Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-306

CWE-306

High likelihood

Missing Authentication for Critical Function

Parent: CWE-287 - Improper Authentication

The product does not perform any authentication for functionality that requires a provable user identity or consumes a significant amount of resources.

2,435 vulnerabilities with CWE-306

CVE-2023-22087 HIGH

Oracle Hospitality Applications <5.6 - RCE

CVE-2023-22072 CRITICAL

Oracle WebLogic Server <12.2.1.3.0 - RCE

CVE-2023-22069 CRITICAL

Oracle WebLogic Server <14.1.1.0.0 - RCE

CVE-2023-44116 CRITICAL

HarmonyOS - Missing Authentication for Critical Function in APPWidget Module

CVE-2023-43271 CRITICAL

70mai a500s <1.2.119 - Info Disclosure

CVE-2023-4884 MEDIUM

open5gs < 2.4.10 - Unauthenticated Information Disclosure via HTTP Endpoint

CVE-2023-4506 LOW

WordPress <4.1.10 - Privilege Escalation

CVE-2023-4505 LOW

Staff / Employee Business Directory <1.2.3 - Privilege Escalation

CVE-2023-44152 CRITICAL

Acronis Cyber Protect <35979 - Info Disclosure

CVE-2023-41333 MEDIUM

Cilium < 1.12.14, 1.14.0-1.14.2 - Unauthenticated Policy Bypass via EndpointSelector DoesNotExist Operator

CVE-2023-36851 MEDIUM KEV

Juniper Networks Junos OS - Unauthenticated File Upload/Download

CVE-2023-43644 CRITICAL

Sing-box <1.4.4, <1.5.0-rc.4 - Auth Bypass

CVE-2023-42793 CRITICAL KEV

JetBrains TeamCity < 2023.05.4 - Unauthenticated Remote Code Execution

CVE-2023-4702 CRITICAL

Yepas Digital Yepas < 1.0.1 - Authentication Bypass

CVE-2023-4516 HIGH

Schneider Electric IGSS Update Service - Missing Authentication Code Execution

CVE-2023-41367 MEDIUM

SAP NetWeaver <7.50 - Info Disclosure

CVE-2023-4815 HIGH

GitHub answerdev/answer <1.1.3 - Info Disclosure

CVE-2023-31132 HIGH

Cacti <1.2.25 - Privilege Escalation

CVE-2023-39981 HIGH

MXsecurity < 1.0.1 - Unauthenticated Information Disclosure via Inadequate Authentication

CVE-2023-34392 HIGH

SEL-5037 SEL Grid Configurator < 4.5.0.20 - Unauthenticated Remote Command Execution

CVE-2023-40598 HIGH

Splunk Enterprise <8.2.12, 9.0.6, 9.1.1 - Code Injection

CVE-2023-40170 MEDIUM

jupyter_server < 2.7.2 - Improper Access Control in Files Endpoint

CVE-2023-38030 HIGH

Saho ADM100 and ADM-100FP - Unauthenticated Remote Code Execution via Website URL

CVE-2023-38028 CRITICAL

Saho ADM100 and ADM-100FP - Unauthenticated Information Disclosure and Data Manipulation

CVE-2023-40585 HIGH

Ironic-image <capm3-v1.4.3 - Info Disclosure

Previous Page 52 of 98 Next

Details

Vulnerabilities 2,435

Exploit Likelihood High

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy