Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-306

CWE-306

High likelihood

Missing Authentication for Critical Function

Parent: CWE-287 - Improper Authentication

The product does not perform any authentication for functionality that requires a provable user identity or consumes a significant amount of resources.

2,430 vulnerabilities with CWE-306

CVE-2024-25618 MEDIUM

Mastodon < 3.5.18 - Account Takeover via External Authentication Provider Email Matching

CVE-2024-23783 HIGH

Sharp JH-RVB1 and JH-RV11 Firmware < b0.1.9.1 - Unauthenticated Access to Energy Management Controller

CVE-2024-23917 CRITICAL

JetBrains TeamCity > 2023.11.3 - Authentication Bypass

CVE-2024-22449 MEDIUM

Dell PowerScale OneFS <9.6.0.x - Privilege Escalation

CVE-2024-23618 CRITICAL

Arris SURFboard SBG6950AC2 Firmware - Unauthenticated Remote Code Execution

CVE-2024-21619 MEDIUM

Juniper Junos OS Unauthenticated Configuration Information Disclosure via Temporary Cache File

CVE-2024-22415 HIGH

jupyter-lsp < 2.2.2 - Unauthenticated Improper Access Control

CVE-2024-22212 CRITICAL

Nextcloud Global Site Selector 1.1.0-1.4.0 - Authentication Bypass via Password Verification Method

CVE-2024-21654 MEDIUM

rubygems.org < 2024-01-08 - Unauthenticated Account Takeover via Forgotten Password MFA Bypass

CVE-2024-21306 MEDIUM

Windows 10/11, Server 2022 Spoofing via Bluetooth Driver

CVE-2023-54352 CRITICAL

WP Travel Kit Travelscape - WordPress Seotheme Remote Code Execution Unauthenticated

CVE-2023-54350 HIGH

WordPress Augmented-Reality Plugin Remote Code Execution Unauthenticated

CVE-2023-54344 CRITICAL

Eclipse Equinox OSGi 3.7.2 Remote Code Execution via Console

CVE-2023-54342 CRITICAL

Eclipse Equinox OSGi 3.8-3.18 Console Remote Code Execution

CVE-2023-54335 CRITICAL

eXtplorer < 2.1.14 - Unauthenticated Authentication Bypass and Remote Code Execution

CVE-2023-53974 HIGH

D-Link DSL-124 ME_1.00 - Info Disclosure

CVE-2023-53970 HIGH

Screen SFT DAB 600/C Firmware 1.9.3 - Auth Bypass

CVE-2023-53969 HIGH

Screen SFT DAB 600/C firmware <1.9.3 - Auth Bypass

CVE-2023-53968 CRITICAL

Screen SFT DAB 600/C Firmware 1.9.3 - Auth Bypass

CVE-2023-53967 HIGH

Screen SFT DAB 600/C 1.9.3 - Auth Bypass

CVE-2023-53964 CRITICAL

SOUND4 IMPACT/FIRST/PULSE/Eco v2.x - RCE

CVE-2023-47232 MEDIUM

MojofyWP WP Affiliate Disclosure <1.2.6 - Info Disclosure

CVE-2023-53896 HIGH

D-Link DAP-1325 1.01 - Info Disclosure

CVE-2023-53774 CRITICAL

MiniDVBLinux < 5.4 - Unauthenticated Remote Code Execution via SVDRP Protocol

CVE-2023-53773 MEDIUM

MiniDVBLinux < 5.4 - Unauthenticated Live Stream Snapshot Generation via tv_action.sh

Previous Page 47 of 98 Next

Details

Vulnerabilities 2,430

Exploit Likelihood High

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy