Lucene search
K

2966 matches found

NVD
NVD
added 2025/10/20 5:15 p.m.5 views

CVE-2025-9574

Missing Authentication for Critical Function vulnerability in ABB ALS-mini-s4 IP, ABB ALS-mini-s8 IP.This issue affects . All firmware versions with the Serial Number from 2000 to 5166...

10CVSS0.00754EPSS
Exploits0References1
CVE
CVE
added 2025/10/20 4:56 p.m.15 views

CVE-2025-9574

CVE-2025-9574 concerns ABB ALS-mini-s4 IP and ALS-mini-s8 IP devices with a missing authentication for critical functions. Concrete details found in connected documents: the vulnerability affects ABB ALS-mini-s4 and ALS-mini-s8 controllers, with Serial Numbers 2000–5166; impact is described as th...

10CVSS6.5AI score0.00754EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/10/20 4:56 p.m.18 views

CVE-2025-9574 Missing Authentication Vulnerability

Missing Authentication for Critical Function vulnerability in ABB ALS-mini-s4 IP, ABB ALS-mini-s8 IP.This issue affects . All firmware versions with the Serial Number from 2000 to 5166...

10CVSS6.5AI score0.00754EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/10/20 4:56 p.m.7 views

CVE-2025-9574 Missing Authentication Vulnerability

Missing Authentication for Critical Function vulnerability in ABB ALS-mini-s4 IP, ABB ALS-mini-s8 IP.This issue affects . All firmware versions with the Serial Number from 2000 to 5166...

10CVSS0.00754EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/19 6:30 p.m.5 views

EUVD-2025-35006

A flaw has been found in 70mai X200 up to 20251010. Affected is an unknown function of the component Pairing. Executing manipulation can lead to missing authentication. It is possible to launch the attack remotely. The exploit has been published and may be used. The vendor was contacted early abo...

7.5CVSS6AI score0.01123EPSS
Exploits1References5
CVE
CVE
added 2025/10/19 4:2 p.m.17 views

CVE-2025-11942

CVE-2025-11942 affects 70mai X200 (up to 20251010). The vulnerability involves an unknown function in the Pairing component where manipulation can bypass authentication, enabling remote exploitation. Public exploit details exist and have been published; the vendor was contacted but did not respon...

9.8CVSS7.1AI score0.01123EPSS
Exploits1References4Affected Software1
Cvelist
Cvelist
added 2025/10/19 4:2 p.m.11 views

CVE-2025-11942 70mai X200 Pairing missing authentication

A flaw has been found in 70mai X200 up to 20251010. Affected is an unknown function of the component Pairing. Executing manipulation can lead to missing authentication. It is possible to launch the attack remotely. The exploit has been published and may be used. The vendor was contacted early abo...

7.5CVSS0.01123EPSS
Exploits1References4
RedhatCVE
RedhatCVE
added 2025/10/17 7:46 p.m.5 views

CVE-2025-11852

A vulnerability was found in Apeman ID71 218.53.203.117. The impacted element is an unknown function of the file /onvif/deviceservice of the component ONVIF Service. Performing manipulation results in missing authentication. The attack is possible to be carried out remotely. The exploit has been...

6.9CVSS6.3AI score0.00567EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/16 9:31 p.m.7 views

EUVD-2025-34825

A vulnerability was found in Apeman ID71 218.53.203.117. The impacted element is an unknown function of the file /onvif/deviceservice of the component ONVIF Service. Performing manipulation results in missing authentication. The attack is possible to be carried out remotely. The exploit has been...

6.9CVSS5.2AI score0.00567EPSS
Exploits0References5
Snyk
Snyk
added 2025/10/16 7:56 p.m.8 views

Missing Authentication for Critical Function

Overview Affected versions of this package are vulnerable to Missing Authentication for Critical Function in the Express Checkout feature. An attacker can bypass the login procedure via email. Note: Versions 9.4.3.1 through 9.4.3.3, which used the build numbering scheme prior to 2025, are also...

