CVE-2023-38422 Walchem Intuition Missing Authentication for Critical Function

Walchem Intuition 9 firmware versions prior to v4.21 are missing authentication for some of the API routes of the management web server. This could allow an attacker to download and export sensitive data...

CVE-2023-36847

A Missing Authentication for Critical Function vulnerability in Juniper Networks Junos OS on EX Series allows an unauthenticated, network-based attacker to cause limited impact to the file system integrity. With a specific request to installAppPackage.php that doesn't require authentication an...

CVE-2023-36846

CVE-2023-36846 (Juniper Junos OS SRX Series) is a Missing Authentication for Critical Function vulnerability. An unauthenticated, network-based attacker can trigger J-Web to upload arbitrary files, leading to a loss of file-system integrity for a portion of the device. Affected Junos OS/SRX Serie...

Juniper Networks Junos OS SRX 访问控制错误漏洞

Juniper Networks Junos OS is a Juniper Networks network operating system for the company's hardware devices. The operating system provides a secure programming interface and the Junos SDK. An access control error vulnerability exists in Juniper Networks Junos OS SRX, which arises from missing...

CVE-2023-36926

Due to missing authentication check in SAP Host Agent - version 7.22, an unauthenticated attacker can set an undocumented parameter to a particular compatibility value and in turn call read functions. This allows the attacker to gather some non-sensitive information about the server. There is no...

CVE-2023-36926

Due to missing authentication check in SAP Host Agent - version 7.22, an unauthenticated attacker can set an undocumented parameter to a particular compatibility value and in turn call read functions. This allows the attacker to gather some non-sensitive information about the server. There is no...

Improper Authentication

gitlab is vulnerable to Improper Authentication. The vulnerability exists due to missing authentication which allows an attacker with access to a victim's session to disable two-factor authentication...

Exploit for Missing Authentication for Critical Function in F5 Big-Ip_Access_Policy_Manager

Refresh This container emulates the vulnerable functionality o...

Walchem Intuition 9

1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low attack complexity Vendor: Walchem Equipment: Intuition 9 Vulnerabilities: Missing Authentication for Critical Function, Improper Authentication 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an...

CVE-2023-36669

Missing Authentication for a Critical Function within the Kratos NGC Indoor Unit IDU before 11.4 allows remote attackers to obtain arbitrary control of the IDU/ODU system. Any attacker with layer-3 network access to the IDU can impersonate the Touch Panel Unit TPU within the IDU by sending crafte...

CVE-2023-36669

Missing Authentication for a Critical Function within the Kratos NGC Indoor Unit IDU before 11.4 allows remote attackers to obtain arbitrary control of the IDU/ODU system. Any attacker with layer-3 network access to the IDU can impersonate the Touch Panel Unit TPU within the IDU by sending crafte...

CVE-2023-36669

Missing Authentication for a Critical Function within the Kratos NGC Indoor Unit IDU before 11.4 allows remote attackers to obtain arbitrary control of the IDU/ODU system. Any attacker with layer-3 network access to the IDU can impersonate the Touch Panel Unit TPU within the IDU by sending crafte...

CVE-2023-36669

Missing Authentication for a Critical Function within the Kratos NGC Indoor Unit IDU before 11.4 allows remote attackers to obtain arbitrary control of the IDU/ODU system. Any attacker with layer-3 network access to the IDU can impersonate the Touch Panel Unit TPU within the IDU by sending crafte...

AtTestimonials CMS 1.2 Missing Authentication

==================================================================================================================================== | Title : AtTestimonials CMS v1.2 Missing Authentication Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla firefox...

CVE-2023-35873 Missing Authentication check in SAP NetWeaver Process Integration (Runtime Workbench)

The Runtime Workbench RWB of SAP NetWeaver Process Integration - version SAPXITOOL 7.50, does not perform authentication checks for certain functionalities that require user identity. An unauthenticated user might access technical data about the product status and its configuration. The...

SAP NetWeaver Process Integration 访问控制错误漏洞

SAP NetWeaver Process Integration PI is an SAP enterprise application integration software from SAP, Germany, and is a component of the NetWeaver product group. The component is mainly used for the exchange of information between the internal system and the external. An access control error...

CVE-2023-30643

Missing authentication vulnerability in Galaxy Themes Service prior to SMR Jul-2023 Release 1 allows local attackers to delete arbitrary non-preloaded applications...

CVE-2023-30643

Missing authentication vulnerability in Galaxy Themes Service prior to SMR Jul-2023 Release 1 allows local attackers to delete arbitrary non-preloaded applications...

CVE-2023-30643

CVE-2023-30643 concerns Samsung Galaxy Themes Service. A missing authentication vulnerability allows local attackers to delete arbitrary non-preloaded applications. Affected product: Galaxy Themes Service in Samsung mobile devices (prior to SMR Jul-2023 Release 1). Root cause: missing authenticat...

SAMSUNG Mobile devices 访问控制错误漏洞

SAMSUNG Mobile devices are a range of Samsung mobile devices, including cell phones, tablets, etc., from the South Korean company Samsung SAMSUNG. A security vulnerability exists in SAMSUNG Mobile devices SMR Jul-2023 Release 1 version, which stems from a missing authentication vulnerability in t...