Index
Bugtraq
Pełna lista
Błędy
Sztuczki
Exploity
Dorks list
Tylko z CVE
Tylko z CWE
Bogus
Ranking
CVEMAP
Świeża lista CVE
Producenci
Produkty
Słownik CWE
Sprawdź nr. CVE
Sprawdź nr. CWE
Szukaj
W Bugtraq
W bazie CVE
Po autorze
Po nr. CVE
Po nr. CWE
Po producencie
Po produkcie
RSS
Bugtraq
CVEMAP
CVE Produkty
Tylko Błędy
Tylko Exploity
Tylko Dorks
Więcej
cIFrex
Facebook
Twitter
Donate
O bazie
Lang
Polish
English
Submit
CWE
:
Tytuł
Data
Autor
Low
SAP FRUN Simple Diagnostics Agent 1.0 Missing Authentication
22.06.2022
Yvan Genuer
Med.
SAP Netweaver JAVA 7.50 Missing Authorization
17.06.2021
Ignacio D. Favro
Med.
URVE Software Build 24.03.2020 Authentication Bypass / Remote Code Execution
30.12.2020
Erik Steltzner
Med.
IBM Cognos TM1 / IBM Planning Analytics Server Configuration Overwrite / Code Execution
29.03.2020
Pedro Ribeiro
Med.
Sophos UTM 9.410 loginuser confd Service Privilege Escalation
06.03.2018
KoreLogic
Med.
JD Edwards 9.1 EnterpriseOne Server Denial Of Service
28.08.2016
Fernando Russ and Mati...
Med.
JD Edwards 9.1 EnterpriseOne Server Create Users
28.08.2016
Fernando Russ and Mati...
High
SAP TREX 7.10 Revision 63 Remote Command Execution
22.08.2016
Multiple
Med.
Davolink DV-2051 Missing Access Control
06.08.2016
Eric Flokstra
High
InFocus IN3128HD Projector Missing Authentication
28.04.2015
CORE
High
Allied Telesis AT-RG634A ADSL router unauthenticated webshell
26.03.2014
Sebastian Muniz
High
INSTEON Hub 2242-222 Lack Of Authentication
02.08.2013
David Bryan
Common Weakness Enumeration (CWE)
CVE
Szczegóły
Opis
2024-10-17
CVE-2024-49399
Updating...
The affected product is vulnerable to an attacker being able to use commands without providing a password which may allow an attacker to leak information.
CVE-2024-48920
Updating...
PutongOJ is online judging software. Prior to version 2.1.0-beta.1, unprivileged users can escalate privileges by constructing requests. This can lead to unauthorized access, enabling users to perform admin-level operations, potentially compromising sensitive data and system integrity. This problem has been fixed in v2.1.0.beta.1. As a workaround, one may apply the patch from commit `211dfe9` manually.
2024-10-15
CVE-2024-45274
Updating...
An unauthenticated remote attacker can execute OS commands via UDP on the device due to missing authentication.
CVE-2024-9984
Updating...
Enterprise Cloud Database from Ragic does not authenticate access to specific functionality, allowing unauthenticated remote attackers to use this functionality to obtain any user's session cookie.
2024-10-11
CVE-2024-8530
Updating...
CWE-306: Missing Authentication for Critical Function vulnerability exists that could cause exposure of private data when an already generated �??logcaptures�?� archive is accessed directly by HTTPS.
2024-10-08
CVE-2024-43488
Updating...
Missing authentication for critical function in Visual Studio Code extension for Arduino allows an unauthenticated attacker to perform remote code execution through network attack vector.
2024-10-03
CVE-2024-41988
Updating...
TEM Opera Plus FM Family Transmitter allows access to an unprotected endpoint that allows MPFS File System binary image upload without authentication. This file system serves as the basis for the HTTP2 web server module but is also used by the SNMP module and is available to other applications that require basic read-only storage capabilities. This can be exploited to overwrite the flash program memory that holds the web server's main interfaces and execute arbitrary code.
2024-10-02
CVE-2024-35294
Updating...
An unauthenticated remote attacker may use the devices traffic capture without authentication to grab plaintext administrative credentials.
CVE-2024-35293
Updating...
An unauthenticated remote attacker may use a missing authentication for critical function vulnerability to reboot or erase the affected devices resulting in data loss and/or a DoS.
2024-09-30
CVE-2024-8456
Updating...
Certain switch models from PLANET Technology lack proper access control in firmware upload and download functionality, allowing unauthenticated remote attackers to download and upload firmware and system configurations, ultimately gaining full control of the devices.
Copyright
2024
, cxsecurity.com
Back to Top