Fallos del tipo CWE-306

1719 resultados
CVE-2026-7844MEDIUMchatchat-space Langchain-Chatchat Compatible File Service openai_routes.py delete_file missing authenticationEPSS 0.3%CVE-2025-3319HIGHIBM Spectrum Protect Server authentication bypassEPSS 0.3%CVE-2025-62619MEDIUMMissing authentication in the KVM key download endpoint could allow an unauthenticated attacker with knowledge of the exposed URL to retrievEPSS 0.3%CVE-2024-48950HIGHAn issue was discovered in Logpoint before 7.5.0. An endpoint used by Distributed Logpoint Setup was exposed, allowing unauthenticated attacEPSS 0.3%CVE-2026-8185MEDIUMUGREEN CM933 Administrative missing authenticationEPSS 0.3%CVE-2025-11728MEDIUMOceanpayment CreditCard Gateway <= 6.0 - Missing Authentication to Unauthenticated Order Status UpdateEPSS 0.3%CVE-2019-25568CRITICALMemu Play 6.0.7 Privilege Escalation via Insecure File PermissionsEPSS 0.3%CVE-2018-19636HIGHLocal root exploit via inclusion of attacker controlled shell scriptEPSS 0.3%CVE-2023-46096MEDIUMA vulnerability has been identified in SIMATIC PCS neo (All versions < V4.1). The PUD Manager of affected products does not properly authentEPSS 0.3%CVE-2025-25068HIGHBypassing MFA Enforcement on Plugin EndpointsEPSS 0.3%CVE-2024-48953HIGHAn issue was discovered in Logpoint before 7.5.0. Endpoints for creating, editing, or deleting third-party authentication modules lacked proEPSS 0.3%CVE-2025-12477CRITICALServer Version DisclosureEPSS 0.3%CVE-2026-4476MEDIUMYi Technology YI Home Camera CGI Endpoint ipc missing authenticationEPSS 0.3%CVE-2025-36757MEDIUMBypass of administrator login screen in SolaX CloudEPSS 0.3%CVE-2026-42303MEDIUMFides: Privacy Request Identity Verification Bypass Vulnerability via Duplicate DetectionEPSS 0.3%CVE-2025-47850MEDIUMIn JetBrains YouTrack before 2025.1.74704 restricted attachments could become visible after issue cloningEPSS 0.3%CVE-2025-12476CRITICALResource Lacking AuthNEPSS 0.3%CVE-2026-46966HIGHVulnerability in the Oracle Universal Work Queue product of Oracle E-Business Suite (component: Work Provider Site Level Administration). SEPSS 0.3%CVE-2026-46934HIGHVulnerability in the Oracle Complex Maintenance, Repair and Overhaul product of Oracle E-Business Suite (component: Internal Operations). SEPSS 0.3%CVE-2026-44327CRITICALfree5GC: NEF nnef-oam route group is unauthenticated; no-token requests reach the OAM handlerEPSS 0.3%