Lucene search
K

2963 matches found

NVD
NVD
added 2021/11/23 10:15 p.m.9 views

CVE-2021-42783

Missing Authentication for Critical Function vulnerability in debugpostset.cgi of D-Link DWR-932C E1 firmware allows an unauthenticated attacker to execute administrative actions...

10CVSS0.03792EPSS
Exploits0References1
OSV
OSV
added 2021/11/23 10:15 p.m.2 views

CVE-2021-42783

Missing Authentication for Critical Function vulnerability in debugpostset.cgi of D-Link DWR-932C E1 firmware allows an unauthenticated attacker to execute administrative actions...

9.8CVSS5.9AI score0.03792EPSS
Exploits0References1
Cvelist
Cvelist
added 2021/11/23 9:37 p.m.16 views

CVE-2021-42783 Missing Authentication in debug_post_set.cgi in D-Link DWR-932C E1 Firmware 1.0.0.4

Missing Authentication for Critical Function vulnerability in debugpostset.cgi of D-Link DWR-932C E1 firmware allows an unauthenticated attacker to execute administrative actions...

9.8AI score0.03792EPSS
Exploits0References1
CVE
CVE
added 2021/11/23 9:37 p.m.49 views

CVE-2021-42783

The CVE-2021-42783 issue affects the D-Link DWR-932C E1 firmware, where a Missing Authentication for Critical Function in debug_post_set.cgi enables an unauthenticated attacker to perform administrative actions. The vulnerability is documented with a high-severity CVSS score (3.1: 9.8; 2.0: 10.0)...

10CVSS9.8AI score0.03792EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2021/11/19 9:20 a.m.19 views

CVE-2021-39231 Missing authentication/authorization on internal RPC endpoints

In Apache Ozone versions prior to 1.2.0, Various internal server-to-server RPC endpoints are available for connections, making it possible for an attacker to download raw data from Datanode and Ozone manager and modify Ratis replication configuration...

9.4AI score0.02296EPSS
Exploits0References2
CISA KEV Catalog
CISA KEV Catalog
added 2021/11/03 12:0 a.m.28 views

SAP NetWeaver Missing Authentication for Critical Function Vulnerability

SAP NetWeaver Application Server Java Platforms contains a missing authentication for critical function vulnerability allowing unauthenticated access to execute configuration tasks and create administrative users...

10CVSS9.4AI score0.94719EPSS
In wildExploits6
CISA KEV Catalog
CISA KEV Catalog
added 2021/11/03 12:0 a.m.26 views

SAP Solution Manager Missing Authentication for Critical Function Vulnerability

SAP Solution Manager User Experience Monitoring contains a missing authentication for critical function vulnerability which results in complete compromise of all SMDAgents connected to the Solution Manager...

10CVSS9AI score0.98376EPSS
In wildExploits7
0day.today
0day.today
added 2021/10/26 12:0 a.m.582 views

FreeSWITCH 1.10.5 SIP SUBSCRIBE Missing Authentication Exploit

FreeSWITCH does not authenticate SIP SUBSCRIBE requests by default - Fixed versions: v1.10.7 - Enable Security Advisory: https://github.com/EnableSecurity/advisories/tree/master/ES2021-08-freeswitch-SIP-SUBSCRIBE-without-auth - Vendor Security Advisory:...

5.3CVSS0.3AI score0.0169EPSS
Exploits4
ICS
ICS
added 2021/10/12 12:0 a.m.46 views

Siemens SIMATIC Process Historian

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: SIMATIC Process Historian Vulnerability: Missing Authentication for Critical Function 2. RISK EVALUATION Successful exploitation of this vulnerability could enable the execution of...

8.1CVSS8.6AI score0.00776EPSS
Exploits0References11
ICS
ICS
added 2021/10/07 12:0 a.m.97 views

Mobile Industrial Robots Vehicles and MiR Fleet Software

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low attack complexity/public exploits are available Vendor: Mobile Industrial Robots MiR Equipment: MiR100, MiR200, MiR250, MiR500, MiR1000, MiR Fleet Vulnerabilities: Improper Access Control, Integer Overflow or Wraparound, Exposur...