9.3CVSS7AI score0.00476EPSS
Exploits1References2
NVD
NVD
added 2025/10/16 7:15 p.m.2 views

CVE-2025-11852

A vulnerability was found in Apeman ID71 218.53.203.117. The impacted element is an unknown function of the file /onvif/deviceservice of the component ONVIF Service. Performing manipulation results in missing authentication. The attack is possible to be carried out remotely. The exploit has been...

6.9CVSS0.00567EPSS
Exploits0References4
CVE
CVE
added 2025/10/16 7:2 p.m.13 views

CVE-2025-11852

CVE-2025-11852 affects Apeman ID71 with the ONVIF Service, specifically the /onvif/device_service component. The vulnerability is described as a missing authentication in an element of this service, enabling remote access. The exploit is publicly available and the vendor did not respond to disclo...

6.9CVSS5.3AI score0.00567EPSS
Exploits0References4
OSV
OSV
added 2025/10/16 1:15 p.m.7 views

CVE-2025-9152

An improper privilege management vulnerability exists in WSO2 API Manager due to missing authentication and authorization checks in the keymanager-operations Dynamic Client Registration DCR endpoint. A malicious user can exploit this flaw to generate access tokens with elevated privileges,...

9.8CVSS7.1AI score
Exploits0References1
CVE
CVE
added 2025/10/16 12:37 p.m.21 views

CVE-2025-9152

CVE-2025-9152 affects WSO2 API Manager (and API Control Plane) via the keymanager-operations Dynamic Client Registration endpoint. The root cause is missing authentication and authorization checks, causing improper privilege management. An attacker could generate access tokens with elevated privi...

9.8CVSS6.7AI score0.00679EPSS
Exploits0References1Affected Software2
GithubExploit
GithubExploit
added 2025/10/15 3:6 p.m.153 views

Exploit for Missing Authentication for Critical Function in Oracle Weblogic_Server

PoC exploit for CVE-2017-10271, a remote code execution vulnerab...

7.5CVSS8.5AI score0.99993EPSS
Exploits45
EUVD
EUVD
added 2025/10/14 3:31 p.m.3 views

EUVD-2025-34188

Multiple Broken Authentication security issues exist in the affected product. The security issues are due to missing authentication checks on critical functions. These could result in potential denial-of-service, admin account takeover, or NAT rule modifications. Devices would no longer be able t...

9.9CVSS6.5AI score0.00526EPSS
Exploits0References2
Ivanti
Ivanti
added 2025/10/14 1:57 p.m.8 views

October 2025 Security Advisory Ivanti Neurons for MDM

Summary Ivanti has released updates for Ivanti Neurons for MDM which addresses one medium and two high severity vulnerabilities. We are not aware of any customers being exploited by these vulnerabilities at the time of disclosure. Vulnerability Details Description | CVSS Score Severity | CVSS...

7AI score
Exploits0
OSV
OSV
added 2025/10/14 1:15 p.m.5 views

CVE-2025-7328

Multiple Broken Authentication security issues exist in the affected product. The security issues are due to missing authentication checks on critical functions. These could result in potential denial-of-service, admin account takeover, or NAT rule modifications. Devices would no longer be able t...

9.8CVSS5.8AI score
Exploits0References1
NVD
NVD
added 2025/10/14 1:15 p.m.7 views

CVE-2025-7328

Multiple Broken Authentication security issues exist in the affected product. The security issues are due to missing authentication checks on critical functions. These could result in potential denial-of-service, admin account takeover, or NAT rule modifications. Devices would no longer be able t...

9.9CVSS0.00526EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/10/14 7:42 a.m.9 views

CVE-2025-11671

Uniweb/SoliPACS WebServer developed by EBM Technologies has a Missing Authentication vulnerability, allowing unauthenticated remote attackers to access a specific page to obtain information such as account names and IP addresses...

6.9CVSS6.8AI score0.00347EPSS
Exploits0References1
Rows per page
Query Builder