Weaknesses of type CWE-287
1,841 resultsCVE-2021-0193HIGHImproper authentication in the Intel(R) In-Band Manageability software before version 2.13.0 may allow a privileged user to potentially enabEPSS 0.9%CVE-2023-5970—Improper authentication in the SMA100 SSL-VPN virtual office portal allows a remote authenticated attacker to create an identical external dEPSS 0.9%CVE-2024-39340HIGHThe authentication system of Securepoint UTM mishandles OTP keys. This allows the bypassing of second-factor verification (when OTP is enablEPSS 0.9%CVE-2020-16239MEDIUMPhilips SureSigns VS4 Improper AuthenticationEPSS 0.9%CVE-2021-3632—A flaw was found in Keycloak. This vulnerability allows anyone to register a new security device or key when there is not a device already rEPSS 0.9%CVE-2026-32173HIGHAzure SRE Agent Information Disclosure VulnerabilityEPSS 0.9%CVE-2022-2553—The authfile directive in the booth config file is ignored, preventing use of authentication in communications from node to node. As a resulEPSS 0.9%CVE-2024-21632HIGHomniauth-microsoft_graph vulnerable to account takeover (nOAuth)EPSS 0.9%CVE-2021-28495HIGHIn Arista's MOS (Metamako Operating System) software which is supported on the 7130 product line, under certain conditions, user authenticatEPSS 0.9%CVE-2024-7395CRITICALInsufficient AuthenticationEPSS 0.9%CVE-2021-26073HIGHBroken Authentication in Atlassian Connect Express (ACE) from version 3.0.2 before version 6.6.0: Atlassian Connect Express is a Node.js pacEPSS 0.9%CVE-2021-29487HIGHAuthentication bypass in OctobercmsEPSS 0.9%CVE-2022-39387CRITICALXWiki OIDC Authenticator vulnerable to OpenID login bypass due to improper authentication EPSS 0.9%CVE-2024-5732MEDIUMClash Proxy Port improper authenticationEPSS 0.9%CVE-2018-16464—A missing access check in Nextcloud Server prior to 14.0.0 could lead to continued access to password protected link shares when the owner hEPSS 0.9%CVE-2023-43809HIGHSoft Serve Public Key Authentication Bypass Vulnerability when Keyboard-Interactive SSH Authentication is EnabledEPSS 0.9%CVE-2021-32951MEDIUMAdvantech WebAccess/NMS Improper AuthenticationEPSS 0.9%CVE-2022-23769HIGHSecuever reverseWall-MDS Remote Code Execution VulnerabilityEPSS 0.9%CVE-2022-36960HIGHSolarWinds Platform Improper Input ValidationEPSS 0.9%CVE-2022-23600MEDIUMLimited ability to spoof SAML authentication with missing audience verificationEPSS 0.9%