Weaknesses of type CWE-287
1,845 resultsCVE-2023-22663MEDIUMImproper authentication for some Intel Unison software may allow an authenticated user to potentially enable escalation of privilege via netEPSS 0.5%CVE-2025-56752CRITICALA vulnerability in the Ruijie RG-ES series switch firmware ESW_1.0(1)B1P39 enables remote attackers to fully bypass authentication mechanismEPSS 0.5%CVE-2023-46172MEDIUMIBM DS8900F security bypassEPSS 0.5%CVE-2024-0002CRITICALA condition exists in FlashArray Purity whereby an attacker can employ a privileged account allowing remote access to the array.EPSS 0.5%CVE-2025-63210CRITICALThe Newtec Celox UHD (models: CELOXA504, CELOXA820) running firmware version celox-21.6.13 is vulnerable to an authentication bypass. An attEPSS 0.5%CVE-2023-39345HIGHUnauthorized Access to Private Fields in User Registration API in strapiEPSS 0.5%CVE-2019-15796MEDIUMpython-apt downloads from untrusted sourcesEPSS 0.5%CVE-2026-10288MEDIUMcode-projects Hotel and Tourism Reservation System Admin Login login.php password_verify improper authenticationEPSS 0.5%CVE-2024-35184MEDIUMpaperless-ngx's remote user auth via header works even when disabling it for APIEPSS 0.5%CVE-2026-42822CRITICALAzure Local Disconnected Operations (ALDO) Elevation of Privilege VulnerabilityEPSS 0.5%CVE-2026-47280CRITICALAzure Resource Manager Elevation of Privilege VulnerabilityEPSS 0.5%CVE-2023-4677HIGHUnauthenticated Admin Account Takeover Via Cron Log File BackupsEPSS 0.5%CVE-2024-41199HIGHAn issue in Ocuco Innovation - JOBMANAGER.EXE v2.10.24.16 allows attackers to bypass authentication and escalate privileges to AdministratorEPSS 0.5%CVE-2022-46316CRITICALA thread security vulnerability exists in the authentication process. Successful exploitation of this vulnerability may affect data integritEPSS 0.5%CVE-2024-22441CRITICALHPE Cray Parallel Application Launch Service (PALS) is subject to an authentication bypass.EPSS 0.5%CVE-2024-47768MEDIUMLif Authentication Server Has No Auth Check When Updating Password In Account RecoveryEPSS 0.5%CVE-2024-50640CRITICALjeewx-boot 1.3 has an authentication bypass vulnerability in the preHandle functionEPSS 0.5%CVE-2026-3655CRITICALOTP Login With Phone Number, OTP Verification <= 1.8.60 - Unauthenticated Authentication Bypass via Firebase OTP VerificationEPSS 0.5%CVE-2025-4144MEDIUMPKCE bypass via downgrade attackEPSS 0.5%CVE-2026-29093HIGHWWBN AVideo: Unauthenticated PHP session store exposed to host network via published memcached portEPSS 0.5%