2966 matches found
CVE-2024-2076 CodeAstro House Rental Management System tenant.php missing authentication
A vulnerability was found in CodeAstro House Rental Management System 1.0. It has been rated as problematic. Affected by this issue is some unknown functionality of the file booking.php/owner.php/tenant.php. The manipulation leads to missing authentication. The attack may be launched remotely. Th...
House Rental Management System Security Vulnerability
House Rental Management System is a house rental management system by Carlo Montero Personal Developer. A security vulnerability exists in House Rental Management System version 1.0, which stems from an unknown function in booking.php/owner.php/tenant.php that results in missing authentication...
CVE-2022-48621
Vulnerability of missing authentication for critical functions in the Wi-Fi module.Successful exploitation of this vulnerability may affect service confidentiality...
CVE-2022-48621
Vulnerability of missing authentication for critical functions in the Wi-Fi module.Successful exploitation of this vulnerability may affect service confidentiality...
The vulnerabilities of microprogramming software in FeverWarn ESP32, FeverWarn RaspberryPi, and the FeverWarn DataHub RaspberryPi systems allow a intruder to gain unauthorized access to protected information, execute arbitrary code, and gain full control over the device.
The vulnerability of the microprogramming software in FeverWarn ESP32, FeverWarn RaspberryPi, and the FeverWarn DataHub RaspberryPi systems is related to the absence of authentication procedures for critical functions. Exploiting this vulnerability could allow an attacker to gain unauthorized...
CVE-2023-49115 MachineSense FeverWarn Missing Authentication for Critical Function
MachineSense devices use unauthenticated MQTT messaging to monitor devices and remote viewing of sensor data by users...
CVE-2023-49617 MachineSense FeverWarn Missing Authentication for Critical Function
The MachineSense application programmable interface API is improperly protected and can be accessed without authentication. A remote attacker could retrieve and modify sensitive information without any authentication...
CVE-2024-22449
Dell PowerScale OneFS versions 9.0.0.x through 9.6.0.x contains a missing authentication for critical function vulnerability. A low privileged local malicious user could potentially exploit this vulnerability to gain elevated access...
CVE-2024-22449
Dell PowerScale OneFS versions 9.0.0.x through 9.6.0.x contains a missing authentication for critical function vulnerability. A low privileged local malicious user could potentially exploit this vulnerability to gain elevated access...
CVE-2024-22449
Dell PowerScale OneFS versions 9.0.0.x through 9.6.0.x contains a missing authentication for critical function vulnerability. A low privileged local malicious user could potentially exploit this vulnerability to gain elevated access...
Authentication Bypass
Lobe Chat is vulnerable to Authentication Bypass. The vulnerability is caused due to missing authentication checks within route.ts when the application is password-protected deployed with the ACCESSCODE option. This allows an attacker to access plugins without proper authorization...
Omron CS/CJ Series Missing Authentication For Critical Function (CVE-2022-45794)
Omron CS/CJ series programmable logic controllers are missing authentication for the file system. This could allow an attacker to access the file system via memory card or EM file memory and obtain all available sensitive information. This plugin only works with Tenable.ot. Please visit...
CVE-2023-6942
Missing Authentication for Critical Function vulnerability in Mitsubishi Electric Corporation EZSocket versions 3.0 to 5.92, GT Designer3 Version1GOT1000 versions 1.325P and prior, GT Designer3 Version1GOT2000 versions 1.320J and prior, GX Works2 versions 1.11M to 1.626C, GX Works3 versions 1.106...
Mitsubishi Electric FA Engineering Software Products (Update D)
View CSAF 1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION : Exploitable remotely/low attack complexity Vendor : Mitsubishi Electric Equipment : EZSocket, FR Configurator2, GT Designer3 Version1GOT1000, GT Designer3 Version1GOT2000, GX Works2, GX Works3, MELSOFT Navigator, MT Works2, MX Component, MX...
CVE-2024-21619
CVE-2024-21619 describes a vulnerability in Juniper Networks Junos OS on SRX and EX series where an unauthenticated attacker can access sensitive configuration information via the J-Web interface. The root cause is a Missing Authentication for a Critical Function combined with a Generation of Err...
MachineSense FeverWarn
View CSAF 1. EXECUTIVE SUMMARY CVSS v3 10.0 ATTENTION : Exploitable remotely/low attack complexity Vendor : MachineSense LLC. Equipment : MachineSense FeverWarn Vulnerabilities: Missing Authentication for Critical Function, Use of Hard-coded Credentials, Improper Access Control, OS Command...
PT-2024-1427 · Juniper Networks · Junos
Name of the Vulnerable Software and Affected Versions: Juniper Networks Junos OS on SRX Series and EX Series versions earlier than 20.4R3-S9 Juniper Networks Junos OS on SRX Series and EX Series 21.2 versions earlier than 21.2R3-S7 Juniper Networks Junos OS on SRX Series and EX Series 21.3 versio...
Voltronic Power ViewPower Pro
View CSAF 1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/Low attack complexity Vendor: Voltronic Power Equipment: ViewPower Pro Vulnerabilities: Deserialization of Untrusted Data, Missing Authentication for Critical Function, Exposed Dangerous Method or Function, OS Command...
CVE-2023-5253
A missing authentication check in the WebSocket channel used for the Check Point IoT integration in Nozomi Networks Guardian and CMC, may allow an unauthenticated attacker to obtain assets data without authentication. Malicious unauthenticated users with knowledge on the underlying system may be...
CVE-2023-31033 CVE
NVIDIA DGX A100 BMC contains a vulnerability where a user may cause a missing authentication issue for a critical function by an adjacent network . A successful exploit of this vulnerability may lead to escalation of privileges, code execution, denial of service, information disclosure, and data...