2964 matches found
CVE-2025-12108
The CVE-2025-12108 instance affects the Survision LPR Camera system, where authentication is not enforced by default, allowing access to the configuration wizard without login credentials. Affected component: the device’s access/configuration flow (license plate recognition camera system). Impact...
CVE-2025-12108 Missing Authentication for Critical Function Survision License Plate Recognition Camera
The Survision LPR Camera system does not enforce password protection by default. This allows access to the configuration wizard immediately without a login prompt or credentials check...
CVE-2025-12108 Missing Authentication for Critical Function Survision License Plate Recognition Camera
The Survision LPR Camera system does not enforce password protection by default. This allows access to the configuration wizard immediately without a login prompt or credentials check...
Missing Authentication
Overview Affected versions of this package are vulnerable to Missing Authentication in the xDS interface. An attacker can access sensitive configuration data, including certificate information, backend service details, routing rules, and cluster metadata, by connecting to the exposed port without...
Missing Authentication
Overview Affected versions of this package are vulnerable to Missing Authentication in the xDS interface. An attacker can access sensitive configuration data, including certificate information, backend service details, routing rules, and cluster metadata, by connecting to the exposed port without...
Missing Authentication
Overview Affected versions of this package are vulnerable to Missing Authentication in the xDS interface. An attacker can access sensitive configuration data, including certificate information, backend service details, routing rules, and cluster metadata, by connecting to the exposed port without...
CVE-2025-61956
Radiometrics VizAir is affected by a lack of authentication for critical functions (admin panel and REST API). This could allow an unauthenticated attacker to modify configurations and weather data, potentially manipulating active runway settings, misleading air traffic control and pilots, and ca...
CVE-2025-61956 Missing Authentication for Critical Function in Radiometrics VizAir
Radiometrics VizAir is vulnerable to a lack of authentication mechanisms for critical functions, such as admin access and API requests. Attackers can modify configurations without authentication, potentially manipulating active runway settings and misleading air traffic control ATC and pilots...
CVE-2025-61945
Radiometrics VizAir is affected by a missing authentication for critical functions vulnerability: an unauthenticated remote attacker can access the admin panel and modify key weather parameters (wind shear alerts, inversion depth, CAPE) and potentially disable alerts or alter runway settings. Mul...
CVE-2025-47357
CVE-2025-47357 describes an information-disclosure vulnerability in Qualcomm chipsets where a user-level driver can perform QFPROM read or write operations on fuse regions. The root cause is consistently described as an access-control/authorization issue that allows local (user-level) operations ...
CVE-2025-47357 Missing Authentication for Critical Function in SMSS
Information Disclosure when a user-level driver performs QFPROM read or write operations on Fuse regions...
Exploit for Missing Authentication for Critical Function in Oracle Marketing
✨ CVE-2025-62481 — Oracle Marketing Administration EBS Cri...
Exploit for Missing Authentication for Critical Function in Oracle Marketing
🧠 CVE-2025-53072 – Oracle Marketing Critical Remote Exploit...
Missing Authentication for Critical Function
Overview talkpipe is a Python internal and external DSL for writing generative AI analytics Affected versions of this package are vulnerable to Missing Authentication for Critical Function due to the CORS middleware, which allowed requests from any origin , without needing to provide any form of...
Dell Storage Manager Critical Function Missing Authentication Vulnerability
Dell Storage Manager is a centralized management tool for Dell storage products, used for daily management and monitoring of storage devices such as SC Series, PS Series, and others. Dell Storage Manager suffers from a Critical Function Missing Authentication vulnerability, no details of the...
Missing Authentication for Critical Function
Overview com.liferay.portal:com.liferay.portal.impl is a package part of Liferay. Affected versions of this package are vulnerable to Missing Authentication for Critical Function that allows users to access to and modify content by interacting with certain APIs before email verification is...
Exploit for Missing Authentication for Critical Function in Oracle Marketing
⚠️ CVE‑2025‑53072 & CVE‑2025‑62481 Critical Vulnerabilities...
CVE-2025-43994
Dell Storage Center - Dell Storage Manager, versions DSM 20.1.21, contains a Missing Authentication for Critical Function vulnerability. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to Information disclosure...
Missing Authentication for Critical Function
Overview Affected versions of this package are vulnerable to Missing Authentication for Critical Function via the /api/v1/secret, and /api/v1/service endpoints. An attacker can retrieve sensitive cluster information by sending unauthenticated requests directly to exposed API paths. Workaround Thi...
Missing Authentication for Critical Function
Overview Affected versions of this package are vulnerable to Missing Authentication for Critical Function via the /api/v1/secret, and /api/v1/service endpoints. An attacker can retrieve sensitive cluster information by sending unauthenticated requests directly to exposed API paths. Workaround Thi...