Falhas do tipo CWE-306
1.714 resultadosCVE-2026-2754HIGHNavtor NavBox exposes sensitive configuration and operational data due to missing authentication on HTTP API endpoints. An unauthenticated rEPSS 0.5%CVE-2022-32503HIGHAn issue was discovered on certain Nuki Home Solutions devices. An attacker with physical access to this JTAG port may be able to connect toEPSS 0.5%CVE-2024-9137HIGHMoxa Service Missing Authentication for Critical FunctionEPSS 0.5%CVE-2024-12757HIGHNedap Librix Ecoreader Missing Authentication for Critical FunctionEPSS 0.5%CVE-2026-32296HIGHSipeed NanoKVM unauthenticated Wi-Fi configuration endpointEPSS 0.5%CVE-2024-48774HIGHAn issue in Fermax Asia Pacific Pte Ltd com.fermax.vida 2.4.6 allows a remote attacker to obtain sensitve information via the firmware updatEPSS 0.5%CVE-2025-3461CRITICALON Semiconductor Quantenna Telnet Missing AuthenticationEPSS 0.5%CVE-2023-51062MEDIUMAn unauthenticated log file read in the component log-smblog-save of QStar Archive Solutions RELEASE_3-0 Build 7 Patch 0 allows attackers toEPSS 0.5%CVE-2022-31701MEDIUMVMware Workspace ONE Access and Identity Manager contain a broken authentication vulnerability. VMware has evaluated the severity of this isEPSS 0.5%CVE-2025-29870HIGHMissing authentication for critical function vulnerability exists in Wi-Fi AP UNIT 'AC-WPS-11ac series'. If exploited, a remote unauthenticaEPSS 0.5%CVE-2023-25013HIGHAn issue was discovered in the femanager extension before 5.5.3, 6.x before 6.3.4, and 7.x before 7.1.0 for TYPO3. Missing access checks in EPSS 0.5%CVE-2024-3281HIGHA vulnerability was discovered in the firmware builds after 8.0.2.3267 and prior to 8.1.3.1301 in CCX devices. A flaw in the firmware build EPSS 0.5%CVE-2025-34039CRITICALYonyou NC BeanShell Command InjectionEPSS 0.5%CVE-2024-47902MEDIUMA vulnerability has been identified in InterMesh 7177 Hybrid 2.0 Subscriber (All versions < V8.2.12), InterMesh 7707 Fire Subscriber (All veEPSS 0.5%CVE-2025-7114MEDIUMSimStudioAI sim Session route.ts POST missing authenticationEPSS 0.5%CVE-2026-49257CRITICALmcp-pinot: Unauthenticated tool invocation via default oauth_enabled=False + host 0.0.0.0 bindEPSS 0.5%CVE-2026-6376HIGHMissing authentication for critical function in SpiceJet Online Booking SystemEPSS 0.5%CVE-2026-33203HIGHSiYuan has an Unauthenticated WebSocket DoS via Auth Keepalive BypassEPSS 0.5%CVE-2025-34230MEDIUMVasion Print (formerly PrinterLogic) Blind SSRF via HP log_off_single_sign_on.phpEPSS 0.5%CVE-2025-34229MEDIUMVasion Print (formerly PrinterLogic) Blind SSRF via HP installApp.phpEPSS 0.5%