Falhas do tipo CWE-306

1.718 resultados
CVE-2025-54848HIGHA denial of service vulnerability exists in the Modbus TCP and Modbus RTU over TCP functionality of Socomec DIRIS Digiware M-70 1.6.9. A speEPSS 0.4%CVE-2026-25878MEDIUMFroshAdminer Adminer UI is accessible without admin sessionEPSS 0.4%CVE-2024-43272MEDIUMWordPress Icegram Engage plugin <= 3.1.24 - Unauthenticated Unpublished Campaign Viewer vulnerabilityEPSS 0.4%CVE-2026-46919CRITICALVulnerability in the Siebel CRM Cloud Applications product of Oracle Siebel CRM (component: Siebel Cloud Manager). Supported versions that EPSS 0.4%CVE-2026-7113MEDIUMNousResearch hermes-agent Webhooks Endpoint webhook.py missing authenticationEPSS 0.4%CVE-2025-14349HIGHBusiness Logic Error in Universal Software's FlexCity/KioskEPSS 0.4%CVE-2025-41716MEDIUMUnauthenticated User Enumeration via Missing AuthenticationEPSS 0.4%CVE-2026-34200HIGHNhost CLI MCP Server: Missing Inbound Authentication on Explicitly Bound Network PortEPSS 0.4%CVE-2025-59345HIGHDragonfly did not enable authentication for some Manager’s endpointsEPSS 0.4%CVE-2024-7079MEDIUMOpenshift-console: unauthenticated installation of helm chartsEPSS 0.4%CVE-2023-30612MEDIUMMalicious HTTP requests could close arbitrary opening file descriptors in cloud-hypervisorEPSS 0.4%CVE-2026-0842MEDIUMFlycatcher Toys smART Sketcher Bluetooth Low Energy missing authenticationEPSS 0.4%CVE-2025-54864MEDIUMHydra missing authentication when triggering evaluations through GitHub and Gitea pluginsEPSS 0.4%CVE-2026-50287HIGHMissing Authentication for Critical Function in @agenticmail/mcpEPSS 0.4%CVE-2018-25241HIGHVPN Browser+ 1.1.0.0 Denial of ServiceEPSS 0.4%CVE-2026-27449HIGHUmbraco.Engage.Forms Allows Unauthorized Access to Multiple API EndpointsEPSS 0.4%CVE-2016-15045HIGHDeepin lastore-daemon Privilege Escalation via Unsigned .deb InstallationEPSS 0.4%CVE-2024-3774MEDIUMaEnrich Technology a+HRD - Exposure of Sensitive DataEPSS 0.4%CVE-2018-25246HIGHWikipedia 12.0 Denial of Service via SearchEPSS 0.4%CVE-2025-43983CRITICALKuWFi CPF908-CP5 WEB5.0_LCD_20210125 devices have multiple unauthenticated access control vulnerabilities within goform/goform_set_cmd_proceEPSS 0.4%