Weaknesses of type CWE-287
1,843 resultsCVE-2024-2873CRITICALUser authentication bypass in wolfSSH serverEPSS 0.6%CVE-2022-39246HIGHmatrix-android-sdk2 vulnerable to impersonation via forwarded Megolm sessionsEPSS 0.6%CVE-2025-7897MEDIUMharry0703 MoneyPrinterTurbo API Endpoint base.py verify_token missing authenticationEPSS 0.6%CVE-2025-26685MEDIUMMicrosoft Defender for Identity Spoofing VulnerabilityEPSS 0.6%CVE-2023-1065MEDIUMThis vulnerability in the Snyk Kubernetes Monitor can result in irrelevant data being posted to a Snyk Organization, which could in turn obfEPSS 0.6%CVE-2024-22442CRITICALThe vulnerability could be remotely exploited to bypass authentication.EPSS 0.6%CVE-2022-39264HIGHnheko vulnerable to secret poisoning using MITM on secret requests by the homeserverEPSS 0.6%CVE-2025-32877CRITICALAn issue was discovered on COROS PACE 3 devices through 3.0808.0. It identifies itself as a device without input or output capabilities, whiEPSS 0.6%CVE-2024-7763CRITICALWhatsUp Gold getReport Missing Authentication Authentication Bypass VulnerabilityEPSS 0.6%CVE-2020-8350HIGHAn authentication bypass vulnerability was reported in Lenovo ThinkPad Stack Wireless Router firmware version 1.1.3.4 that could allow escalEPSS 0.6%CVE-2023-4501CRITICALAuthentication bypass in OpenText (Micro Focus) Enterprise ServerEPSS 0.6%CVE-2022-46400MEDIUMThe Microchip RN4870 module firmware 1.43 (and the Microchip PIC LightBlue Explorer Demo 4.2 DT100112) allows attackers to bypass passkey enEPSS 0.6%CVE-2023-1477HIGHImproper Authentication vulnerability in HYPR Keycloak Authenticator Extension allows Authentication Abuse.This issue affects HYPR Keycloak EPSS 0.6%CVE-2025-52572CRITICALHikka vulnerable to RCE through dangling web interfaceEPSS 0.6%CVE-2022-1349—WPQA < 5.2 - Subscriber+ Arbitrary Profile Picture Deletion via IDOREPSS 0.6%CVE-2022-4441HIGHPrivilege Escalation Vulnerability in Hitachi Storage Plug-in for VMware vCenterEPSS 0.6%CVE-2023-30967CRITICALGotham Orbital Simulator path traversalEPSS 0.6%CVE-2024-50645CRITICALMallChat v1.0-SNAPSHOT has an authentication bypass vulnerability. An attacker can exploit this vulnerability to access API without any tokeEPSS 0.6%CVE-2017-20133HIGHItech Job Portal Script admin improper authenticationEPSS 0.6%CVE-2025-47889CRITICALIn Jenkins WSO2 Oauth Plugin 1.0 and earlier, authentication claims are accepted without validation by the "WSO2 Oauth" security realm, alloEPSS 0.6%