CVE-2024-47912

The CVE-2024-47912 affects Mitel MiCollab’s AWV Conferencing component. Versions before 9.8 SP1 FP2 (9.8.1.201) are vulnerable to an unauthenticated data-access attack due to missing authentication mechanisms, allowing an attacker to access and delete sensitive information. Red Hat and other sour...

CVE-2024-49399

CVE-2024-49399 affects Elvaco M-Bus Metering Gateway CMe3100 (version 1.12.1). The Red Hat/NVD/CISA-related entries describe a Missing Authentication for Critical Function: an attacker can issue commands without a password, potentially leaking information. Public documents identify the device as ...

CVE-2024-45276

An unauthenticated remote attacker can get read access to files in the "/tmp" directory due to missing authentication...

CVE-2024-45274

An unauthenticated remote attacker can execute OS commands via UDP on the device due to missing authentication...

CVE-2024-45274

An unauthenticated remote attacker can execute OS commands via UDP on the device due to missing authentication...

CVE-2024-45276

An unauthenticated remote attacker can get read access to files in the "/tmp" directory due to missing authentication...

CVE-2024-45276 MB connect line/Helmholz: tmp directory exposed via webservice

An unauthenticated remote attacker can get read access to files in the "/tmp" directory due to missing authentication...

CVE-2024-45276

Summary: CVE-2024-45276 permits an unauthenticated remote attacker to read files in the "/tmp" directory due to missing authentication. Connected sources identify affected hardware as Helmholz MB connect line / REX100 wireless router, with public records noting versions prior to 2.3.1 are impacte...

CVE-2024-45276 MB connect line/Helmholz: tmp directory exposed via webservice

An unauthenticated remote attacker can get read access to files in the "/tmp" directory due to missing authentication...

CVE-2024-45274 MB connect line/Helmholz: Remote code execution via confnet service

An unauthenticated remote attacker can execute OS commands via UDP on the device due to missing authentication...

CVE-2024-45274

CVE-2024-45274 affects Helmholz REX100 and MBConnectline/mbNET.mini routers. Public data cites pre‑patch unauthenticated OS command execution via UDP on the confnet service, caused by missing authentication. Reported affected versions include REX100 < 2.3.3 (fixed in 2.3.3) and MBConnectline/m...

CVE-2024-45274 MB connect line/Helmholz: Remote code execution via confnet service

An unauthenticated remote attacker can execute OS commands via UDP on the device due to missing authentication...

CVE-2024-9984 Ragic Enterprise Cloud Database - Missing Authentication

Enterprise Cloud Database from Ragic does not authenticate access to specific functionality, allowing unauthenticated remote attackers to use this functionality to obtain any user's session cookie...

CVE-2024-8530

CWE-306: Missing Authentication for Critical Function vulnerability exists that could cause exposure of private data when an already generated “logcaptures” archive is accessed directly by HTTPS...

CVE-2024-8530

CWE-306: Missing Authentication for Critical Function vulnerability exists that could cause exposure of private data when an already generated “logcaptures” archive is accessed directly by HTTPS...

CVE-2024-8530

CWE-306: Missing Authentication for Critical Function vulnerability exists that could cause exposure of private data when an already generated “logcaptures” archive is accessed directly by HTTPS...

CVE-2024-8530

Schneider Electric Data Center Expert suffers a Missing Authentication for Critical Function (CWE-306) vulnerability that could disclose private data when a pre-generated logcaptures archive is accessed via HTTPS. Affected: Data Center Expert (versions up to 8.1.1.3 and prior). Root cause: lack o...

CVE-2024-43488

Missing authentication for critical function in Visual Studio Code extension for Arduino allows an unauthenticated attacker to perform remote code execution through network attack vector...

CVE-2024-43488

Missing authentication for critical function in Visual Studio Code extension for Arduino allows an unauthenticated attacker to perform remote code execution through network attack vector...

Visual Studio Code extension for Arduino Remote Code Execution Vulnerability

Missing authentication for critical function in Visual Studio Code extension for Arduino allows an unauthenticated attacker to perform remote code execution through network attack vector...