Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-306 (关键功能的认证机制缺失) — Vulnerability Class 1097

1097 vulnerabilities classified as CWE-306 (关键功能的认证机制缺失). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2024-31218 Missing Authentication for Critical Function in Webhood backend — webhood 9.8 Critical2024-04-05
CVE-2023-6949 DJI Mavic 安全漏洞 — Mini 3 Pro 5.2 Medium2024-04-02
CVE-2023-51571 Voltronic Power ViewPower Pro SocketService Missing Authentication Denial-of-Service Vulnerability — ViewPower Pro 7.5 -2024-04-01
CVE-2024-28179 Jupyter Server Proxy's Websocket Proxying does not require authentication — jupyter-server-proxy 9.1 Critical2024-03-20
CVE-2022-34321 Apache Pulsar: Improper Authentication for Pulsar Proxy Statistics Endpoint — Apache Pulsar 8.2 High2024-03-12
CVE-2024-2076 CodeAstro House Rental Management System tenant.php missing authentication — House Rental Management System 5.3 Medium2024-03-01
CVE-2022-48621 Huawei EMUI 安全漏洞 — HarmonyOS 7.5AIHighAI2024-02-18
CVE-2024-26263 EBM Technologies RISWEB - Improper Access Control — RISWEB 5.3 Medium2024-02-15
CVE-2023-40545 PingFederate OAuth client_secret_jwt Authentication Bypass — PingFederate 8.8 High2024-02-06
CVE-2023-49115 MachineSense FeverWarn Missing Authentication for Critical Function — FeverWarn 7.5 High2024-02-01
CVE-2023-49617 MachineSense FeverWarn Missing Authentication for Critical Function — FeverWarn 10.0 Critical2024-02-01
CVE-2023-6221 MachineSense FeverWarn Missing Authentication for Critical Function — FeverWarn 7.7 High2024-02-01
CVE-2024-22449 Dell PowerScale OneFS 访问控制错误漏洞 — PowerScale OneFS 6.6 Medium2024-02-01
CVE-2023-6942 Mitsubishi Electric 多款产品安全漏洞 — EZSocket 7.5 High2024-01-30
CVE-2024-23618 Arris SURFboard SBG6950AC2 Arbitrary Code Execution Vulnerability — SURFboard SBG6950AC2 9.6 Critical2024-01-25
CVE-2024-21619 Junos OS: SRX Series and EX Series: J-Web - unauthenticated access to temporary files containing sensitive information — Junos OS 5.3 Medium2024-01-25
CVE-2023-5716 ASUS Armoury Crate - Arbitrary File Write — Armoury Crate 9.8 Critical2024-01-19
CVE-2024-22212 Nextcloud global site selector authentication bypass — security-advisories 9.7 Critical2024-01-18
CVE-2023-5253 Check Point IoT integration: WebSocket returns assets data without authentication in Guardian/CMC before 23.3.0 — Guardian 5.3 Medium2024-01-15
CVE-2023-31033 CVE — DGX A100 6.8 Medium2024-01-12
CVE-2023-49255 Router console accessible without authentication — H8951-4G-ESP 9.8 -2024-01-12
CVE-2022-45794 Omron CJ-series and CS-series unauthenticated filesystem access. — CJ-series and CS-series CPU modules 8.6 High2024-01-10
CVE-2024-21306 Microsoft Bluetooth Driver Spoofing Vulnerability — Windows Server 2022 5.7 Medium2024-01-09
CVE-2023-5376 TFTP Without Authentication — JetNet Series 8.6 High2024-01-09
CVE-2023-5881 Unauthenticated access permitted to web interface page "Garage Door Control Module Setup" — Aladdin Connect (Retrofit-Kit) 7.5AIHighAI2024-01-03
CVE-2023-6368 WhatsUp Gold Unauthenticated Access to an API Endpoint — WhatsUp Gold 5.9 Medium2023-12-14
CVE-2023-6595 WhatsUp Gold Unauthenticated Access to an API Endpoint — WhatsUp Gold 7.5 High2023-12-14
CVE-2023-32460 Dell PowerEdge Server BIOS 访问控制错误漏洞 — PowerEdge Platform 8.8 High2023-12-08
CVE-2023-49693 NETGEAR ProSAFE Network Management System RCE via Unprotected Access to Java Debug Wire Protocol — NETGEAR ProSAFE Network Management System 9.8 Critical2023-11-29
CVE-2023-29061 Lack of Adequate BIOS Authentication — FACSChorus 5.2 Medium2023-11-28

Vulnerabilities classified as CWE-306 (关键功能的认证机制缺失) represent 1097 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.