCT-2022-0055, there is a Honeywell Experion LX Control Data Access CDA EpicMo protocol with unauthenticated functionality issue. The affected components are characterized as: Honeywell...