CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

849 matches found

BDU FSTEC•added 2023/11/02 12:0 a.m.•5 views

The vulnerability of the microprogrammed software of the programmable logic controller LS ELECTRIC XBC-DN32U lies in the lack of authentication for a critical function. This allows attackers to escalate their privileges and gain control over the device.

The vulnerability of the microprogrammed logic controller LS ELECTRIC XBC-DN32U lies in the absence of authentication for a critical function. Exploiting this vulnerability allows an attacker to enhance their privileges and gain control over the device...

10CVSS7.8AI score0.00708EPSS

Exploits0References2Affected Software1

BDU FSTEC•added 2023/11/02 12:0 a.m.•2 views

The vulnerability of the Kavita Kavitareader software for reading e-books in the Kavita format lies in the lack of authentication for a critical function. This allows attackers to influence the confidentiality and integrity of the protected information.

The vulnerability of the Kavita Kavitareader software for reading e-books in the Kavita format is related to the lack of authentication for a critical function. Exploiting this vulnerability could allow an attacker to influence the confidentiality and integrity of the protected information...

8.5CVSS5.5AI score0.00484EPSS

Exploits1References3Affected Software1

GithubExploit•added 2023/11/01 9:31 a.m.•632 views

Exploit for Missing Authentication for Critical Function in F5 Big-Ip_Access_Policy_Manager

Vulnerability Details fofa： title="BIG-IP" || i...

9.8CVSS9.6AI score0.96515EPSS

Exploits17

BDU FSTEC•added 2023/10/12 12:0 a.m.•2 views

The vulnerability of the software implementation of the GTP protocol (GPRS Tunneling Protocol) for Open5GS mobile communication networks lies in the lack of authentication for a critical function, allowing attackers to access confidential information.

The vulnerability of the software implementation of the GTP protocol GPRS Tunneling Protocol for mobile communication networks based on Open5GS is related to the absence of authentication for the critical function. Exploiting this vulnerability can allow a malicious actor to gain access to...

7.8CVSS7.2AI score0.00427EPSS

Exploits0References2Affected Software1

Veracode•added 2023/09/28 5:55 a.m.•14 views

Missing Authentication For Critical Function

github.com/cilium/cilium is vulnerable to Missing Authentication. The vulnerability is due to the ValidateCNP function in validator.go which lacks checks for a policy with any malicious or incorrectly match configurations, allowing an attacker to create policies that bypass namespace restrictions...

8.1CVSS6.7AI score0.00408EPSS

Exploits0References6Affected Software1

ATTACKERKB•added 2023/09/27 3:18 p.m.•32 views

CVE-2023-36851

A Missing Authentication for Critical Function vulnerability in Juniper Networks Junos OS on SRX Series allows an unauthenticated, network-based attacker to cause limited impact to the file system integrity. With a specific request to webauthoperation.php that doesn't require authentication, an...

5.3CVSS6.4AI score0.011EPSS

In wildExploits0References2Affected Software1

OSV•added 2023/09/14 9:15 a.m.•2 views

CVE-2023-4516

A CWE-306: Missing Authentication for Critical Function vulnerability exists in the IGSS Update Service that could allow a local attacker to change update source, potentially leading to remote code execution when the attacker force an update containing malicious content...

7.8CVSS5.9AI score0.00173EPSS

Exploits0References1

NVD•added 2023/09/14 9:15 a.m.•18 views

CVE-2023-4516

7.8CVSS7.5AI score0.00173EPSS

Exploits0References1

Prion•added 2023/09/14 9:15 a.m.•12 views

Authentication flaw

4.3CVSS7.5AI score0.00173EPSS

Exploits0References1Affected Software1

Vulnrichment•added 2023/09/14 8:54 a.m.•5 views

CVE-2023-4516

7.8CVSS7.5AI score0.00173EPSS

Exploits0References1

OSV•added 2023/09/07 9:30 a.m.•15 views

GHSA-PJ2H-85JQ-G5VG Answer Missing Authentication for Critical Function