Falhas do tipo CWE-306

1.704 resultados

CVE-2022-36983HIGHThis vulnerability allows remote attackers to bypass authentication on affected installations of Ivanti Avalanche. Authentication is not reqEPSS 4.7%CVE-2024-27890HIGHOn affected platforms running Arista EOS with OpenConfig configured, a gNMI Set request can be run when it should have been rejected (No SSL Profiles Enabled).EPSS 4.4%CVE-2025-71257MEDIUMBMC FootPrints ITSM 20.20.02 <= 20.24.01.001 Authentication BypassEPSS 4.4%CVE-2018-17924HIGHRockwell Automation MicroLogix 1400 Controllers and 1756 ControlLogix Communications Modules An unauthenticated, remote threat actor could sEPSS 4.3%CVE-2022-26501CRITICALVeeam Backup & Replication 10.x and 11.x has Incorrect Access Control (issue 1 of 2).EPSS 4.3%KEV CVE-2025-34103CRITICALWePresent WiPG-1000 Unauthenticated Command Injection in via rdfs.cgiEPSS 4.2%CVE-2018-1164—This vulnerability allows remote attackers to cause a denial-of-service condition on vulnerable installations of ZyXEL P-870H-51 DSL Router EPSS 4.2%CVE-2024-3661HIGHDHCP routing options can manipulate interface-based VPN trafficEPSS 4.1%CVE-2026-0545CRITICALMissing Authentication for Critical Function in mlflow/mlflowEPSS 4.0%CVE-2022-25247CRITICALPTC Axeda agent and Axeda Desktop Server Missing Authentication For Critical FunctionEPSS 3.9%CVE-2025-34073CRITICALstamparm/maltrail <=0.54 Remote Command ExecutionEPSS 3.9%CVE-2021-42783—Missing Authentication in debug_post_set.cgi in D-Link DWR-932C E1 Firmware 1.0.0.4EPSS 3.8%CVE-2016-6544—iTrack Easy's getgps data can be modified without authenticationEPSS 3.4%CVE-2021-20990HIGHFibaro Home Center Unauthenticated access to shutdown, reboot and reboot to recovery modeEPSS 3.4%CVE-2018-10603—Martem TELEM GW6 and GWM devices with firmware 2018.04.18-linux_4-01-601cb47 and prior do not perform authentication of IEC-104 control commEPSS 3.4%CVE-2018-4834CRITICALA vulnerability has been identified in Desigo PXC00-E.D V4.10 (All versions < V4.10.111), Desigo PXC00-E.D V5.00 (All versions < V5.0.171), EPSS 3.4%CVE-2014-125118CRITICALeScan 5.5-2 Web Management Console Command InjectionEPSS 3.3%CVE-2025-15517HIGHAuthorization Bypass in HTTP Server Endpoints on TP-Link Archer NX200, NX210, NX500 and NX600EPSS 3.1%CVE-2025-34101CRITICALServiio Media Server Unauthenticated Command Injection via checkStreamUrl VIDEO ParameterEPSS 3.1%CVE-2019-9201CRITICALMultiple Phoenix Contact devices allow remote attackers to establish TCP sessions to port 1962 and obtain sensitive information or make chanEPSS 3.1%

← anteriorpágina 8 / 86próxima →