2931 matches found
CVE-2025-11949 Digiwin|EasyFlow .NET and EasyFlow AiNet - Missing Authentication
EasyFlow .NET and EasyFlow AiNet, developed by Digiwin, has a Missing Authentication vulnerability, allowing unauthenticated remote attackers to obtain database administrator credentials via a specific functionality...
CVE-2025-11949
EasyFlow .NET and EasyFlow AiNet (Digiwin) are affected by a Missing Authentication vulnerability. Unauthenticated remote attackers may obtain database administrator credentials via a specific functionality. CVSS data in the initial entry indicates a high-severity risk (3.1: 7.5, 4.0: 8.7). Affec...
EUVD-2025-35153
EasyFlow .NET and EasyFlow AiNet, developed by Digiwin, has a Missing Authentication vulnerability, allowing unauthenticated remote attackers to obtain database administrator credentials via a specific functionality...
CVE-2025-11949 Digiwin|EasyFlow .NET and EasyFlow AiNet - Missing Authentication
EasyFlow .NET and EasyFlow AiNet, developed by Digiwin, has a Missing Authentication vulnerability, allowing unauthenticated remote attackers to obtain database administrator credentials via a specific functionality...
EUVD-2025-35083
Missing Authentication for Critical Function vulnerability in ABB ALS-mini-s4 IP, ABB ALS-mini-s8 IP.This issue affects . All firmware versions with the Serial Number from 2000 to 5166...
CVE-2025-9574
Missing Authentication for Critical Function vulnerability in ABB ALS-mini-s4 IP, ABB ALS-mini-s8 IP.This issue affects . All firmware versions with the Serial Number from 2000 to 5166...
CVE-2025-9574 Missing Authentication Vulnerability
Missing Authentication for Critical Function vulnerability in ABB ALS-mini-s4 IP, ABB ALS-mini-s8 IP.This issue affects . All firmware versions with the Serial Number from 2000 to 5166...
CVE-2025-9574
CVE-2025-9574 concerns ABB ALS-mini-s4 IP and ALS-mini-s8 IP devices with a missing authentication for critical functions. Concrete details found in connected documents: the vulnerability affects ABB ALS-mini-s4 and ALS-mini-s8 controllers, with Serial Numbers 2000–5166; impact is described as th...
CVE-2025-9574 Missing Authentication Vulnerability
Missing Authentication for Critical Function vulnerability in ABB ALS-mini-s4 IP, ABB ALS-mini-s8 IP.This issue affects . All firmware versions with the Serial Number from 2000 to 5166...
EUVD-2025-35006
A flaw has been found in 70mai X200 up to 20251010. Affected is an unknown function of the component Pairing. Executing manipulation can lead to missing authentication. It is possible to launch the attack remotely. The exploit has been published and may be used. The vendor was contacted early abo...
CVE-2025-11942 70mai X200 Pairing missing authentication
A flaw has been found in 70mai X200 up to 20251010. Affected is an unknown function of the component Pairing. Executing manipulation can lead to missing authentication. It is possible to launch the attack remotely. The exploit has been published and may be used. The vendor was contacted early abo...
CVE-2025-11942
CVE-2025-11942 affects 70mai X200 (up to 20251010). The vulnerability involves an unknown function in the Pairing component where manipulation can bypass authentication, enabling remote exploitation. Public exploit details exist and have been published; the vendor was contacted but did not respon...
CVE-2025-11852
A vulnerability was found in Apeman ID71 218.53.203.117. The impacted element is an unknown function of the file /onvif/deviceservice of the component ONVIF Service. Performing manipulation results in missing authentication. The attack is possible to be carried out remotely. The exploit has been...
EUVD-2025-34825
A vulnerability was found in Apeman ID71 218.53.203.117. The impacted element is an unknown function of the file /onvif/deviceservice of the component ONVIF Service. Performing manipulation results in missing authentication. The attack is possible to be carried out remotely. The exploit has been...
Missing Authentication for Critical Function
Overview Affected versions of this package are vulnerable to Missing Authentication for Critical Function in the Express Checkout feature. An attacker can bypass the login procedure via email. Note: Versions 9.4.3.1 through 9.4.3.3, which used the build numbering scheme prior to 2025, are also...
CVE-2025-11852
A vulnerability was found in Apeman ID71 218.53.203.117. The impacted element is an unknown function of the file /onvif/deviceservice of the component ONVIF Service. Performing manipulation results in missing authentication. The attack is possible to be carried out remotely. The exploit has been...
CVE-2025-11852
CVE-2025-11852 affects Apeman ID71 with the ONVIF Service, specifically the /onvif/device_service component. The vulnerability is described as a missing authentication in an element of this service, enabling remote access. The exploit is publicly available and the vendor did not respond to disclo...
CVE-2025-9152
An improper privilege management vulnerability exists in WSO2 API Manager due to missing authentication and authorization checks in the keymanager-operations Dynamic Client Registration DCR endpoint. A malicious user can exploit this flaw to generate access tokens with elevated privileges,...
CVE-2025-9152
CVE-2025-9152 affects WSO2 API Manager (and API Control Plane) via the keymanager-operations Dynamic Client Registration endpoint. The root cause is missing authentication and authorization checks, causing improper privilege management. An attacker could generate access tokens with elevated privi...
Exploit for Missing Authentication for Critical Function in Oracle Weblogic_Server
PoC exploit for CVE-2017-10271, a remote code execution vulnerab...