Weaknesses of type CWE-306
1,719 resultsCVE-2024-4332CRITICALImproper Authentication in Tripwire Enterprise 9.1.0 APIsEPSS 0.6%CVE-2026-25593HIGHOpenClaw Affected by Unauthenticated Local RCE via WebSocket config.applyEPSS 0.6%CVE-2022-34908HIGHAn issue was discovered in the A4N (Aremis 4 Nomad) application 1.5.0 for Android. It possesses an authentication mechanism; however, some fEPSS 0.6%CVE-2026-26288CRITICALEveron api.everon.io Missing Authentication for Critical FunctionEPSS 0.6%CVE-2022-50593CRITICALAdvantech iView < v5.7.04 Build 6425 search_term Parameter SQL Injection RCEEPSS 0.6%CVE-2025-9983HIGHLack of Authentication for RTSP streamEPSS 0.6%CVE-2023-21979HIGHVulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core). Supported versions that are affected areEPSS 0.6%CVE-2023-5716CRITICALASUS Armoury Crate - Arbitrary File WriteEPSS 0.6%CVE-2025-34069CRITICALGFI Kerio Control GFIAgent Authentication Bypass via Proxy ForwardingEPSS 0.6%CVE-2025-68715CRITICALAn issue was discovered in Panda Wireless PWRU0 devices with firmware 2.2.9 that exposes multiple HTTP endpoints (/goform/setWan, /goform/seEPSS 0.6%CVE-2025-63389CRITICALA critical authentication bypass vulnerability exists in Ollama platform's API endpoints in versions prior to and including v0.12.3. The plaEPSS 0.6%CVE-2025-58083CRITICALGeneral Industrial Controls Lynx+ Gateway Missing Authentication for Critical FunctionEPSS 0.6%CVE-2026-10243MEDIUMcode-projects Smart Parking System Admin Endpoint missing authenticationEPSS 0.6%CVE-2023-28470MEDIUMIn Couchbase Server 5 through 7 before 7.1.4, the nsstats endpoint is accessible without authentication.EPSS 0.6%CVE-2025-1701HIGHLocal Privilege Escalation in MIM Admin ServiceEPSS 0.6%CVE-2025-12003HIGHA path traversal vulnerability has been identified in WebDAV, which may allow unauthenticated remote attackers to impact the integrity of thEPSS 0.6%CVE-2021-32709MEDIUMCreation of order credits was not validated by acl in admin ordersEPSS 0.6%CVE-2025-7897MEDIUMharry0703 MoneyPrinterTurbo API Endpoint base.py verify_token missing authenticationEPSS 0.6%CVE-2025-53938MEDIUMWeGIA vulnerable to Authentication Bypass due to Missing Session Validation in multiple endpointsEPSS 0.6%CVE-2022-45433LOWSome Dahua software products have a vulnerability of unauthenticated traceroute host from remote DSS Server. After bypassing the firewall acEPSS 0.6%