Lucene search
K

2964 matches found

CVE
CVE
added 2025/11/04 6:43 p.m.17 views

CVE-2025-12108

The CVE-2025-12108 instance affects the Survision LPR Camera system, where authentication is not enforced by default, allowing access to the configuration wizard without login credentials. Affected component: the device’s access/configuration flow (license plate recognition camera system). Impact...

9.3CVSS6.6AI score0.00442EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/11/04 6:43 p.m.10 views

CVE-2025-12108 Missing Authentication for Critical Function Survision License Plate Recognition Camera

The Survision LPR Camera system does not enforce password protection by default. This allows access to the configuration wizard immediately without a login prompt or credentials check...

9.3CVSS0.00442EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/11/04 6:43 p.m.5 views

CVE-2025-12108 Missing Authentication for Critical Function Survision License Plate Recognition Camera

The Survision LPR Camera system does not enforce password protection by default. This allows access to the configuration wizard immediately without a login prompt or credentials check...

9.3CVSS6.6AI score0.00442EPSS
Exploits0References1
Snyk
Snyk
added 2025/11/04 6:39 p.m.2 views

Missing Authentication

Overview Affected versions of this package are vulnerable to Missing Authentication in the xDS interface. An attacker can access sensitive configuration data, including certificate information, backend service details, routing rules, and cluster metadata, by connecting to the exposed port without...

6CVSS6.5AI score0.00165EPSS
Exploits0References2
Snyk
Snyk
added 2025/11/04 6:39 p.m.1 views

Missing Authentication

Overview Affected versions of this package are vulnerable to Missing Authentication in the xDS interface. An attacker can access sensitive configuration data, including certificate information, backend service details, routing rules, and cluster metadata, by connecting to the exposed port without...

6CVSS6.5AI score0.00165EPSS
Exploits0References2
Snyk
Snyk
added 2025/11/04 6:39 p.m.1 views

Missing Authentication

Overview Affected versions of this package are vulnerable to Missing Authentication in the xDS interface. An attacker can access sensitive configuration data, including certificate information, backend service details, routing rules, and cluster metadata, by connecting to the exposed port without...

6CVSS6.5AI score0.00165EPSS
Exploits0References2
CVE
CVE
added 2025/11/04 4:15 p.m.29 views

CVE-2025-61956

Radiometrics VizAir is affected by a lack of authentication for critical functions (admin panel and REST API). This could allow an unauthenticated attacker to modify configurations and weather data, potentially manipulating active runway settings, misleading air traffic control and pilots, and ca...

10CVSS6.7AI score0.00718EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2025/11/04 4:15 p.m.13 views

CVE-2025-61956 Missing Authentication for Critical Function in Radiometrics VizAir

Radiometrics VizAir is vulnerable to a lack of authentication mechanisms for critical functions, such as admin access and API requests. Attackers can modify configurations without authentication, potentially manipulating active runway settings and misleading air traffic control ATC and pilots...

10CVSS0.00718EPSS
Exploits0References2
CVE
CVE
added 2025/11/04 4:10 p.m.21 views

CVE-2025-61945

Radiometrics VizAir is affected by a missing authentication for critical functions vulnerability: an unauthenticated remote attacker can access the admin panel and modify key weather parameters (wind shear alerts, inversion depth, CAPE) and potentially disable alerts or alter runway settings. Mul...

10CVSS6.6AI score0.0076EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2025/11/04 3:19 a.m.14 views

CVE-2025-47357

CVE-2025-47357 describes an information-disclosure vulnerability in Qualcomm chipsets where a user-level driver can perform QFPROM read or write operations on fuse regions. The root cause is consistently described as an access-control/authorization issue that allows local (user-level) operations ...

8CVSS6.1AI score0.00067EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2025/11/04 3:19 a.m.3 views

CVE-2025-47357 Missing Authentication for Critical Function in SMSS

Information Disclosure when a user-level driver performs QFPROM read or write operations on Fuse regions...

8CVSS6.1AI score0.00067EPSS
Exploits0References1
GithubExploit
GithubExploit
added 2025/11/03 12:45 p.m.151 views

Exploit for Missing Authentication for Critical Function in Oracle Marketing

✨ CVE-2025-62481 — Oracle Marketing Administration EBS Cri...

9.8CVSS7.3AI score0.00605EPSS
Exploits3
GithubExploit
GithubExploit
added 2025/11/03 12:38 p.m.158 views

Exploit for Missing Authentication for Critical Function in Oracle Marketing

🧠 CVE-2025-53072 – Oracle Marketing Critical Remote Exploit...

9.8CVSS7.7AI score0.00652EPSS
Exploits3
Snyk
Snyk
added 2025/11/01 6:46 a.m.3 views

Missing Authentication for Critical Function

Overview talkpipe is a Python internal and external DSL for writing generative AI analytics Affected versions of this package are vulnerable to Missing Authentication for Critical Function due to the CORS middleware, which allowed requests from any origin , without needing to provide any form of...

8.7CVSS6.9AI score
Exploits0References3
CNVD
CNVD
added 2025/10/31 12:0 a.m.3 views

Dell Storage Manager Critical Function Missing Authentication Vulnerability

Dell Storage Manager is a centralized management tool for Dell storage products, used for daily management and monitoring of storage devices such as SC Series, PS Series, and others. Dell Storage Manager suffers from a Critical Function Missing Authentication vulnerability, no details of the...

8.6CVSS6.9AI score0.00564EPSS
Exploits0References1
Snyk
Snyk
added 2025/10/28 12:31 a.m.2 views

Missing Authentication for Critical Function

Overview com.liferay.portal:com.liferay.portal.impl is a package part of Liferay. Affected versions of this package are vulnerable to Missing Authentication for Critical Function that allows users to access to and modify content by interacting with certain APIs before email verification is...

6.9CVSS6.8AI score0.00206EPSS
Exploits0References2
GithubExploit
GithubExploit
added 2025/10/27 4:13 p.m.267 views

Exploit for Missing Authentication for Critical Function in Oracle Marketing

⚠️ CVE‑2025‑53072 & CVE‑2025‑62481 Critical Vulnerabilities...

9.8CVSS9.3AI score0.00652EPSS
Exploits4
RedhatCVE
RedhatCVE
added 2025/10/25 2:15 p.m.8 views

CVE-2025-43994

Dell Storage Center - Dell Storage Manager, versions DSM 20.1.21, contains a Missing Authentication for Critical Function vulnerability. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to Information disclosure...

8.6CVSS6.9AI score0.00564EPSS
Exploits0References1
Snyk
Snyk
added 2025/10/24 3:27 p.m.2 views

Missing Authentication for Critical Function

Overview Affected versions of this package are vulnerable to Missing Authentication for Critical Function via the /api/v1/secret, and /api/v1/service endpoints. An attacker can retrieve sensitive cluster information by sending unauthenticated requests directly to exposed API paths. Workaround Thi...

8.7CVSS6.8AI score0.00607EPSS
Exploits0References3
Snyk
Snyk
added 2025/10/24 3:27 p.m.1 views

Missing Authentication for Critical Function

Overview Affected versions of this package are vulnerable to Missing Authentication for Critical Function via the /api/v1/secret, and /api/v1/service endpoints. An attacker can retrieve sensitive cluster information by sending unauthenticated requests directly to exposed API paths. Workaround Thi...

8.7CVSS6.8AI score0.00607EPSS
Exploits0References3
Rows per page
Query Builder