Exploit for Missing Authentication for Critical Function in F5 Big-Ip_Access_Policy_Manager

CVE-2022-1388 RCE checker Simple bash script to check CVE-202...

CVE-2022-1300

Multiple Version of TRUMPF TruTops products expose a service function without necessary authentication. Execution of this function may result in unauthorized access to change of data or disruption of the whole service...

CVE-2022-28719

Missing authentication for critical function in AssetView prior to Ver.13.2.0 allows a remote unauthenticated attacker with some knowledge on the system configuration to upload a crafted configuration file to the managing server, which may result in the managed clients to execute arbitrary code...

CVE-2022-28719

Missing authentication for critical function in AssetView prior to Ver.13.2.0 allows a remote unauthenticated attacker with some knowledge on the system configuration to upload a crafted configuration file to the managing server, which may result in the managed clients to execute arbitrary code...

The vulnerability of the Linux operating system’s kernel, which allows a hacker to increase their privileges

The vulnerability of the Linux operating system’s kernel is related to the absence of authentication procedures. Exploiting this vulnerability can allow attackers to increase their privileges...

Siemens SICAM A8000 Missing Authentication For Critical Function (CVE-2022-27480)

A vulnerability has been identified in SICAM A8000 CP-8031 All versions V4.80, SICAM A8000 CP-8050 All versions V4.80. Affected devices do not require an user to be authenticated to access certain files. This could allow unauthenticated attackers to download these files. This plugin only works wi...

Siemens A8000 CP-8050/CP-8031 SICAM WEB Missing File Download / Missing Authentication

SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: Missing Authentication at File Download & Denial of Service product: Siemens A8000 CP-8050/CP-8031 SICAM WEB vulnerable version: SICAM WEB Version 05.80 / Firmware Packag...

Siemens SICAM A8000

1. EXECUTIVE SUMMARY CVSS v3 5.3 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: SICAM A8000 Vulnerability: Missing Authentication for Critical Function 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to access files...

CVE-2022-24829 Missing authentication in Garden

Garden is an automation platform for Kubernetes development and testing. In versions prior to 0.12.39 multiple endpoints did not require authentication. In some operating modes this allows for an attacker to gain access to the application erroneously. The configuration is leaked through the /api...

Samsung DeX Home 安全漏洞

Samsung DeX Home is a Samsung DeX application for PCs and Macs from Samsung South Korea.An information disclosure vulnerability exists in Samsung DeX Home, which stems from the lack of proper access authentication logic in Samsung DeX Home, and could be exploited to gain unauthorized access to...

CVE-2020-27376

Dr Trust USA iCheck Connect BP Monitor BP Testing 118 version 1.2.1 is vulnerable to Missing Authentication...

CVE-2020-27376

Dr Trust USA iCheck Connect BP Monitor BP Testing 118 version 1.2.1 is vulnerable to Missing Authentication...

Authentication flaw

Dr Trust USA iCheck Connect BP Monitor BP Testing 118 version 1.2.1 is vulnerable to Missing Authentication...

CVE-2020-27376

Dr Trust USA iCheck Connect BP Monitor BP Testing 118 version 1.2.1 is vulnerable to Missing Authentication...

CVE-2020-27376

The connected sources identify CVE-2020-27376 as an access-control vulnerability in Dr Trust USA iCheck Connect BP Monitor BP Testing 118, version 1.2.1, described as Missing Authentication. Affected product and version are stated; CVSS indicates HIGH severity (AVG 8.3–8.8 depending on metric set...

CVE-2021-33008 AVEVA System Platform Missing Authentication for Critical Function

AVEVA System Platform versions 2017 through 2020 R2 P01 does not perform any authentication for functionality that requires a provable user identity...

CVE-2022-0403

The Library File Manager WordPress plugin before 5.2.3 is using an outdated version of the elFinder library, which is know to be affected by security issues CVE-2021-32682, and does not have any authorisation as well as CSRF checks in its connector AJAX action, allowing any authenticated users,...

CVE-2020-14479

Sensitive information can be obtained through the handling of serialized data. The issue results from the lack of proper authentication required to query the server...

Flo Launch < 2.4.1 - Missing Authentication Allow Full Site Takeover

The plugin injects code into wp-config.php when creating a cloned site, allowing any attacker to initiate a new site install by setting the flocustomtableprefix cookie to an arbitrary value. PoC On any website where flo-launch is active create cookie "flocustomtableprefix" with any string value t...

Philips e-Alert

1. EXECUTIVE SUMMARY CVSS v3 6.5 ATTENTION: Exploitable from an adjacent network/low attack complexity Vendor: Philips Equipment: e-Alert Vulnerability: Missing Authentication for Critical Function 2. RISK EVALUATION Successful exploitation of this vulnerability may allow an unauthorized actor to...