Falhas do tipo CWE-306
1.717 resultadosCVE-2025-2567CRITICALLantronix Xport Missing Authentication for Critical FunctionEPSS 0.4%CVE-2022-50977HIGHMultiple Innomic VibroLine VLX and avibia AVLX allow unauthenticated configuration preset change via HTTPEPSS 0.4%CVE-2024-21183HIGHVulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core). Supported versions that are affected areEPSS 0.4%CVE-2024-40405HIGHIncorrect access control in Cybele Software Thinfinity Workspace before v7.0.3.109 allows attackers to gain access to a secondary broker viaEPSS 0.4%CVE-2024-40091MEDIUMVilo 5 Mesh WiFi System <= 5.16.1.33 lacks authentication in the Boa webserver, which allows remote, unauthenticated attackers to retrieve lEPSS 0.4%CVE-2026-0650CRITICALOpenFlagr <= 1.1.18 Authentication Bypass via Prefix Whitelist Path NormalizationEPSS 0.4%CVE-2026-34279CRITICALVulnerability in the Oracle Enterprise Manager Base Platform product of Oracle Enterprise Manager (component: Event Management). Supported EPSS 0.4%CVE-2024-30391MEDIUMJunos OS: MX Series with SPC3, and SRX Series: When IPsec authentication is configured with "hmac-sha-384" and "hmac-sha-512" no authentication of traffic is performedEPSS 0.4%CVE-2024-33622MEDIUMMissing authentication for critical function vulnerability exists in ID Link Manager and FUJITSU Software TIME CREATOR. If this vulnerabilitEPSS 0.4%CVE-2026-9371MEDIUMItzCrazyKns Vane API route.ts missing authenticationEPSS 0.4%CVE-2023-27983MEDIUMA CWE-306: Missing Authentication for Critical Function vulnerability exists in the Data Server TCP interface that could allow deletion of rEPSS 0.4%CVE-2021-47731CRITICALSelea Targa IP Camera Developer Backdoor Configuration OverwriteEPSS 0.4%CVE-2026-35276HIGHVulnerability in the PeopleSoft Enterprise PT PeopleTools product of Oracle PeopleSoft (component: Application Server). Supported versions EPSS 0.4%CVE-2026-28766CRITICALGardyn Cloud API Missing Authentication for Critical FunctionEPSS 0.4%CVE-2024-7015HIGHImproper Authentication in Profelis Informatics and Consulting's PassBOXEPSS 0.4%CVE-2026-0647HIGHRockwell Automation FLEX I/O Dual-port EtherNet/IP Adapters – Multiple VulnerabilitiesEPSS 0.4%CVE-2018-25137HIGHFLIR Brickstream 3D+ 2.1.742.1842 Unauthenticated Config File DisclosureEPSS 0.4%CVE-2025-61777CRITICALFlagForge Allows Unauthenticated Badge Template API AccessEPSS 0.4%CVE-2026-6579MEDIUMliangliangyy DjangoBlog Clean Endpoint views.py missing authenticationEPSS 0.4%CVE-2026-6588MEDIUMserge-chat serge Model API Endpoint model.py delete_model missing authenticationEPSS 0.4%