Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-306

CWE-306

High likelihood

Missing Authentication for Critical Function

Parent: CWE-287 - Improper Authentication

The product does not perform any authentication for functionality that requires a provable user identity or consumes a significant amount of resources.

2,428 vulnerabilities with CWE-306

CVE-2025-2344 MEDIUM

IROAD Dash Cam X5-X6 <20250308 - Auth Bypass

CVE-2025-23194 MEDIUM

SAP NetWeaver Enterprise Portal OBN - Info Disclosure

CVE-2025-27256 HIGH

GE Vernova Enervista UR Setup - Auth Bypass

CVE-2025-1315 CRITICAL

Sfwebservice Injob < 3.5.1 - Missing Authentication

CVE-2025-27647 CRITICAL

Vasion Print < 20.0.2253 and Virtual Appliance < 22.0.913 - Unauthenticated Partial Admin User Addition

CVE-2025-27642 CRITICAL

Vasion Print < 20.0.2368 and Virtual Appliance < 22.0.933 - Unauthenticated Driver Package Editing

CVE-2025-24924 CRITICAL

GMOD Apollo < 2.8.0 - Unauthenticated Access to Administrative Functionality

CVE-2025-0159 CRITICAL

IBM Storage Virtualize Unauthenticated Authentication Bypass via RPCAdapter Endpoint

CVE-2025-1717 HIGH

Login Me Now < 1.7.2 - Unauthenticated Authentication Bypass via Arbitrary Transient Name

CVE-2025-21355 HIGH

Microsoft Bing - Unauthenticated Remote Code Execution

CVE-2025-25224 HIGH

LuxCal Web Calendar <5.3.3 - Info Disclosure

CVE-2025-24865 CRITICAL

mySCADA myPRO Manager - Info Disclosure

CVE-2025-1283 CRITICAL

Dingtian DT-R0 Series - Auth Bypass

CVE-2025-0896 CRITICAL

Orthanc < 1.5.8 - Unauthenticated Remote Access

CVE-2025-0108 CRITICAL KEV

Palo Alto Networks PAN-OS - Auth Bypass

CVE-2025-26366 HIGH

Q-Free MaxTime <= 2.11.0 - Unauthenticated Front Panel Authentication Bypass via Crafted HTTP Requests

CVE-2025-26365 HIGH

Q-Free MaxTime <= 2.11.0 - Unauthenticated Front Panel Authentication Bypass via Crafted HTTP Requests

CVE-2025-26364 HIGH

Q-Free MaxTime <= 2.11.0 - Unauthenticated Authentication Profile Disabling via HTTP Requests

CVE-2025-26363 HIGH

Q-Free MaxTime <= 2.11.0 - Unauthenticated Authentication Profile Server Enablement via HTTP Request

CVE-2025-26362 HIGH

Q-Free MaxTime <= 2.11.0 - Unauthenticated Authentication Profile Server Modification via HTTP Request

CVE-2025-26361 CRITICAL

Q-Free MaxTime <= 2.11.0 - Unauthenticated Factory Reset via HTTP Request

CVE-2025-26360 MEDIUM

Q-Free MaxTime <= 2.11.0 - Unauthenticated Dashboard Deletion via Crafted HTTP Requests

CVE-2025-26359 CRITICAL

Q-Free MaxTime <= 2.11.0 - Unauthenticated PIN Reset via HTTP Request

CVE-2025-26347 CRITICAL

Q-Free MaxTime <= 2.11.0 - Unauthenticated Permission Modification via HTTP Request

CVE-2025-26345 CRITICAL

Q-Free MaxTime <= 2.11.0 - Unauthenticated User Group Permission Modification via HTTP Request

Previous Page 35 of 98 Next

Details

Vulnerabilities 2,428

Exploit Likelihood High

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy