Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-306

CWE-306

High likelihood

Missing Authentication for Critical Function

Parent: CWE-287 - Improper Authentication

The product does not perform any authentication for functionality that requires a provable user identity or consumes a significant amount of resources.

2,436 vulnerabilities with CWE-306

CVE-2023-40585 HIGH

Ironic-image <capm3-v1.4.3 - Info Disclosure

CVE-2023-38422 HIGH

Walchem Intuition <4.21 - Info Disclosure

CVE-2023-36847 MEDIUM KEV

Juniper Networks Junos OS - Path Traversal

CVE-2023-36846 MEDIUM KEV

Juniper Junos OS on SRX Series < 22.4R3 - Unauthenticated Arbitrary File Upload via J-Web

CVE-2023-4335 HIGH

Broadcom RAID Controller Web - Info Disclosure

CVE-2023-4334 HIGH

Broadcom RAID Controller Web server - Info Disclosure

CVE-2023-39380 HIGH

Huawei EMUI and HarmonyOS - Improper Authentication in Audio Module

CVE-2023-38186 HIGH

Windows Mobile Device Management - Privilege Escalation

CVE-2023-37373 MEDIUM

RUGGEDCOM CROSSBOW < 5.4 - Unauthenticated Arbitrary File Write

CVE-2023-39436 MEDIUM

SAP Supplier Relationship Management 600-606, 616-617 - Unauthenticated Information Disclosure

CVE-2023-37483 CRITICAL

SAP PowerDesigner 16.7 - Unauthenticated Arbitrary Database Query Execution via Proxy

CVE-2023-36926 LOW

SAP Host Agent <7.22 - Info Disclosure

CVE-2023-38523 MEDIUM

Samsung Harman AMX N-Series - Info Disclosure

CVE-2023-22047 HIGH

Oracle PeopleSoft Enterprise PeopleTools 8.59/8.60 - Unauthenticated Critical Function Access

CVE-2023-36669 CRITICAL

Kratos NGC Indoor Unit Firmware < 11.4 - Unauthenticated Remote Control via TPU Impersonation

CVE-2023-34329 CRITICAL

AMI MegaRAC SP-X - Authentication Bypass via HTTP Header Spoofing

CVE-2023-37265 CRITICAL

CasaOS < 0.4.4 - Unauthenticated Remote Code Execution via IP Address Verification Bypass

CVE-2023-38379 HIGH

RIGOL MSO5000 <00.01.03.00.03 - Auth Bypass

CVE-2023-35874 MEDIUM

SAP NetWeaver Application Server ABAP and ABAP Platform - Missing Authentication for Critical Function

CVE-2023-35873 MEDIUM

SAP NetWeaver Process Integration SAP_XITOOL 7.50 - Unauthenticated Missing Authentication for Critical Function

CVE-2023-35872 MEDIUM

SAP NetWeaver Process Integration SAP_XIAF 7.50 - Unauthenticated Missing Authentication for Critical Function

CVE-2023-30643 HIGH

Samsung Android Galaxy Themes Service - Unauthenticated Arbitrary Application Deletion

CVE-2023-22906 HIGH

Hero Qubo HCD01 and HCD02 Firmware - Unauthenticated Root Access via TELNET

CVE-2023-36347 HIGH

POS Codekop 2.0 - Unauthenticated Sensitive Data Exposure via excel.php Endpoint

CVE-2023-2834 CRITICAL

BookIt WordPress <2.3.7 - Auth Bypass

Previous Page 53 of 98 Next

Details

Vulnerabilities 2,436

Exploit Likelihood High

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy