Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-306

CWE-306

High likelihood

Missing Authentication for Critical Function

Parent: CWE-287 - Improper Authentication

The product does not perform any authentication for functionality that requires a provable user identity or consumes a significant amount of resources.

2,430 vulnerabilities with CWE-306

CVE-2024-1573 MEDIUM

Mitsubishi Electric GENESIS64 <10.97.2 - Auth Bypass

CVE-2024-31916 HIGH

IBM OpenBMC FW1050.00-FW1050.10 - Info Disclosure

CVE-2024-0949 CRITICAL

Talya Informatics Elektraweb <17.0.68 - Auth Bypass

CVE-2024-33622 MEDIUM

ID Link Manager/FUJITSU Software TIME CREATOR - Info Disclosure

CVE-2024-37368 HIGH

Rockwell Automation FactoryTalk View SE 11.0-13.0 - Unauthenticated HMI Project Access

CVE-2024-27169 HIGH

Toshiba Tec e-Studio multi-function peripheral (MFP) - Missing Authentication for Critical Function

CVE-2024-5952 MEDIUM

Deep Sea Electronics DSE855 - Unauthenticated Denial-of-Service via Web-Based UI

CVE-2024-5951 MEDIUM

Deep Sea Electronics DSE855 - Unauthenticated Denial of Service via Factory Reset

CVE-2024-5947 MEDIUM

Deep Sea Electronics DSE855 Firmware - Unauthenticated Information Disclosure via Configuration Backup

CVE-2024-38279 MEDIUM

Motorola Vigilant Fixed LPR COMS Box Firmware <= 3.1.171.9 - Authentication Bypass

CVE-2024-2013 CRITICAL

HitachiEnergy FOXMAN-UN/UNEM - Unauthenticated Authentication Bypass in API Gateway

CVE-2024-32752 CRITICAL

Johnson Controls iSTAR Configuration Utility (ICU) - Unauthenticated Access to iSTAR Door Controllers

CVE-2024-22326 MEDIUM

IBM System Storage DS8900F - Auth Bypass

CVE-2024-37152 MEDIUM

Argo CD 2.9.3-2.9.16 - Unauthenticated Sensitive Settings Exposure via /api/v1/settings Endpoint

CVE-2024-1662 HIGH

PORTY PowerBank < 2.02 - Unauthenticated Sensitive Data Exposure

CVE-2024-31684 LOW

Bitdefender Mobile Security <4.11.3 - Auth Bypass

CVE-2024-4332 CRITICAL

Tripwire Enterprise 9.1.0 - Auth Bypass

CVE-2024-0336 CRITICAL

EMTA Grup PDKS <20240603 - Info Disclosure

CVE-2024-36388 CRITICAL

MileSight DeviceHub - Info Disclosure

CVE-2024-36470 HIGH

JetBrains TeamCity <2022.04.7,2022.10.6,2023.05.6,2023.11.5 - Auth ...

CVE-2024-35342 MEDIUM

Anpviz Multiple IPC & YM Series - Unauthenticated Critical Function Access

CVE-2024-5143 MEDIUM

HP HP Printer Firmware <= 002_2413A - SMTP Credential Exposure

CVE-2024-20391 MEDIUM

Cisco Secure Client - Privilege Escalation

CVE-2024-27942 HIGH

RUGGEDCOM CROSSBOW < 5.5 - Unauthenticated Denial of Service via User Disconnection

CVE-2024-32735 CRITICAL

CyberPower PowerPanel < 2.8.3 - Unauthenticated PDNU REST API Access

Previous Page 45 of 98 Next

Details

Vulnerabilities 2,430

Exploit Likelihood High

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy