CVE-2022-30313

Honeywell Experion PKS Safety Manager through 2022-05-06 has Missing Authentication for a Critical Function. According to FSCT-2022-0051, there is a Honeywell Experion PKS Safety Manager multiple proprietary protocols with unauthenticated functionality issue. The affected components are...

The vulnerability of GRUB, a software solution for monitoring the status of industrial systems like B&R APROL, allows an intruder to influence the confidentiality, integrity, and accessibility of protected information.

The vulnerability of GRUB, a software solution for monitoring the status of B&R APROL industrial systems, lies in the absence of authentication for a critical function. Exploiting this vulnerability could allow an intruder to influence the confidentiality, integrity, and accessibility of protecte...

CVE-2022-4018

Missing Authentication for Critical Function in GitHub repository ikus060/rdiffweb prior to 2.5.0a6...

CVE-2022-3327

Missing Authentication for Critical Function in GitHub repository ikus060/rdiffweb prior to 2.5.0a6...

CVE-2022-41331

A missing authentication for critical function vulnerability CWE-306 in FortiPresence infrastructure server before version 1.2.1 allows a remote, unauthenticated attacker to access the Redis and MongoDB instances via crafted authentication requests...

CVE-2021-22322

There is a Missing Authentication for Critical Function vulnerability in Huawei Smartphone. Successful exploitation of this vulnerability may impair data confidentiality...

CVE-2020-5780

Missing Authentication for Critical Function in Icegram Email Subscribers & Newsletters Plugin for WordPress prior to version 4.5.6 allows a remote, unauthenticated attacker to conduct unauthenticated email forgery/spoofing...

Missing Authentication for Critical Function

Overview org.springframework.security:spring-security-core is a package that provides security services for the Spring IO Platform. Affected versions of this package are vulnerable to Missing Authentication for Critical Function due to improperly locating method security annotations on private...

CVE-2025-32738

Missing authentication for critical function issue exists in I-O DATA network attached hard disk 'HDL-T Series' firmware Ver.1.21 and earlier. If exploited, a remote unauthenticated attacker may change the product settings...

The vulnerability of the web server of the microprogramming software for the Modbus AutomationDirect MB-Gateway allows a perpetrator to gain unauthorized access to the device.

The vulnerability of the web server of the microprogramming-based Modbus AutomationDirect MB-Gateway software lies in the absence of an authentication mechanism for a critical function. Exploiting this vulnerability could allow an attacker, operating remotely, to gain unauthorized access to the...

CVE-2025-32738

Missing authentication for critical function issue exists in I-O DATA network attached hard disk 'HDL-T Series' firmware Ver.1.21 and earlier. If exploited, a remote unauthenticated attacker may change the product settings...

Fortinet Fortigate TACACS+ authentication bypass (FG-IR-24-472)

The version of Fortigate installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the FG-IR-24-472 advisory. - A missing authentication for critical function in Fortinet FortiProxy versions 7.6.0 through 7.6.1, FortiSwitchManager...

The vulnerability of microprogrammed software in PLANET Technology devices stems from the lack of authenticity verification for a critical function. This allows attackers to create accounts with root privileges.

The vulnerability of PLANET Technology’s microprogrammed software for switches is related to the lack of authenticity verification for a critical function. Exploiting this vulnerability could allow a malicious actor, operating remotely, to create a user account with root privileges...

CVE-2025-46275 Planet Technology Network Products Missing Authentication for Critical Function

WGS-80HPT-V2 and WGS-4215-8T2S are missing authentication that could allow an attacker to create an administrator account without knowing any existing credentials...

GO-2025-3620 Mattermost Missing Authentication for Critical Function in github.com/mattermost/mattermost-server

Mattermost Missing Authentication for Critical Function in github.com/mattermost/mattermost-server...

The vulnerability of Prisma Access Browser lies in the lack of authentication checks for a critical function, allowing attackers to escalate their privileges.

The vulnerability of Prisma Access Browser is related to the lack of authentication checks for a critical function. Exploiting this vulnerability can allow an attacker, operating remotely, to increase their privileges...

Can LLMs Handle WebShell Detection? Overcoming Detection Challenges with Behavioral Function-Aware Framework

WebShell attacks, in which malicious scripts are injected into web servers, are a major cybersecurity threat. Traditional machine learning and deep learning methods are hampered by issues such as the need for extensive training data, catastrophic forgetting, and poor generalization. Recently, Lar...

CVE-2025-3474

Missing Authentication for Critical Function vulnerability in Drupal Panels allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Panels: from 0.0.0 before 4.9.0...

CVE-2025-3474

Missing Authentication for Critical Function vulnerability in Drupal Panels allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Panels: from 0.0.0 before 4.9.0...

CVE-2025-29870

Missing authentication for critical function vulnerability exists in Wi-Fi AP UNIT 'AC-WPS-11ac series'. If exploited, a remote unauthenticated attacker may obtain the product configuration information including authentication information...