849 matches found
SUSE CVE-2022-21952
A Missing Authentication for Critical Function vulnerability in spacewalk-java of SUSE Manager Server 4.1, SUSE Manager Server 4.2 allows remote attackers to easily exhaust available disk resources leading to DoS. This issue affects: SUSE Manager Server 4.1 spacewalk-java versions prior to 4.1.46...
NEC PC Settings Tool vulnerable to missing authentication for critical function
Overview PC Settings Tool is an application pre-installed on computers provided by NEC by default. PC Settings Tool Library contained in the application is vulnerable to missing authentication for critical function CWE-306. Haruki Yadani of LAC Co., Ltd. reported this vulnerability to IPA...
CVE-2022-42970
A CWE-306: Missing Authentication for Critical Function The software does not perform any authentication for functionality that requires a provable user identity or consumes a significant amount of resources. Affected Products: APC Easy UPS Online Monitoring Software Windows 7, 10, 11 & Windows...
Authentication flaw
A CWE-306: Missing Authentication for Critical Function The software does not perform any authentication for functionality that requires a provable user identity or consumes a significant amount of resources. Affected Products: APC Easy UPS Online Monitoring Software Windows 7, 10, 11 & Windows...
CVE-2022-42970
Schneider Electric APC Easy UPS Online Monitoring Software (Schneider Electric/APC Easy UPS Online Monitoring Software) versions prior to V2.5-GA (Windows 7/10/11 and Windows Server 2016/2019/2022) and prior to V2.5-GA-01-22261 (Windows 11/Server 2019/2022) are affected by CVE-2022-42970 due to m...
CVE-2022-32528
A CWE-306: Missing Authentication for Critical Function vulnerability exists that could cause access to manipulate and read specific files in the IGSS project report directory, potentially leading to a denial-of-service condition when an attacker sends specific messages. Affected Products: IGSS...
CVE-2023-0052 SAUTER Controls Nova 200–220 Series Missing Authentication for Critical Function
SAUTER Controls Nova 200–220 Series with firmware version 3.3-006 and prior and BACnetstac version 4.2.1 and prior allows the execution of commands without credentials. As Telnet and file transfer protocol FTP are the only protocols available for device management, an unauthorized user could acce...
CVE-2023-0052 SAUTER Controls Nova 200–220 Series Missing Authentication for Critical Function
SAUTER Controls Nova 200–220 Series with firmware version 3.3-006 and prior and BACnetstac version 4.2.1 and prior allows the execution of commands without credentials. As Telnet and file transfer protocol FTP are the only protocols available for device management, an unauthorized user could acce...
Exploit for Missing Authentication for Critical Function in Linuxfoundation Harbor
CVE-2022-46463 CVE-2022-46463POChttps://nvd.nist.gov/vuln...
CVE-2018-25075 karsany OBridge ProcedureDao.java getAllStandaloneProcedureAndFunction sql injection
A vulnerability classified as critical has been found in karsany OBridge up to 1.3. Affected is the function getAllStandaloneProcedureAndFunction of the file obridge-main/src/main/java/org/obridge/dao/ProcedureDao.java. The manipulation leads to sql injection. The complexity of an attack is rathe...
The vulnerability of the APC Easy UPS Online Monitoring Software lies in the lack of authentication for a critical function, allowing attackers to gain access to the software.
The vulnerability of the APC Easy UPS Online Monitoring Software relates to the absence of authentication for a critical function. Exploiting this vulnerability can allow a malicious actor, operating remotely, to gain access to the software...
CVE-2022-4018
Missing Authentication for Critical Function in GitHub repository ikus060/rdiffweb prior to 2.5.0a6...
PYSEC-2022-43001
Missing Authentication for Critical Function in GitHub repository ikus060/rdiffweb prior to 2.5.0a6...
Authentication flaw
Missing Authentication for Critical Function in GitHub repository ikus060/rdiffweb prior to 2.5.0a6...
PYSEC-2022-43001
Missing Authentication for Critical Function in GitHub repository ikus060/rdiffweb prior to 2.5.0a6...
CVE-2022-4018 Missing Authentication for Critical Function in ikus060/rdiffweb
Missing Authentication for Critical Function in GitHub repository ikus060/rdiffweb prior to 2.5.0a6...
CVE-2022-4018 Missing Authentication for Critical Function in ikus060/rdiffweb
Missing Authentication for Critical Function in GitHub repository ikus060/rdiffweb prior to 2.5.0a6...
CVE-2022-4018 Missing Authentication for Critical Function in ikus060/rdiffweb
Missing Authentication for Critical Function in GitHub repository ikus060/rdiffweb prior to 2.5.0a6...
PT-2022-25260 · Rdiffweb · Rdiffweb
Name of the Vulnerable Software and Affected Versions: rdiffweb versions prior to 2.5.0a6 Description: The issue concerns a missing authentication mechanism for a critical function in the rdiffweb GitHub repository. Recommendations: For versions prior to 2.5.0a6, update to version 2.5.0a6 or late...
Rdiffweb is missing authentication for critical function
Missing Authentication for Critical Function in GitHub repository ikus060/rdiffweb prior to 2.5.0...