Fallos del tipo CWE-306
1707 resultadosCVE-2025-34215CRITICALVasion Print (formerly PrinterLogic) Unauthenticated Firmware Update Endpoint RCEEPSS 1.1%CVE-2024-6592CRITICALWatchGuard Firebox Single Sign-On Agent Protocol Authorization BypassEPSS 1.0%CVE-2024-39273CRITICALA firmware update vulnerability exists in the fw_check.sh functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP requeEPSS 1.0%CVE-2023-33553CRITICALAn issue in Planet Technologies WDRT-1800AX v1.01-CP21 allows attackers to bypass authentication and escalate privileges to root via manipulEPSS 1.0%CVE-2023-37483CRITICALImproper Access Control Vulnerabilities in SAP PowerDesignerEPSS 1.0%CVE-2020-3333MEDIUMCisco Application Services Engine Software Unauthenticated Event Policies Update VulnerabilityEPSS 1.0%CVE-2025-59090CRITICALUnauthenticated SOAP API in dormakaba Kaba exos 9300EPSS 1.0%CVE-2025-32896MEDIUMApache SeaTunnel: Unauthenticated insecure accessEPSS 1.0%CVE-2019-13549—Rittal Chiller SK 3232-Series web interface as built upon Carel pCOWeb firmware A1.5.3 – B1.2.4. The authentication mechanism on affected syEPSS 1.0%CVE-2017-6873—A vulnerability was discovered in Siemens OZW672 (all versions) and OZW772 (all versions) that could allow an attacker to read and manipulatEPSS 1.0%CVE-2021-3589—An authorization flaw was found in Foreman Ansible. An authenticated attacker with certain permissions to create and run Ansible jobs can acEPSS 1.0%CVE-2020-14140HIGHWhen Xiaomi router firmware is updated in 2020, there is an unauthenticated API that can reveal WIFI password vulnerability. This vulnerabilEPSS 1.0%CVE-2025-26339CRITICALA CWE-306 "Missing Authentication for Critical Function" in maxtime/handleRoute.lua in Q-Free MaxTime less than or equal to version 2.11.0 aEPSS 1.0%CVE-2025-26341CRITICALA CWE-306 "Missing Authentication for Critical Function" in maxprofile/accounts/routes.lua in Q-Free MaxTime less than or equal to version 2EPSS 1.0%CVE-2025-26347CRITICALA CWE-306 "Missing Authentication for Critical Function" in maxprofile/menu/routes.lua in Q-Free MaxTime less than or equal to version 2.11.EPSS 1.0%CVE-2025-26342CRITICALA CWE-306 "Missing Authentication for Critical Function" in maxprofile/accounts/routes.lua in Q-Free MaxTime less than or equal to version 2EPSS 1.0%CVE-2025-26344CRITICALA CWE-306 "Missing Authentication for Critical Function" in maxprofile/guest-mode/routes.lua in Q-Free MaxTime less than or equal to versionEPSS 1.0%CVE-2025-26345CRITICALA CWE-306 "Missing Authentication for Critical Function" in maxprofile/menu/routes.lua in Q-Free MaxTime less than or equal to version 2.11.EPSS 1.0%CVE-2019-16004MEDIUMCisco Vision Dynamic Signage Director Authentication Bypass VulnerabilityEPSS 1.0%CVE-2024-28179CRITICALJupyter Server Proxy's Websocket Proxying does not require authenticationEPSS 1.0%