2929 matches found
SAP CommonCryptoLib and abu security vulnerabilities
SAP CommonCryptoLib is a password library from SAP, a German company. A security vulnerability exists in SAP CommonCryptoLib that stems from not performing the required authentication checks, which could result in missing or incorrect authorization checks for authenticated users, leading to...
CVE-2023-4815
Missing Authentication for Critical Function in GitHub repository answerdev/answer prior to v1.1.3...
CVE-2023-4815 Missing Authentication for Critical Function in answerdev/answer
Missing Authentication for Critical Function in GitHub repository answerdev/answer prior to v1.1.3...
CVE-2023-4815 Missing Authentication for Critical Function in answerdev/answer
Missing Authentication for Critical Function in GitHub repository answerdev/answer prior to v1.1.3...
PT-2023-30712 · Answerdev · Answer
Name of the Vulnerable Software and Affected Versions: answerdev/answer versions prior to v1.1.3 Description: The issue is related to missing authentication for a critical function in the GitHub repository answerdev/answer. This could potentially allow unauthorized access to sensitive data or...
CVE-2023-34392
A Missing Authentication for Critical Function vulnerability in the Schweitzer Engineering Laboratories SEL-5037 SEL Grid Configurator could allow an attacker to run arbitrary commands on managed devices by an authorized device operator. See Instruction Manual Appendix A and Appendix E dated...
CVE-2023-34392
A Missing Authentication for Critical Function vulnerability in the Schweitzer Engineering Laboratories SEL-5037 SEL Grid Configurator could allow an attacker to run arbitrary commands on managed devices by an authorized device operator. See Instruction Manual Appendix A and Appendix E dated...
Authentication flaw
A Missing Authentication for Critical Function vulnerability in the Schweitzer Engineering Laboratories SEL-5037 SEL Grid Configurator could allow an attacker to run arbitrary commands on managed devices by an authorized device operator. See Instruction Manual Appendix A and Appendix E dated...
CVE-2023-34392 Missing Authentication for Critical Function
A Missing Authentication for Critical Function vulnerability in the Schweitzer Engineering Laboratories SEL-5037 SEL Grid Configurator could allow an attacker to run arbitrary commands on managed devices by an authorized device operator. See Instruction Manual Appendix A and Appendix E dated...
Schweitzer Engineering Laboratories SEL-5037 SEL Grid Configurator 访问控制错误漏洞
Schweitzer Engineering Laboratories SEL-5037 SEL Grid Configurator is a freely distributed software tool from Schweitzer Engineering Laboratories, Inc. -- Grid Configurator allows engineers and technicians to quickly create, manage, and deploy settings for SEL power system equipment. A security...
PT-2023-24857 · Schweitzer Engineering Laboratories · Sel-5037 Sel Grid Configurator
Name of the Vulnerable Software and Affected Versions: Schweitzer Engineering Laboratories SEL-5037 SEL Grid Configurator versions prior to 4.5.0.20 Description: A Missing Authentication for Critical Function issue could allow an attacker to run arbitrary commands on managed devices by an...
VulnCheck KEV: CVE-2023-36851
Juniper Junos OS on SRX Series contains a missing authentication for critical function vulnerability that allows an unauthenticated, network-based attacker to cause limited impact to the file system integrity. With a specific request to webauthoperation.php that doesn't require authentication,...
VulnCheck KEV: CVE-2023-36847
Juniper Junos OS on EX Series contains a missing authentication for critical function vulnerability that allows an unauthenticated, network-based attacker to cause limited impact to the file system integrity. With a specific request to installAppPackage.php that doesn't require authentication, an...
CVE-2023-38030
Saho’s attendance devices ADM100 and ADM-100FP have a vulnerability of missing authentication for critical functions. An unauthenticated remote attacker can execute system commands in partial website URLs to read sensitive device information without permissions...
CVE-2023-38030
Saho’s attendance devices ADM100 and ADM-100FP have a vulnerability of missing authentication for critical functions. An unauthenticated remote attacker can execute system commands in partial website URLs to read sensitive device information without permissions...
CVE-2023-38030 Saho ADM100&ADM-100FP - Execute Code
Saho’s attendance devices ADM100 and ADM-100FP have a vulnerability of missing authentication for critical functions. An unauthenticated remote attacker can execute system commands in partial website URLs to read sensitive device information without permissions...
CVE-2023-38422
Walchem Intuition 9 firmware versions prior to v4.21 are missing authentication for some of the API routes of the management web server. This could allow an attacker to download and export sensitive data...
CVE-2023-38422 Walchem Intuition Missing Authentication for Critical Function
Walchem Intuition 9 firmware versions prior to v4.21 are missing authentication for some of the API routes of the management web server. This could allow an attacker to download and export sensitive data...
CVE-2023-38422 Walchem Intuition Missing Authentication for Critical Function
Walchem Intuition 9 firmware versions prior to v4.21 are missing authentication for some of the API routes of the management web server. This could allow an attacker to download and export sensitive data...
CVE-2023-36847
A Missing Authentication for Critical Function vulnerability in Juniper Networks Junos OS on EX Series allows an unauthenticated, network-based attacker to cause limited impact to the file system integrity. With a specific request to installAppPackage.php that doesn't require authentication an...