10CVSS8.7AI score0.02459EPSS
Exploits6References5
CNNVD
CNNVD
added 2021/10/07 12:0 a.m.5 views

Sophos HitmanPro 安全漏洞

Sophos HitmanPro is an excellent multi-engine cloud anti-virus scanner from Sophos UK.Sophos HitmanPro suffers from a security vulnerability that stems from a lack of authentication, access control, permission management and other security measures in the network system or product, which could be...

6CVSS6.3AI score0.00222EPSS
Exploits0References2
OSV
OSV
added 2021/10/04 5:15 p.m.2 views

UBUNTU-CVE-2021-39879

Missing authentication in all versions of GitLab CE/EE since version 7.11.0 allows an attacker with access to a victim's session to disable two-factor authentication...

3.5CVSS5.8AI score0.00399EPSS
Exploits0References4
UbuntuCve
UbuntuCve
added 2021/10/04 5:15 p.m.19 views

CVE-2021-39879

Missing authentication in all versions of GitLab CE/EE since version 7.11.0 allows an attacker with access to a victim's session to disable two-factor authentication...

4CVSS5.9AI score0.00399EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2021/10/04 12:0 a.m.3 views

PT-2021-22725 · Gitlab · Gitlab Ce/Ee +1

Name of the Vulnerable Software and Affected Versions: GitLab CE/EE versions 7.11.0 and later Description: The issue is related to missing authentication in GitLab CE/EE, which allows an attacker with access to a victim's session to disable two-factor authentication. Recommendations: For GitLab...

4CVSS3.6AI score0.00399EPSS
Exploits0References10
CNNVD
CNNVD
added 2021/10/01 12:0 a.m.4 views

GitLab Enterprise Edition 安全特征问题漏洞

GitLab Enterprise Edition is a content management system GitLab is a self-hosted Git version control system project repository application developed by GitLab, Inc. using Ruby on Rails. The program can be used to access the project's file content, commit history, bug list, etc.. A security...

3.5CVSS5.1AI score0.00847EPSS
Exploits0References5
VulnCheck KEV
VulnCheck KEV
added 2021/09/23 12:0 a.m.2 views

VulnCheck KEV: CVE-2022-1388

F5 BIG-IP contains a missing authentication in critical function vulnerability which can allow for remote code execution, creation or deletion of files, or disabling services...

9.8CVSS7.7AI score0.99956EPSS
Exploits63References1
CNNVD
CNNVD
added 2021/09/17 12:0 a.m.3 views

AcuityBrands nLight ECLYPSE 安全漏洞

The AcuityBrands NLight Eclypse Necy is a system controller from AcuityBrands, Inc. It is used to connect nLight lighting networks to IP networks. A security vulnerability exists in the AcuityBrands nLight ECLYPSE that stems from a lack of security measures such as authentication, access control,...

8.6CVSS7.9AI score0.01089EPSS
Exploits0References3
OSV
OSV
added 2021/09/14 11:15 a.m.1 views

CVE-2019-10941

A vulnerability has been identified in SINEMA Server All versions V14 SP3. Missing authentication for functionality that requires administrative user identity could allow an attacker to obtain encoded system configuration backup files. This is only possible through network access to the affected...

5.3CVSS5.7AI score
Exploits0References1
OSV
OSV
added 2021/09/14 10:21 a.m.7 views

OPENSUSE-SU-2021:1255-1 Security update for nextcloud

This update for nextcloud fixes the following issues: Update to 20.0.12 Fix boo1190291 - CVE-2021-32766 CWE-209: Generation of Error Message Containing Sensitive Information - CVE-2021-32800 CWE-306: Missing Authentication for Critical Function - CVE-2021-32801 CWE-532: Insertion of Sensitive...

10CVSS9.7AI score0.02521EPSS
Exploits0References6
CNNVD
CNNVD
added 2021/09/14 12:0 a.m.3 views

IBM QRadar 加密问题漏洞

IBM QRadar SIEM is an IBM USA solution that utilizes security intelligence to protect assets and information from advanced threats. The solution provides oversight of the entire scope of the IT architecture, generates detailed reports on data access and user activity, and more. A security...

7.5CVSS6.5AI score0.00665EPSS
Exploits0References6
Rows per page
Query Builder