PT-2024-14787 · Synology · Synology Active Backup For Business Agent

Name of the Vulnerable Software and Affected Versions: Synology Active Backup for Business Agent versions prior to 2.7.0-3221 Description: The issue involves missing authentication for a critical function in the proxy settings functionality, allowing local users to obtain user credentials via...

OMNTEC Proteus Tank Monitoring (Update A)

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 9.3 ATTENTION : Exploitable remotely/low attack complexity Vendor : OMNTEC Mfg., Inc. Equipment : Proteus Tank Monitoring Vulnerability : Missing Authentication for Critical Function 2. RISK EVALUATION Successful exploitation of this vulnerability allow an...

OPW Fuel Management Systems SiteSentinel

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 9.3 ATTENTION : Exploitable remotely/low attack complexity Vendor : OPW Fuel Managements Systems Equipment : SiteSentinel Vulnerability : Missing Authentication For Critical Function 2. RISK EVALUATION Successful exploitation of this vulnerability could...

Missing Authentication For Critical Function

Mautic is vulnerable to Missing Authentication for Critical Function. The vulnerability is due to insufficient protection of the upgrade script, which could lead to exploitation if Mautic is installed in a specific, vulnerable configuration...

Missing Authentication for Critical Function

Overview Affected versions of this package are vulnerable to Missing Authentication for Critical Function due to insufficient authentication in the upgrade flow. An attacker can bypass access restrictions and perform unauthorized actions by exploiting the unprotected upgrade logic. Remediation...

Missing Authentication for Critical Function

Overview Affected versions of this package are vulnerable to Missing Authentication for Critical Function due to insufficient authentication in the upgrade flow. An attacker can bypass access restrictions and perform unauthorized actions by exploiting the unprotected upgrade logic. Remediation...

CVE-2024-6406

Missing Authentication for Critical Function, Missing Authorization vulnerability in Yordam Information Technology Mobile Library Application allows Retrieve Embedded Sensitive Data. This issue affects Mobile Library Application: before 5.0...

VulnCheck KEV: CVE-2023-28461

Array Networks AG and vxAG ArrayOS contain a missing authentication for critical function vulnerability that allows an attacker to read local files and execute code on the SSL VPN gateway...

The vulnerability of the software platforms for developing and managing Magento Open Source and Adobe Commerce online stores lies in the lack of authentication procedures, which allow attackers to bypass security restrictions.

The vulnerability of the Magento Open Source and Adobe Commerce software platforms for developing and managing online stores is related to deficiencies in authentication procedures. Exploiting this vulnerability can allow a malicious actor to bypass security restrictions from a remote location...

CVE-2024-8321

Missing authentication in Network Isolation of Ivanti EPM before 2022 SU6, or the 2024 September update allows a remote unauthenticated attacker to isolate managed devices from the network...

CVE-2024-8321

Missing authentication in Network Isolation of Ivanti EPM before 2022 SU6, or the 2024 September update allows a remote unauthenticated attacker to isolate managed devices from the network...

CVE-2024-8321

CVE-2024-8321 affects Ivanti Endpoint Manager (EPM) and involves missing authentication in Network Isolation, enabling a remote unauthenticated attacker to isolate managed devices from the network. Public references cite the vulnerability as present in EPM before 2022 SU6 and/or the 2024 Septembe...

CVE-2024-8321

Missing authentication in Network Isolation of Ivanti EPM before 2022 SU6, or the 2024 September update allows a remote unauthenticated attacker to isolate managed devices from the network...

CVE-2023-37226

Loftware Spectrum before 4.6 HF14 has Missing Authentication for a Critical Function...

CVE-2023-37226

Loftware Spectrum before 4.6 HF14 has Missing Authentication for a Critical Function...

CVE-2023-37226

Loftware Spectrum before 4.6 HF14 has Missing Authentication for a Critical Function...

Loftware Spectrum 安全漏洞

Loftware Spectrum is an enterprise label printing solution from Loftware, a comprehensive, cloud-based label printing platform for companies of all sizes. A security vulnerability exists in Loftware Spectrum prior to version 4.6 that stems from HF14 missing authentication for critical functions...

CVE-2023-37226

Loftware Spectrum before 4.6 HF14 has Missing Authentication for a Critical Function...

PT-2024-12594 · Loftware · Loftware Spectrum

Name of the Vulnerable Software and Affected Versions: Loftware Spectrum versions prior to 4.6 HF14 Description: The issue is related to Missing Authentication for a Critical Function. There is no information provided about the estimated number of potentially affected devices worldwide or...

CVE-2024-7015

Missing Authentication for Critical Function vulnerability in Profelis Informatics and Consulting PassBox allows Authentication Abuse.This issue affects PassBox: before v1.2...