Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-306

CWE-306

High likelihood

Missing Authentication for Critical Function

Parent: CWE-287 - Improper Authentication

The product does not perform any authentication for functionality that requires a provable user identity or consumes a significant amount of resources.

2,428 vulnerabilities with CWE-306

CVE-2024-47865 MEDIUM

Rakuten Turbo 5G <= V1.3.18 - Unauthenticated Firmware Update

CVE-2024-0012 CRITICAL KEV

Palo Alto Networks PAN-OS 10.2 11.0 11.1 11.2 - Unauthenticated Authentication Bypass

CVE-2024-41969 HIGH

WAGO CC100, PFC100 G2, PFC200 G2, TP600, Edge Controller < 4.5.10 (FW27) - Missing Authentication

CVE-2024-41968 MEDIUM

WAGO CC100, PFC100 G2, PFC200 G2, TP600, Edge Controller < 4.5.10 (FW27) - DoS via Docker Settings

CVE-2024-41967 HIGH

Device <unknown> - Privilege Escalation

CVE-2024-10924 CRITICAL

WordPress Really Simple SSL Plugin Authentication Bypass to RCE

CVE-2024-48966 CRITICAL

Baxter Life2000 Ventilation System < 06.08.00.00 - Unauthenticated Info Disclosure & Settings Manipulation

CVE-2024-39707 MEDIUM

Insyde IHISI - Privilege Escalation

CVE-2024-40408 HIGH

Cybele Software Thinfinity Workspace <7.0.2.113 - Privilege Escalation

CVE-2024-40405 HIGH

Cybele Software Thinfinity Workspace <7.0.3.109 - Privilege Escalation

CVE-2024-40404 CRITICAL

Cybele Software Thinfinity Workspace <7.0.2.113 - Privilege Escala...

CVE-2024-47574 HIGH

Fortinet FortiClientWindows <7.4.0 - Privilege Escalation

CVE-2024-7516 HIGH

Brocade Fabric OS < 9.2.2 - Unauthenticated Service Session Hijacking via SSH Key Forgery

CVE-2024-26011 MEDIUM

Fortinet Fortios < 7.0.15 - Missing Authentication

CVE-2024-8074 CRITICAL

Nomysoft Informatics Nomysem <13.10.2024 - Info Disclosure

CVE-2024-10284 CRITICAL

CE21 Suite plugin <2.2.0 - Auth Bypass

CVE-2024-50589 HIGH

HASOMED Elefant < 24.04.00 - Unauthenticated Sensitive Data Exposure via FHIR API

CVE-2024-48953 HIGH

Logpoint SIEM < 7.5.0 - Unauthenticated Authentication Bypass via Third-Party Module Endpoints

CVE-2024-48952 MEDIUM

Logpoint SOAR < 7.5.0 - Unauthenticated API Access via Static JWT Key

CVE-2024-48950 HIGH

Logpoint SIEM < 7.5.0 - Unauthenticated Authentication Bypass via Distributed Setup Endpoint

CVE-2024-51493 MEDIUM

OctoPrint <= 1.10.2 - Unverified Password Change via Stolen API Key

CVE-2024-51362 MEDIUM

LSC Smart Connect Indoor IP Camera V7.6.32 - Info Disclosure

CVE-2024-9430 MEDIUM

Get Quote For Woocommerce <1.0.0 - Info Disclosure

CVE-2024-51567 CRITICAL KEV

CyberPanel Multi CVE Pre-auth RCE

CVE-2024-50488 HIGH

Token Login <= 1.0.3 - Authentication Bypass

Previous Page 40 of 98 Next

Details

Vulnerabilities 2,428

Exploit Likelihood High

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy