Langflow versions prior to 1.3.0 are susceptible to code injection in the /api/v1/validate/cod…

On F5 BIG-IP 16.1.x versions prior to 16.1.2.2, 15.1.x versions prior to 15.1.5.1, 14.1.x versi…

Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent…

The previous default setting for Airflow's Experimental API was to allow all API requests witho…

An authentication bypass in Palo Alto Networks PAN-OS software enables an unauthenticated attac…

Zoho ManageEngine ServiceDesk Plus before 11302 is vulnerable to authentication bypass that all…

SAP Solution Manager (User Experience Monitoring), version- 7.2, due to Missing Authentication …

Vulnerability in the Oracle Web Applications Desktop Integrator product of Oracle E-Business Su…

An authentication bypass in the Palo Alto Networks PAN-OS software enables an unauthenticated a…

Erlang/OTP is a set of libraries for the Erlang programming language. Prior to versions OTP-27.…

A missing authentication for critical function in FortiManager 7.6.0, FortiManager 7.4.0 throug…

Vulnerability in the Oracle Access Manager product of Oracle Fusion Middleware (component: Open…

marimo is a reactive Python notebook. Prior to 0.23.0, Marimo has a Pre-Auth RCE vulnerability.…

SAP NetWeaver AS JAVA (LM Configuration Wizard), versions - 7.30, 7.31, 7.40, 7.50, does not pe…

A Missing Authentication for Critical Function vulnerability in Juniper Networks Junos OS on SR…

Zoho ManageEngine ServiceDesk Plus before 11306, ServiceDesk Plus MSP before 10530, and Support…

Missing authentication for a critical function in Palo Alto Networks Expedition can lead to an …

ProjectSend versions prior to r1720 are affected by an improper authentication vulnerability. R…

cPanel and WHM versions after 11.40 contain an authentication bypass vulnerability in the login…

Under certain conditions, vmdir that ships with VMware vCenter Server, as part of an embedded o…

Vulnerability in the Identity Manager product of Oracle Fusion Middleware (component: REST WebS…

SmarterTools SmarterMail versions prior to build 9511 contain an unauthenticated remote code ex…

The TP-240 (aka tp240dvr) component in Mitel MiCollab before 9.4 SP1 FP1 and MiVoice Business E…

upgrademysqlstatus in databases/views.py in CyberPanel (aka Cyber Panel) before 5b08cd6 allows …

A Missing Authentication for Critical Function vulnerability in Juniper Networks Junos OS on EX…

TerraMaster NAS 4.2.29 and earlier allows remote attackers to discover the administrative passw…

Vulnerability in Veeam Backup & Replication component allows encrypted credentials stored in th…

PTZOptics PT30X-SDI/NDI-xx before firmware 6.3.40 is vulnerable to an insufficient authenticati…

NUUO NVRmini2 through 3.11 allows an unauthenticated attacker to upload an encrypted TAR archiv…

TP-Link TL-WA855RE V5 20200415-rel37464 devices allow an unauthenticated attacker (on the same …

A Default Configuration vulnerability in FortiOS may allow an unauthenticated attacker on the s…

The Invoker Servlet on SAP NetWeaver Application Server Java platforms, possibly before 7.3, do…

Windows LSA Spoofing Vulnerability

Veeam Backup & Replication 10.x and 11.x has Incorrect Access Control (issue 1 of 2).

A Missing Authentication for Critical Function vulnerability in Juniper Networks Junos OS on SR…

In multiple locations, there is a possible way to launch activities from the background due to …