Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-306

CWE-306

High likelihood

Missing Authentication for Critical Function

Parent: CWE-287 - Improper Authentication

The product does not perform any authentication for functionality that requires a provable user identity or consumes a significant amount of resources.

2,438 vulnerabilities with CWE-306

CVE-2022-26303 HIGH

Open Automation Software OAS Platform <16.00.0112 - Info Disclosure

CVE-2022-26082 CRITICAL

Open Automation Software OAS Platform <16.00.0112 - RCE

CVE-2022-26067 MEDIUM

Open Automation Software OAS Platform <16.00.0112 - Info Disclosure

CVE-2022-26043 HIGH

Open Automation Software OAS Platform <16.00.0112 - Info Disclosure

CVE-2022-26026 HIGH

Open Automation Software OAS Platform <16.00.0112 - DoS

CVE-2022-29402 MEDIUM

TP-Link TL-WR840N EU <6.20 - Privilege Escalation

CVE-2022-22309 MEDIUM

POWER systems FSP - Unauthenticated Login

CVE-2022-28660 CRITICAL

Grafana Enterprise Logs <1.4.0 - Info Disclosure

CVE-2022-29883 MEDIUM

Siemens 7kg8500-0aa00-0aa0 Firmware < 3.00 - Missing Authentication

CVE-2022-29881 MEDIUM

Siemens 7kg8500-0aa00-0aa0 Firmware < 3.00 - Missing Authentication

CVE-2022-29879 MEDIUM

Siemens 7kg8500-0aa00-0aa0 Firmware < 3.00 - Missing Authentication

CVE-2022-29877 MEDIUM

Siemens 7kg8500-0aa00-0aa0 Firmware < 3.00 - Missing Authentication

CVE-2022-26925 HIGH KEV

Windows - Unauthenticated Remote Code Execution via LSA Spoofing

CVE-2022-0424 MEDIUM

The Popup by Supsystic WordPress <1.10.9 - Info Disclosure

CVE-2022-27495 MEDIUM

F5 NGINX Service Mesh 1.3.x - Missing Authentication for Critical Function

CVE-2022-1388 CRITICAL KEV

F5 BIG-IP iControl RCE via REST Authentication Bypass

CVE-2022-1300 CRITICAL

TRUMPF TruTops Boost 13.01-13.05 and TruTops Fab/Monitor 22.01-22.05 - Unauthenticated Critical Function Access

CVE-2022-29934 HIGH

USU Oracle Optimization < 5.17.5 - Unauthenticated Privilege Escalation via pkexec

CVE-2022-24935 HIGH

Lexmark Firmware < 2022-02-10 - Unauthenticated Incorrect Access Control

CVE-2022-28719 CRITICAL

AssetView < 13.2.0 - Unauthenticated Arbitrary Code Execution via Crafted Configuration File Upload

CVE-2022-27332 CRITICAL

Zammad < 5.1.0 - Unauthenticated CTI Caller Log Entry Injection

CVE-2022-0993 HIGH

SiteGround Security < 1.2.5 - Unauthenticated Authentication Bypass via 2FA Backup Code

CVE-2022-0992 CRITICAL

SiteGround Security Optimizer <= 1.2.5 - Unauthenticated Authentication Bypass via 2FA Setup

CVE-2022-0878 MEDIUM

Combined Charging System Firmware < 2.0 - Unauthenticated Denial of Service via Electromagnetic Interference

CVE-2022-0140 MEDIUM

Visual Form Builder <3.0.6 - Info Disclosure

Previous Page 64 of 98 Next

Details

Vulnerabilities 2,438

Exploit Likelihood High

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy