Fallos del tipo CWE-306

1715 resultados
CVE-2023-34392HIGHMissing Authentication for Critical FunctionEPSS 0.5%CVE-2026-4272HIGHCVE-2026-4272 - Bluetooth Remote Execution of System Commands VulnerabilityEPSS 0.5%CVE-2025-65112CRITICALPubNet Critical Authentication Bypass Allows Unauthenticated Package Upload and Identity SpoofingEPSS 0.5%CVE-2026-46922HIGHVulnerability in the Oracle HR Intelligence product of Oracle E-Business Suite (component: Internal Operations). Supported versions that arEPSS 0.5%CVE-2024-48920CRITICALPutongOJ: unprivileged users can escalate privileges by constructing requestsEPSS 0.5%CVE-2025-70146CRITICALMissing authentication in multiple administrative action scripts under /admin/ in ProjectWorlds Online Time Table Generator 1.0 allows remotEPSS 0.5%CVE-2023-0116HIGHThe reminder module lacks an authentication mechanism for broadcasts received. Successful exploitation of this vulnerability may affect avaiEPSS 0.5%CVE-2023-24527MEDIUMImproper Access Control in SAP NetWeaver AS Java for Deploy ServiceEPSS 0.5%CVE-2025-10204HIGHUnauth Admin Reset Password on AC Smart IIEPSS 0.5%CVE-2021-36780HIGHUnauthorized data access from replicas through vulnerable instance manager podsEPSS 0.5%CVE-2023-5253MEDIUMCheck Point IoT integration: WebSocket returns assets data without authentication in Guardian/CMC before 23.3.0EPSS 0.5%CVE-2022-50978HIGHMultiple Innomic VibroLine VLX and avibia AVLX allow unauthenticated configuration preset change via Modbus (TCP)EPSS 0.4%CVE-2025-70147HIGHMissing authentication in /admin/student.php and /admin/teacher.php in ProjectWorlds Online Time Table Generator 1.0 allows remote attackersEPSS 0.4%CVE-2024-43798HIGHChisel AUTH environment variable not respected in server entrypointEPSS 0.4%CVE-2026-4312CRITICALDrangSoft|GCB/FCB Audit Software - Missing AuthenticationEPSS 0.4%CVE-2025-26360MEDIUMA CWE-306 "Missing Authentication for Critical Function" in maxprofile/persistance/routes.lua in Q-Free MaxTime less than or equal to versioEPSS 0.4%CVE-2026-27595CRITICALParse Dashboard has incomplete authentication on AI Agent endpointEPSS 0.4%CVE-2026-2234CRITICALHGiga|C&Cm@il - Missing AuthenticationEPSS 0.4%CVE-2026-24790HIGHWelker OdorEyes EcoSystem Pulse Bypass System with XL4 Controller Missing Authentication for Critical FunctionEPSS 0.4%CVE-2026-24068HIGHMissing XPC Client & NSXPC endpoint validation leads to privilege escalation in Vienna Assistant (MacOS) - Vienna Symphonic LibraryEPSS 0.4%