CVE-2025-42885 Missing authentication in SAP HANA 2.0 (hdbrss)

Due to missing authentication, SAP HANA 2.0 hdbrss allows an unauthenticated attacker to call a remote-enabled function that will enable them to view information. As a result, it has a low impact on the confidentiality but no impact on the integrity and availability of the system...

CVE-2025-42885

CVE-2025-42885 concerns SAP HANA 2.0 (hdbrss), where missing authentication lets an unauthenticated attacker call a remote-enabled function to view information. This is a network-based issue with low confidentiality impact and no impact on integrity or availability, and has a CVSS3.1 base score o...

PT-2025-46226

Name of the Vulnerable Software and Affected Versions SAP HANA version 2.0 Description SAP HANA 2.0 hdbrss is affected by a missing authentication mechanism. This allows an unauthenticated attacker to call a remote-enabled function and view information. The issue has a low impact on...

SourceCodester Client Database Management System 安全漏洞

SourceCodester Client Database Management System is an open source client database management system from SourceCodester. A security vulnerability exists in the SourceCodester Client Database Management System version 1.0, which stems from a lack of authentication and authorization checks and...

Exploit for Missing Authentication for Critical Function in Erlang Erlang\/Otp

CVE-2025-3243...

Lexmark Printers Missing Authentication for Critical Function (CVE-2019-9934)

Various Lexmark products have an Incorrect Access Control vulnerability. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if description scriptid503870; scriptversion"1.2...

Lexmark Printers Missing Authentication for Critical Function (CVE-2019-9935)

Various Lexmark products have an Incorrect Access Control vulnerability. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if description scriptid503853; scriptversion"1.2...

CVE-2025-12108

The CVE-2025-12108 instance affects the Survision LPR Camera system, where authentication is not enforced by default, allowing access to the configuration wizard without login credentials. Affected component: the device’s access/configuration flow (license plate recognition camera system). Impact...

CVE-2025-12108 Missing Authentication for Critical Function Survision License Plate Recognition Camera

The Survision LPR Camera system does not enforce password protection by default. This allows access to the configuration wizard immediately without a login prompt or credentials check...

CVE-2025-12108 Missing Authentication for Critical Function Survision License Plate Recognition Camera

The Survision LPR Camera system does not enforce password protection by default. This allows access to the configuration wizard immediately without a login prompt or credentials check...

Missing Authentication

Overview Affected versions of this package are vulnerable to Missing Authentication in the xDS interface. An attacker can access sensitive configuration data, including certificate information, backend service details, routing rules, and cluster metadata, by connecting to the exposed port without...

Missing Authentication

Overview Affected versions of this package are vulnerable to Missing Authentication in the xDS interface. An attacker can access sensitive configuration data, including certificate information, backend service details, routing rules, and cluster metadata, by connecting to the exposed port without...

Missing Authentication

Overview Affected versions of this package are vulnerable to Missing Authentication in the xDS interface. An attacker can access sensitive configuration data, including certificate information, backend service details, routing rules, and cluster metadata, by connecting to the exposed port without...

CVE-2025-61956

Radiometrics VizAir is affected by a lack of authentication for critical functions (admin panel and REST API). This could allow an unauthenticated attacker to modify configurations and weather data, potentially manipulating active runway settings, misleading air traffic control and pilots, and ca...

CVE-2025-61956 Missing Authentication for Critical Function in Radiometrics VizAir

Radiometrics VizAir is vulnerable to a lack of authentication mechanisms for critical functions, such as admin access and API requests. Attackers can modify configurations without authentication, potentially manipulating active runway settings and misleading air traffic control ATC and pilots...

CVE-2025-61945

Radiometrics VizAir is affected by a missing authentication for critical functions vulnerability: an unauthenticated remote attacker can access the admin panel and modify key weather parameters (wind shear alerts, inversion depth, CAPE) and potentially disable alerts or alter runway settings. Mul...

CVE-2025-47357

CVE-2025-47357 describes an information-disclosure vulnerability in Qualcomm chipsets where a user-level driver can perform QFPROM read or write operations on fuse regions. The root cause is consistently described as an access-control/authorization issue that allows local (user-level) operations ...

CVE-2025-47357 Missing Authentication for Critical Function in SMSS

Information Disclosure when a user-level driver performs QFPROM read or write operations on Fuse regions...

Exploit for Missing Authentication for Critical Function in Oracle Marketing

✨ CVE-2025-62481 — Oracle Marketing Administration EBS Cri...

Exploit for Missing Authentication for Critical Function in Oracle Marketing

🧠 CVE-2025-53072 – Oracle Marketing Critical Remote Exploit...