Fallos del tipo CWE-306
1708 resultadosCVE-2023-23444HIGHMissing Authentication for Critical Function in SICK Flexi Classic and Flexi Soft Gateways with Partnumbers 1042193, 1042964, 1044078, 10440EPSS 1.2%CVE-2025-12548CRITICALGithub.com/che-incubator/che-code: eclipse che — unauthenticated rce and secret exfiltration via tcp/3333EPSS 1.2%CVE-2025-6763CRITICALComet System H3531 Web-based Management setupA.cfg missing authenticationEPSS 1.2%CVE-2022-20858CRITICALCisco Nexus Dashboard Unauthorized Access VulnerabilitiesEPSS 1.2%CVE-2023-49693CRITICALNETGEAR ProSAFE Network Management System RCE via Unprotected Access to Java Debug Wire ProtocolEPSS 1.2%CVE-2020-3376HIGHCisco Data Center Network Manager Authentication Bypass VulnerabilityEPSS 1.2%CVE-2025-34223CRITICALVasion Print (formerly PrinterLogic) Insecure Installation CredentialsEPSS 1.2%CVE-2025-34130HIGHLILIN DVR Arbitrary File Read via net_html.cgiEPSS 1.1%CVE-2026-45087CRITICALDalfox: Unauthenticated Remote Code Execution via `found-action` in Dalfox Server ModeEPSS 1.1%CVE-2026-11429CRITICALPath Traversal in Altium Vault ScriptsController Allows Unauthenticated Remote Code ExecutionEPSS 1.1%CVE-2022-33138—A vulnerability has been identified in SIMATIC MV540 H (All versions < V3.3), SIMATIC MV540 S (All versions < V3.3), SIMATIC MV550 H (All veEPSS 1.1%CVE-2022-25922MEDIUMICSA-22-063-01 Missing Authentication for Critical Function in Trailer Power Line Communications (PLC) J2497EPSS 1.1%CVE-2022-26026HIGHA denial of service vulnerability exists in the OAS Engine SecureConfigValues functionality of Open Automation Software OAS Platform V16.00.EPSS 1.1%CVE-2021-44222—A vulnerability has been identified in SIMATIC eaSie Core Package (All versions < V22.00). The underlying MQTT service of affected systems dEPSS 1.1%CVE-2022-39426HIGHVulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are PriorEPSS 1.1%CVE-2025-34116HIGHIPFire < 2.19 Core Update 101 proxy.cgi RCEEPSS 1.1%CVE-2018-14796—Tec4Data SmartCooler, all versions prior to firmware 180806, the device responds to a remote unauthenticated reboot command that may be usedEPSS 1.1%CVE-2020-10605—Grundfos CIM 500 before v06.16.00 responds to unauthenticated requests for password storage files.EPSS 1.1%CVE-2019-18230—Honeywell equIP and Performance series IP cameras, multiple versions, A vulnerability exists where the affected product allows unauthenticatEPSS 1.1%CVE-2024-43488HIGHVisual Studio Code extension for Arduino Remote Code Execution VulnerabilityEPSS 1.1%