2911 matches found
CVE-2026-1632 RISS SRL MOMA Seismic Station Missing Authentication for Critical Function
MOMA Seismic Station Version v2.4.2520 and prior exposes its web management interface without requiring authentication, which could allow an unauthenticated attacker to modify configuration settings, acquire device data or remotely reset the device...
CVE-2026-1341 Missing Authentication for Critical Function in Avation Light Engine Pro
Avation Light Engine Pro exposes its configuration and control interface without any authentication or access control...
CVE-2026-1341 Missing Authentication for Critical Function in Avation Light Engine Pro
Avation Light Engine Pro exposes its configuration and control interface without any authentication or access control...
CVE-2026-1341
Avation Light Engine Pro exposes its configuration and control interface without any authentication or access control, allowing an attacker to take full control of the device. The issue, documented across multiple sources (NVD, Red Hat, ENISA EUVD, CVE listing), indicates a network-accessible int...
Missing Authentication for Critical Function
Overview fuxa-server is a Web-based Process Visualization SCADA/HMI/Dashboard software Affected versions of this package are vulnerable to Missing Authentication for Critical Function due to the secureEnabled flag being commented out in the default configuration. An attacker can gain unauthorized...
Missing Authentication for Critical Function
Overview fuxa-server is a Web-based Process Visualization SCADA/HMI/Dashboard software Affected versions of this package are vulnerable to Missing Authentication for Critical Function via the /api/upload endpoint, which lacks authentication controls. An attacker can gain administrative access or...
Exploit for Missing Authentication for Critical Function in Erlang Erlang\/Otp
No d...
Missing Authentication for Critical Function
Overview Affected versions of this package are vulnerable to Missing Authentication for Critical Function due to the improper versification of user identify in comment posting feature. An attacker can exploit this vulnerability by impersonating a registered user, potentially leading to unauthoriz...
CVE-2026-24728
A missing authentication for critical function vulnerability in the /servlet/baServer3 endpoint of Interinfo DreamMaker versions before 2025/10/22 allows remote attackers to access exposed administrative functionality without prior authentication...
CVE-2026-1453
A missing authentication for critical function vulnerability in KiloView Encoder Series could allow an unauthenticated attacker to create or delete administrator accounts. This vulnerability can grant the attacker full administrative control over the product...
CVE-2026-24728
A missing authentication for critical function vulnerability in the /servlet/baServer3 endpoint of Interinfo DreamMaker versions before 2025/10/22 allows remote attackers to access exposed administrative functionality without prior authentication...
EUVD-2026-5016
A missing authentication for critical function vulnerability in the /servlet/baServer3 endpoint of Interinfo DreamMaker versions before 2025/10/22 allows remote attackers to access exposed administrative functionality without prior authentication...
CVE-2026-24728 Interinfo DreamMaker - Missing Authentication for Critical Function
A missing authentication for critical function vulnerability in the /servlet/baServer3 endpoint of Interinfo DreamMaker versions before 2025/10/22 allows remote attackers to access exposed administrative functionality without prior authentication...
CVE-2026-24728
The vulnerability CVE-2026-24728 affects Interinfo DreamMaker, specifically the /servlet/baServer3 endpoint. A missing authentication for a critical function allows remote attackers to access exposed administrative functionality without prior authentication in DreamMaker versions before 2025/10/2...
CVE-2026-24728 Interinfo DreamMaker - Missing Authentication for Critical Function
A missing authentication for critical function vulnerability in the /servlet/baServer3 endpoint of Interinfo DreamMaker versions before 2025/10/22 allows remote attackers to access exposed administrative functionality without prior authentication...
PT-2026-5377
A missing authentication for critical function vulnerability in the /servlet/baServer3 endpoint of Interinfo DreamMaker versions before 2025/10/22 allows remote attackers to access exposed administrative functionality without prior authentication...
Interinfo DreamMaker security vulnerabilities
Interinfo DreamMaker is an application developed by Interinfo Corporation. Versions of Interinfo DreamMaker prior to October 22, 2025, contained security vulnerabilities. These vulnerabilities stemmed from the lack of authentication for the /servlet/baServer3 endpoint, which could allow...
CVE-2026-1453
A missing authentication for critical function vulnerability in KiloView Encoder Series could allow an unauthenticated attacker to create or delete administrator accounts. This vulnerability can grant the attacker full administrative control over the product...
CVE-2026-1453 Missing Authentication for Critical Function in KiloView Encoder Series
A missing authentication for critical function vulnerability in KiloView Encoder Series could allow an unauthenticated attacker to create or delete administrator accounts. This vulnerability can grant the attacker full administrative control over the product...
CVE-2026-1453 Missing Authentication for Critical Function in KiloView Encoder Series
A missing authentication for critical function vulnerability in KiloView Encoder Series could allow an unauthenticated attacker to create or delete administrator accounts. This vulnerability can grant the attacker full administrative control over the product...