Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-306

CWE-306

High likelihood

Missing Authentication for Critical Function

Parent: CWE-287 - Improper Authentication

The product does not perform any authentication for functionality that requires a provable user identity or consumes a significant amount of resources.

2,436 vulnerabilities with CWE-306

CVE-2023-21837 HIGH

Oracle WebLogic Server <14.1.1.0.0 - RCE

CVE-2023-21743 MEDIUM

Microsoft SharePoint Server - Privilege Escalation

CVE-2022-50981 CRITICAL

Innomic and Avibia VibroLine Devices - Default Password Full Access

CVE-2022-50980 MEDIUM

Innomic VibroLine and AvibiaLine - CAN Preset Switching Denial of Service

CVE-2022-50979 MEDIUM

Innomic VibroLine VLX HD 5.0 - Unauthenticated Configuration Preset Switch via Modbus

CVE-2022-50978 HIGH

Innomic VibroLine VLX1/2/4/6/8 HD 5.0 - Unauthenticated Configuration Preset Switch via Modbus TCP

CVE-2022-50977 HIGH

Innomic VibroLine and AvibiaLine - Unauthenticated Config Preset Switching

CVE-2022-50790 HIGH

SOUND4 IMPACT/FIRST/PULSE/Eco <2 - Info Disclosure

CVE-2022-50595 HIGH

Advantech iView <5.7.04 build 6425 - Auth Bypass, SQL Injection

CVE-2022-50594 HIGH

Advantech iView <5.7.04 build 6425 - Auth Bypass

CVE-2022-50593 CRITICAL

Advantech iView <5.7.04 build 6425 - Auth Bypass, SQL Injection

CVE-2022-50592 HIGH

Advantech iView <5.7.04 build 6425 - Auth Bypass, SQL Injection

CVE-2022-50591 CRITICAL

Advantech iView <5.7.04 build 6425 - Auth Bypass

CVE-2022-4980 CRITICAL

General Bytes Crypto Application Server <20220531.38-20220725.22 - ...

CVE-2022-43110 CRITICAL

Voltronic Power ViewPower <1.04-21353 & PowerShield Netguard <1.04-...

CVE-2022-4978 CRITICAL

Remote Control Server 3.1.1.12 - RCE

CVE-2022-23862 HIGH

Y Soft SAFEQ 6 Build 53 - Privilege Escalation

CVE-2022-25770 HIGH

Mautic < 4.4.13 - Unauthenticated Application Update via Upgrade Script

CVE-2022-32503 HIGH

Nuki Home Solutions <1.9.2-1.8.1 - Privilege Escalation

CVE-2022-38057 MEDIUM

ThemeHunk Advance WP Search <1.2.1 - Info Disclosure

CVE-2022-34321 HIGH

Apache Pulsar 2.6.0-2.10.5, 2.11.0-2.11.2, 3.0.0-3.0.1, 3.1.0 - Info Exposure & DoS via /proxy-stats

CVE-2022-48621 HIGH

Huawei EMUI and HarmonyOS - Missing Authentication for Critical Function in Wi-Fi Module

CVE-2022-45794 HIGH

Omron SYSMAC CJ2H CPU66 Firmware - Unauthenticated File Read and Write via Network Protocol

CVE-2022-43555 HIGH

Ivanti Avalanche Printer Device Service - Privilege Escalation

CVE-2022-43554 HIGH

Ivanti Avalanche Smart Device Service - Privilege Escalation

Previous Page 57 of 98 Next

Details

Vulnerabilities 2,436

Exploit Likelihood High

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy