Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-306

CWE-306

High likelihood

Missing Authentication for Critical Function

Parent: CWE-287 - Improper Authentication

The product does not perform any authentication for functionality that requires a provable user identity or consumes a significant amount of resources.

2,428 vulnerabilities with CWE-306

CVE-2024-48791 HIGH

Plug n Play Camera com.starvedia.mCamView.zwave <5.5.1 - Info Discl...

CVE-2024-9137 CRITICAL

Moxa EDR-8010 Series < 3.12.1 - Unauthenticated Missing Authentication for Critical Function

CVE-2024-48777 HIGH

LEDVANCE Smartplus EU <2.1.10 - Info Disclosure

CVE-2024-48776 HIGH

Shelly com.home.shelly <1.0.4 - Info Disclosure

CVE-2024-48775 HIGH

Plug n Play Camera com.ezset.delaney 1.2.0 - Info Disclosure

CVE-2024-48774 HIGH

Fermax Asia Pacific Pte Ltd com.fermax.vida <2.4.6 - Info Disclosure

CVE-2024-48773 HIGH

WoFit 7.2.3 - Sensitive Information Exposure via Firmware Update Process

CVE-2024-48771 HIGH

Almando Play APP <1.8.2 - Info Disclosure

CVE-2024-48768 HIGH

appinventor.ai_google.almando_control <2.3.1 - Info Disclosure

CVE-2024-8530 MEDIUM

Missing Authentication - Info Disclosure

CVE-2024-9164 CRITICAL

GitLab 12.5.0-17.2.8, 17.3.0-17.3.4, 17.4.0-17.4.1 - Unauthenticated Pipeline Execution on Arbitrary Branches

CVE-2024-9522 HIGH

WP Users Masquerade <= 2.0.0 - Authenticated Authentication Bypass via ajax_masq_login Function

CVE-2024-43488 HIGH

Visual Studio Code Arduino Extension - Unauthenticated Remote Code Execution

CVE-2024-8943 CRITICAL

LatePoint Plugin <= 5.0.12 - Unauthenticated Authentication Bypass via User ID

CVE-2024-47555 HIGH

User & System Configuration - Info Disclosure

CVE-2024-41988 CRITICAL

TEM Opera Plus FM Family Transmitter - RCE

CVE-2024-35294 MEDIUM

Device Traffic Capture - Info Disclosure

CVE-2024-35293 CRITICAL

Unknown Device - Unauthenticated RCE

CVE-2024-9289 CRITICAL

WordPress WooCommerce Affiliate Program <= 8.4.1 - Authentication Bypass

CVE-2024-42017 CRITICAL

Atos Eviden iCare <2.7.11 - Privilege Escalation

CVE-2024-46293 CRITICAL

Sourcecodester Online Medicine Ordering System 1.0 - Unauthenticated Incorrect Access Control

CVE-2024-8456 CRITICAL

PLANET Technology - Unauthenticated RCE

CVE-2024-39364 MEDIUM

Advantech ADAM-5630 - Command Injection

CVE-2024-8310 CRITICAL

OPW Fuel Management Systems SiteSentinel - Auth Bypass

CVE-2024-6981 CRITICAL

OMNTEC Proteus Tank Monitoring OEL8000III Series - Auth Bypass

Previous Page 42 of 98 Next

Details

Vulnerabilities 2,428

Exploit Likelihood High

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy