Weaknesses of type CWE-306

1,718 results
CVE-2022-43989HIGHPassword recovery vulnerability in SICK SIM2x00 (ARM) Partnumber 1092673 and 1081902 with firmware version < 1.2.0 allows an unprivileged reEPSS 0.8%CVE-2022-4980CRITICALGeneral Bytes Crypto Application Server (CAS) Unauthenticated Creation of Admin Account via Default-installation/First-admin PageEPSS 0.8%CVE-2024-22513MEDIUMdjangorestframework-simplejwt version 5.3.1 and before is vulnerable to information disclosure. A user can access web application resources EPSS 0.8%CVE-2025-22252CRITICALA missing authentication for critical function in Fortinet FortiProxy versions 7.6.0 through 7.6.1, FortiSwitchManager version 7.2.5, and FoEPSS 0.8%CVE-2019-10941A vulnerability has been identified in SINEMA Server (All versions < V14 SP3). Missing authentication for functionality that requires adminiEPSS 0.8%CVE-2025-21535CRITICALVulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core). Supported versions that are affected areEPSS 0.8%CVE-2023-6595HIGHWhatsUp Gold Unauthenticated Access to an API EndpointEPSS 0.8%CVE-2023-49617CRITICALMachineSense FeverWarn Missing Authentication for Critical FunctionEPSS 0.8%CVE-2021-47891CRITICALUnified Remote 3.9.0.2463 - Remote Code ExecutionEPSS 0.8%CVE-2023-53774MEDIUMMiniDVBLinux 5.4 Simple VideoDiskRecorder Protocol Remote Code ExecutionEPSS 0.8%CVE-2024-2921CRITICALImproper access control in PAM vault permissions in Devolutions Server 2024.1.10.0 and earlier allows an authenticated user with access to tEPSS 0.8%CVE-2025-26361CRITICALA CWE-306 "Missing Authentication for Critical Function" in maxprofile/setup/routes.lua in Q-Free MaxTime less than or equal to version 2.11EPSS 0.8%CVE-2025-0456CRITICALNetVision Information airPASS - Missing AuthenticationEPSS 0.8%CVE-2025-9971CRITICALPlanet Technology|Industrial Cellular Gateway - Missing AuthenticationEPSS 0.8%CVE-2024-8196CRITICALMissing Authentication for Critical Function in mintplex-labs/anything-llmEPSS 0.8%CVE-2025-1907CRITICALInstantel Micromate Missing Authentication for Critical FunctionEPSS 0.8%CVE-2011-4190MEDIUMMissing verification of host key for kdump serverEPSS 0.8%CVE-2022-1368CRITICALCognex 3D-A1000 Dimensioning System Missing Authentication for Critical FunctionEPSS 0.8%CVE-2022-22809A CWE-306: Missing Authentication for Critical Function vulnerability exists that could allow modifications of the touch configurations in aEPSS 0.8%CVE-2024-5951HIGHDeep Sea Electronics DSE855 Factory Reset Missing Authentication Denial-of-Service VulnerabilityEPSS 0.8%