Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-306

CWE-306

High likelihood

Missing Authentication for Critical Function

Parent: CWE-287 - Improper Authentication

The product does not perform any authentication for functionality that requires a provable user identity or consumes a significant amount of resources.

2,453 vulnerabilities with CWE-306

CVE-2018-25259 HIGH

Terminal Services Manager 3.1 Buffer Overflow SEH

CVE-2018-25246 HIGH

Wikipedia 12.0 Denial of Service via Search

CVE-2018-25241 HIGH

VPN Browser+ 1.1.0.0 Denial of Service

CVE-2018-25225 HIGH

SIPP 3.3 Stack-Based Buffer Overflow via Configuration File

CVE-2018-25224 HIGH

PMS 0.42 Stack-Based Buffer Overflow via Configuration File

CVE-2018-25141 HIGH

FLIR thermal traffic cameras - Info Disclosure

CVE-2018-25140 HIGH

FLIR thermal traffic cameras - SSRF

CVE-2018-25139 HIGH

FLIR AX8 Thermal Camera <1.32.16 - Info Disclosure

CVE-2018-25137 HIGH

FLIR Brickstream 3D+ <2.1.742.1842 - Info Disclosure

CVE-2018-25136 HIGH

FLIR Brickstream 3D+ <2.1.742.1842 - Info Disclosure

CVE-2018-25134 CRITICAL

Synaccess netBooter NP-02x/NP-08x 6.8 - Auth Bypass

CVE-2018-11764 HIGH

Apache Hadoop 3.0.0-alpha4, 3.0.0-beta1, 3.0.0 - Authenticated User Impersonation via Broken Web Endpoint Authentication

CVE-2018-1501 HIGH

IBM Security Guardium 10.5, 10.6, and 11.0 - Unauthenticated Sensitive Information Exposure

CVE-2018-21132 CRITICAL

NETGEAR WAC505 and WAC510 Firmware < 5.0.0.17 - Unauthenticated Authentication Bypass

CVE-2018-21041 HIGH

Samsung Android O(8.x) - Unauthenticated Access to Secure Folder Gallery

CVE-2018-20507 MEDIUM

GitLab 11.2.0-11.4.12, 11.5.0-11.5.5, 11.6.0 - Unauthenticated Incorrect Access Control

CVE-2018-20220 HIGH

Teracue ENC-400 <2.56 - Info Disclosure

CVE-2018-19636 HIGH

Supportutils <3.1-5.7.1 - Code Injection

CVE-2018-15466 MEDIUM

Cisco Policy Suite for Mobile - Unauthenticated Improper Access Control in Graphite Web Interface

CVE-2018-0181 HIGH

Cisco Policy Suite for Mobile and Diameter Routing Agent - Unauthenticated Redis Key-Value Pair Modification

CVE-2018-18995 CRITICAL

ABB GATE-E1 and GATE-E2 Firmware - Missing Authentication for Critical Function

CVE-2018-18264 HIGH

Kubernetes Dashboard < 1.10.1 - Unauthenticated Secret Access via Service Account Bypass

CVE-2018-19248 CRITICAL

Epson WorkForce WF-2861 Firmware - Unauthenticated Firmware Upload and Reset via /DOWN/FIRMWAREUPDATE/ROM1

CVE-2018-17924 HIGH

Rockwell MicroLogix 1400/1756 ControlLogix - Unauthenticated IP Overwrite via CIP

CVE-2018-17906 HIGH

Philips iSite & IntelliSpace PACS - Info Disclosure

Previous Page 93 of 99 Next

Details

Vulnerabilities 2,453

Exploit Likelihood High

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy