2966 matches found
CVE-2025-9574
Missing Authentication for Critical Function vulnerability in ABB ALS-mini-s4 IP, ABB ALS-mini-s8 IP.This issue affects . All firmware versions with the Serial Number from 2000 to 5166...
CVE-2025-9574
CVE-2025-9574 concerns ABB ALS-mini-s4 IP and ALS-mini-s8 IP devices with a missing authentication for critical functions. Concrete details found in connected documents: the vulnerability affects ABB ALS-mini-s4 and ALS-mini-s8 controllers, with Serial Numbers 2000–5166; impact is described as th...
CVE-2025-9574 Missing Authentication Vulnerability
Missing Authentication for Critical Function vulnerability in ABB ALS-mini-s4 IP, ABB ALS-mini-s8 IP.This issue affects . All firmware versions with the Serial Number from 2000 to 5166...
CVE-2025-9574 Missing Authentication Vulnerability
Missing Authentication for Critical Function vulnerability in ABB ALS-mini-s4 IP, ABB ALS-mini-s8 IP.This issue affects . All firmware versions with the Serial Number from 2000 to 5166...
EUVD-2025-35006
A flaw has been found in 70mai X200 up to 20251010. Affected is an unknown function of the component Pairing. Executing manipulation can lead to missing authentication. It is possible to launch the attack remotely. The exploit has been published and may be used. The vendor was contacted early abo...
CVE-2025-11942
CVE-2025-11942 affects 70mai X200 (up to 20251010). The vulnerability involves an unknown function in the Pairing component where manipulation can bypass authentication, enabling remote exploitation. Public exploit details exist and have been published; the vendor was contacted but did not respon...
CVE-2025-11942 70mai X200 Pairing missing authentication
A flaw has been found in 70mai X200 up to 20251010. Affected is an unknown function of the component Pairing. Executing manipulation can lead to missing authentication. It is possible to launch the attack remotely. The exploit has been published and may be used. The vendor was contacted early abo...
CVE-2025-11852
A vulnerability was found in Apeman ID71 218.53.203.117. The impacted element is an unknown function of the file /onvif/deviceservice of the component ONVIF Service. Performing manipulation results in missing authentication. The attack is possible to be carried out remotely. The exploit has been...
EUVD-2025-34825
A vulnerability was found in Apeman ID71 218.53.203.117. The impacted element is an unknown function of the file /onvif/deviceservice of the component ONVIF Service. Performing manipulation results in missing authentication. The attack is possible to be carried out remotely. The exploit has been...
Missing Authentication for Critical Function
Overview Affected versions of this package are vulnerable to Missing Authentication for Critical Function in the Express Checkout feature. An attacker can bypass the login procedure via email. Note: Versions 9.4.3.1 through 9.4.3.3, which used the build numbering scheme prior to 2025, are also...
CVE-2025-11852
A vulnerability was found in Apeman ID71 218.53.203.117. The impacted element is an unknown function of the file /onvif/deviceservice of the component ONVIF Service. Performing manipulation results in missing authentication. The attack is possible to be carried out remotely. The exploit has been...
CVE-2025-11852
CVE-2025-11852 affects Apeman ID71 with the ONVIF Service, specifically the /onvif/device_service component. The vulnerability is described as a missing authentication in an element of this service, enabling remote access. The exploit is publicly available and the vendor did not respond to disclo...
CVE-2025-9152
An improper privilege management vulnerability exists in WSO2 API Manager due to missing authentication and authorization checks in the keymanager-operations Dynamic Client Registration DCR endpoint. A malicious user can exploit this flaw to generate access tokens with elevated privileges,...
CVE-2025-9152
CVE-2025-9152 affects WSO2 API Manager (and API Control Plane) via the keymanager-operations Dynamic Client Registration endpoint. The root cause is missing authentication and authorization checks, causing improper privilege management. An attacker could generate access tokens with elevated privi...
Exploit for Missing Authentication for Critical Function in Oracle Weblogic_Server
PoC exploit for CVE-2017-10271, a remote code execution vulnerab...
EUVD-2025-34188
Multiple Broken Authentication security issues exist in the affected product. The security issues are due to missing authentication checks on critical functions. These could result in potential denial-of-service, admin account takeover, or NAT rule modifications. Devices would no longer be able t...
October 2025 Security Advisory Ivanti Neurons for MDM
Summary Ivanti has released updates for Ivanti Neurons for MDM which addresses one medium and two high severity vulnerabilities. We are not aware of any customers being exploited by these vulnerabilities at the time of disclosure. Vulnerability Details Description | CVSS Score Severity | CVSS...
CVE-2025-7328
Multiple Broken Authentication security issues exist in the affected product. The security issues are due to missing authentication checks on critical functions. These could result in potential denial-of-service, admin account takeover, or NAT rule modifications. Devices would no longer be able t...
CVE-2025-7328
Multiple Broken Authentication security issues exist in the affected product. The security issues are due to missing authentication checks on critical functions. These could result in potential denial-of-service, admin account takeover, or NAT rule modifications. Devices would no longer be able t...
CVE-2025-11671
Uniweb/SoliPACS WebServer developed by EBM Technologies has a Missing Authentication vulnerability, allowing unauthenticated remote attackers to access a specific page to obtain information such as account names and IP addresses...