Fallos del tipo CWE-306

1704 resultados
CVE-2019-3917The Alcatel Lucent I-240W-Q GPON ONT using firmware version 3FE54567BOZJ19 allows a remote, unauthenticated attacker to enable telnetd on thEPSS 2.4%CVE-2024-37152MEDIUMUnauthenticated Access to sensitive settings in Argo CDEPSS 2.3%CVE-2017-12733A Missing Authentication for Critical Function issue was discovered in OPW Fuel Management Systems SiteSentinel Integra 100, SiteSentinel InEPSS 2.3%CVE-2020-12017GE Grid Solutions Reason RT Clocks, RT430, RT431, and RT434, all firmware versions prior to 08A05. The device’s vulnerability in the web appEPSS 2.3%CVE-2025-34115HIGHOP5 Monitor <= 7.1.9 Authenticated Command Execution via command_test.phpEPSS 2.3%CVE-2025-34100CRITICALBuilderEngine 3.5.0 RCE via Unauthenticated Arbitrary File UploadEPSS 2.3%CVE-2021-39233Container-related datanode operations can be called without authorizationEPSS 2.3%CVE-2018-4853A vulnerability has been identified in SICLOCK TC100 (All versions) and SICLOCK TC400 (All versions). An attacker with network access to porEPSS 2.3%CVE-2026-39363HIGHVite Affected by Arbitrary File Read via Vite Dev Server WebSocketEPSS 2.3%CVE-2019-5163MEDIUMAn exploitable denial-of-service vulnerability exists in the UDPRelay functionality of Shadowsocks-libev 3.3.2. When utilizing a Stream CiphEPSS 2.3%CVE-2019-1895CRITICALCisco Enterprise NFV Infrastructure Software VNC Authentication Bypass VulnerabilityEPSS 2.3%CVE-2022-45378CRITICALApache SOAP allows unauthenticated users to potentially invoke arbitrary codeEPSS 2.3%CVE-2021-1393CRITICALCisco Application Services Engine Unauthorized Access VulnerabilitiesEPSS 2.3%CVE-2019-1631MEDIUMCisco Integrated Management Controller Information Disclosure VulnerabilityEPSS 2.2%CVE-2022-45477CRITICALTelepad allows remote unauthenticated users to send instructions to the server to execute arbitrary code without any previous authorization EPSS 2.2%CVE-2020-6769CRITICALMissing Authentication for Critical Function in Bosch Video Streaming GatewayEPSS 2.2%CVE-2026-2624CRITICALAuthentication Bypass in ePati's Antikor NGFWEPSS 2.2%CVE-2018-0181HIGHCisco Policy Suite for Mobile and Cisco Policy Suite Diameter Routing Agent Software Redis Server Unauthenticated Access VulnerabilityEPSS 2.2%CVE-2020-3531CRITICALCisco IoT Field Network Director Unauthenticated REST API VulnerabilityEPSS 2.2%CVE-2020-7540A CWE-306: Missing Authentication for Critical Function vulnerability exists in the Web Server on Modicon M340, Legacy Offers Modicon QuantuEPSS 2.1%