Fallos del tipo CWE-306
1722 resultadosCVE-2025-60251MEDIUMUnitree Go2, G1, H1, and B2 devices through 2025-09-20 accept any handshake secret with the unitree substring.EPSS 0.2%CVE-2023-25493MEDIUMA potential vulnerability was reported in the BIOS update tool driver for some Desktop, Smart Edge, Smart Office, and ThinkStation products EPSS 0.2%CVE-2025-40816HIGHA vulnerability has been identified in LOGO! 12/24RCE (6ED1052-1MD08-0BA2) (All versions), LOGO! 12/24RCEo (6ED1052-2MD08-0BA2) (All versionEPSS 0.2%CVE-2026-6348CRITICALSimopro Technology|WinMatrix - Missing AuthenticationEPSS 0.2%CVE-2026-44211CRITICALCline Kanban Server has a Cross-Origin WebSocket Hijacking VulnerabilityEPSS 0.2%CVE-2026-1264HIGHIBM Sterling B2B Integrator and IBM Sterling File Gateway Improper Access ControlsEPSS 0.2%CVE-2026-6673MEDIUMMattermost Jira plugin had unauthenticated {{/ac/installed}} lifecycle callback during pending Jira Cloud installEPSS 0.2%CVE-2024-55538MEDIUMSensitive information disclosure due to missing authentication. The following products are affected: Acronis True Image (macOS) before buildEPSS 0.2%CVE-2023-52949MEDIUMMissing authentication for critical function vulnerability in proxy settings functionality in Synology Active Backup for Business Agent befoEPSS 0.2%CVE-2025-62287MEDIUMVulnerability in the Oracle Life Sciences InForm product of Oracle Health Sciences Applications (component: Web Server). The supported verEPSS 0.2%CVE-2025-15515MEDIUMThe authentication mechanism for a specific feature in the EasyShare module contains a vulnerability. If specific conditions are met on a loEPSS 0.2%CVE-2026-42312MEDIUMpyload-ng: non-admin SETTINGS users can disable outbound TLS peer verificationEPSS 0.2%CVE-2023-4516HIGH
A CWE-306: Missing Authentication for Critical Function vulnerability exists in the IGSS Update
Service that could allow a local attacker tEPSS 0.2%CVE-2025-12941MEDIUMDenial of Service Vulnerability in NETGEAR C6220 and C6230EPSS 0.2%CVE-2026-13325HIGHVirt-handler-rhel9: kubevirt: kubevirt: disabletls migration setting removes authentication, exposing unauthenticated virtqemud proxy on all interfacesEPSS 0.2%CVE-2020-9062—Diebold Nixdorf ProCash 2100xe USB ATMs running Wincor Probase version 1.1.30 do not encrypt, authenticate, or verify the integrity of messaEPSS 0.2%CVE-2024-22449MEDIUM
Dell PowerScale OneFS versions 9.0.0.x through 9.6.0.x contains a missing authentication for critical function vulnerability. A low privileEPSS 0.2%CVE-2025-54158HIGHMissing authentication for critical function vulnerability in BeeDrive in Synology BeeDrive for desktop before 1.4.2-13960 allows local userEPSS 0.2%CVE-2026-11238MEDIUMInappropriate implementation in DevTools in Google Chrome prior to 149.0.7827.53 allowed an attacker who convinced a user to install a malicEPSS 0.2%CVE-2025-30040CRITICALMissing authentication in API returning request logs containing session IDsEPSS 0.2%