Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-306

CWE-306

High likelihood

Missing Authentication for Critical Function

Parent: CWE-287 - Improper Authentication

The product does not perform any authentication for functionality that requires a provable user identity or consumes a significant amount of resources.

2,428 vulnerabilities with CWE-306

CVE-2024-10205 CRITICAL

Hitachi Ops Center Analyzer <11.0.3.00 - Auth Bypass

CVE-2024-11639 CRITICAL

Ivanti Cloud Services Appliance < 5.0.3 - Unauthenticated Authentication Bypass in Admin Web Console

CVE-2024-10776 HIGH

SICK InspectorP61x and InspectorP62x < 5.0.0 - Unauthenticated Arbitrary Lua App Deployment via AppManager

CVE-2024-10774 HIGH

SICK InspectorP61x and InspectorP62x < 5.0.0 - Unauthenticated Critical Function Access via CROWN APIs

CVE-2024-54155 LOW

JetBrains YouTrack <2024.3.51866 - Info Disclosure

CVE-2024-54153 LOW

JetBrains YouTrack <2024.3.51866 - Info Disclosure

CVE-2024-42456 HIGH

Veeam Backup & Replication - Privilege Escalation

CVE-2024-42455 HIGH

Veeam Backup & Replication - Use After Free

CVE-2024-40717 HIGH

Veeam Backup & Replication 12.0.0.1402-12.3.0.310 - Remote Code Execution via Job Script Update

CVE-2024-37303 MEDIUM

Synapse < 1.106.0 - Unauthenticated Media Repository Cache Poisoning via Remote Media Download

CVE-2024-50381 HIGH

Snap One OVRC cloud - Privilege Escalation

CVE-2024-53623 HIGH

TP-Link ARCHER-C7 <5 - Info Disclosure

CVE-2024-53701 LOW

FCNT arrows N F-51C < V51R057C - Unauthenticated Security Feature Bypass via Direct Device Access

CVE-2024-11980 HIGH

Billion Electric Router - Info Disclosure

CVE-2024-49052 HIGH

Microsoft Azure PolicyWatch - Unauthenticated Privilege Escalation

CVE-2024-50375 CRITICAL

Advantech EKI-6333AC-2G/2GD/1GPO Firmware - Unauthenticated OS Command Injection via edgserver Service

CVE-2024-11680 CRITICAL KEV

ProjectSend < r1720 - Unauthenticated Configuration Modification via options.php

CVE-2024-33616 MEDIUM

Sharp and Toshiba Tec MFPs - Unauthenticated Admin Authentication Bypass

CVE-2024-47138 CRITICAL

mySCADA myPRO Manager < 1.3 and myPRO Runtime < 9.2.1 - Unauthenticated Administrative Interface Access

CVE-2024-5721 HIGH

Logsign Unified SecOps Platform 6.4.6-6.4.8 - Unauthenticated Remote Code Execution via Cluster HTTP API

CVE-2024-5718 HIGH

Logsign Unified SecOps Platform 6.4.6-6.4.7 - Unauthenticated Remote Code Execution via Cluster HTTP API

CVE-2024-38643 CRITICAL

Notes Station 3 3.9.0-3.9.6 - Unauthenticated Remote Function Execution

CVE-2024-21855 CRITICAL

GoCast 1.1.3 - Unauthenticated Remote Code Execution via HTTP API

CVE-2024-52438 HIGH

deco.Agency de:branding <1.0.2 - Privilege Escalation

CVE-2024-52437 HIGH

Banner System <1.0.0 - Privilege Escalation

Previous Page 39 of 98 Next

Details

Vulnerabilities 2,428

Exploit Likelihood High

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy