Fallos del tipo CWE-306
1704 resultadosCVE-2025-59516HIGHWindows Storage VSP Driver Elevation of Privilege VulnerabilityEPSS 2.1%CVE-2025-34113HIGHTiki Wiki CMS Authenticated Command Injection in Calendar ModuleEPSS 2.1%CVE-2020-7389MEDIUMSage X3 Syracuse Missing Authentication for Critical Function in Developer EnvironmentEPSS 2.1%CVE-2017-3217—CalAmp LMU 3030 series OBD-II CDMA and GSM devices has an SMS (text message) interface that can be deployed where no password is configured for this interface by the integrator / resellerEPSS 2.0%CVE-2024-21855CRITICALA lack of authentication vulnerability exists in the HTTP API functionality of GoCast 1.1.3. A specially crafted HTTP request can lead to arEPSS 2.0%CVE-2023-2231CRITICALMAXTECH MAX-G866ac Remote Management missing authenticationEPSS 2.0%CVE-2025-34112CRITICALRiverbed SteelCentral NetProfiler / NetExpress 10.8.7 RCEEPSS 2.0%CVE-2019-18572HIGHThe RSA Identity Governance and Lifecycle and RSA Via Lifecycle and Governance products prior to 7.1.1 P03 contain an Improper AuthenticatioEPSS 2.0%CVE-2020-7589—A vulnerability has been identified in LOGO! 8 BM (incl. SIPLUS variants) (All versions). The vulnerability could lead to an attacker readinEPSS 2.0%CVE-2015-7559LOWIt was found that the Apache ActiveMQ client before 5.14.5 exposed a remote shutdown command in the ActiveMQConnection class. An attacker loEPSS 2.0%CVE-2014-9197—Schneider Electric ETG3000 FactoryCast HMI Gateway Missing Authentication for Critical FunctionEPSS 2.0%CVE-2014-125124CRITICALPandora FMS <= 5.0RC1 Anyterm Unauthenticated Command InjectionEPSS 1.8%CVE-2021-20198—A flaw was found in the OpenShift Installer before version v0.9.0-master.0.20210125200451-95101da940b0. During installation of OpenShift ConEPSS 1.8%CVE-2024-8321MEDIUMMissing authentication in Network Isolation of Ivanti EPM before 2022 SU6, or the 2024 September update allows a remote unauthenticated attaEPSS 1.8%CVE-2026-4810CRITICALRemote Code Execution in Google Agent Development Kit (ADK)EPSS 1.8%CVE-2018-4840—A vulnerability has been identified in DIGSI 4 (All versions < V4.92), EN100 Ethernet module DNP3 variant (All versions < V1.05.00), EN100 EEPSS 1.8%CVE-2022-25251CRITICALPTC Axeda agent and Axeda Desktop Server Missing Authentication For Critical FunctionEPSS 1.8%CVE-2023-46819MEDIUMApache OFBiz: Execution of Solr plugin queries without authenticationEPSS 1.8%CVE-2026-26235HIGHJUNG Smart Visu Server 1.1.1050 - 'JUNG Smart Visu Server' Missing AuthenticationEPSS 1.8%CVE-2019-1876MEDIUMCisco Wide Area Application Services Software HTTPS Proxy Authentication Bypass VulnerabilityEPSS 1.8%