Fallos del tipo CWE-306

1718 resultados
CVE-2025-12108CRITICALMissing Authentication for Critical Function Survision License Plate Recognition CameraEPSS 0.4%CVE-2013-10046HIGHAgnitum Outpost Internet Security Local Privilege EscalationEPSS 0.4%CVE-2025-2567CRITICALLantronix Xport Missing Authentication for Critical FunctionEPSS 0.4%CVE-2022-50977HIGHMultiple Innomic VibroLine VLX and avibia AVLX allow unauthenticated configuration preset change via HTTPEPSS 0.4%CVE-2024-21183HIGHVulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core). Supported versions that are affected areEPSS 0.4%CVE-2024-40405HIGHIncorrect access control in Cybele Software Thinfinity Workspace before v7.0.3.109 allows attackers to gain access to a secondary broker viaEPSS 0.4%CVE-2024-40091MEDIUMVilo 5 Mesh WiFi System <= 5.16.1.33 lacks authentication in the Boa webserver, which allows remote, unauthenticated attackers to retrieve lEPSS 0.4%CVE-2024-10774HIGHSICK InspectorP61x and SICK InspectorP62x have unauthenticated CROWN APIsEPSS 0.4%CVE-2026-0650CRITICALOpenFlagr <= 1.1.18 Authentication Bypass via Prefix Whitelist Path NormalizationEPSS 0.4%CVE-2026-34279CRITICALVulnerability in the Oracle Enterprise Manager Base Platform product of Oracle Enterprise Manager (component: Event Management). Supported EPSS 0.4%CVE-2024-33622MEDIUMMissing authentication for critical function vulnerability exists in ID Link Manager and FUJITSU Software TIME CREATOR. If this vulnerabilitEPSS 0.4%CVE-2024-30391MEDIUMJunos OS: MX Series with SPC3, and SRX Series: When IPsec authentication is configured with "hmac-sha-384" and "hmac-sha-512" no authentication of traffic is performedEPSS 0.4%CVE-2026-58446MEDIUMPresenton < 0.8.8-beta - Authentication Bypass of Session Auth via Unprotected MCP EndpointEPSS 0.4%CVE-2021-47731CRITICALSelea Targa IP Camera Developer Backdoor Configuration OverwriteEPSS 0.4%CVE-2026-9371MEDIUMItzCrazyKns Vane API route.ts missing authenticationEPSS 0.4%CVE-2023-27983MEDIUMA CWE-306: Missing Authentication for Critical Function vulnerability exists in the Data Server TCP interface that could allow deletion of rEPSS 0.4%CVE-2026-35276HIGHVulnerability in the PeopleSoft Enterprise PT PeopleTools product of Oracle PeopleSoft (component: Application Server). Supported versions EPSS 0.4%CVE-2026-28766CRITICALGardyn Cloud API Missing Authentication for Critical FunctionEPSS 0.4%CVE-2026-0647HIGHRockwell Automation FLEX I/O Dual-port EtherNet/IP Adapters – Multiple VulnerabilitiesEPSS 0.4%CVE-2024-7015HIGHImproper Authentication in Profelis Informatics and Consulting's PassBOXEPSS 0.4%