Weaknesses of type CWE-306

1,720 results
CVE-2025-66377HIGHPexip Infinity before 39.0 has Missing Authentication for a Critical Function in a product-internal API, allowing an attacker (who already hEPSS 0.2%CVE-2026-54317HIGHHome Assistant: Konnected alarm-panel switch state and zone topology disclosed to unauthenticated actors on the LANEPSS 0.2%CVE-2025-13870LOWUnauthorized access and subscription vulnerability in BoardsEPSS 0.2%CVE-2025-58318MEDIUMDIAView - Authentication Bypass VulnerabilityEPSS 0.2%CVE-2024-54013HIGHAuthentication BypassEPSS 0.2%CVE-2023-32460HIGH Dell PowerEdge BIOS contains an improper privilege management security vulnerability. An unauthenticated local attacker could potentially eEPSS 0.2%CVE-2026-8706MEDIUMSensitive user data could be leaked to other applications through Reader modeEPSS 0.2%CVE-2026-26027HIGHGLPI has an Unauthenticated Stored XSS via inventoryEPSS 0.2%CVE-2018-25224HIGHPMS 0.42 Stack-Based Buffer Overflow via Configuration FileEPSS 0.2%CVE-2025-9214MEDIUMA missing authentication vulnerability was reported in some Lenovo printers that could allow a user to view limited device information or moEPSS 0.2%CVE-2025-44004HIGHUnauthenticated Channel Subscription Creation in Mattermost Confluence PluginEPSS 0.2%CVE-2021-26264MEDIUMEmerson DeltaV Missing Authentication for Critical FunctionEPSS 0.2%CVE-2018-25259HIGHTerminal Services Manager 3.1 Buffer Overflow SEHEPSS 0.2%CVE-2025-9160HIGHRockwell Automation CompactLogix® 5480 Code Execution VulnerabilityEPSS 0.2%CVE-2024-35342MEDIUMCertain Anpviz products allow unauthenticated users to modify or disable camera related settings such as microphone volume, speaker volume, EPSS 0.2%CVE-2020-12491MEDIUMFramework Information Disclosure VulnerabilityEPSS 0.2%CVE-2025-66445HIGHAuthorization bypass vulnerability in Hitachi Infrastructure Analytics Advisor and Hitachi Ops Center AnalyzerEPSS 0.2%CVE-2024-35295MEDIUMA vulnerability has been identified in Perfect Harmony GH180 (All versions >= V8.0 < V8.3.3 with NXGPro+ controller manufactured between AprEPSS 0.2%CVE-2026-32231HIGHZeptoClaw: Generic webhook channel trusts caller-supplied identity fields; allowlist is checked against untrusted payload dataEPSS 0.2%CVE-2025-60251MEDIUMUnitree Go2, G1, H1, and B2 devices through 2025-09-20 accept any handshake secret with the unitree substring.EPSS 0.2%