Weaknesses of type CWE-287
1,848 resultsCVE-2020-7276MEDIUMUnrestricted Policy Management using MfeUpgradeTool.exeEPSS 0.3%CVE-2023-21467MEDIUMError in 3GPP specification implementation in Exynos baseband prior to SMR Apr-2023 Release 1 allows incorrect handling of unencrypted messaEPSS 0.3%CVE-2026-34727HIGHVikunja ahs a TOTP Two-Factor Authentication Bypass via OIDC Login PathEPSS 0.3%CVE-2025-55340HIGHWindows Remote Desktop Protocol Security Feature BypassEPSS 0.3%CVE-2024-40648MEDIUM`UserIdentity::is_verified` not checking verification status of own user identity while performing the check in matrix-rust-sdkEPSS 0.3%CVE-2025-24949MEDIUMIn JotUrl 2.0, is possible to bypass security requirements during the password change process.EPSS 0.3%CVE-2025-7703LOWAuthentication vulnerability in the mobile application(tech.palm.id)may lead to the risk of information leakage.EPSS 0.3%CVE-2025-22232MEDIUMSpring Cloud Config Server May Not Use Vault Token Sent By ClientsEPSS 0.3%CVE-2023-28647MEDIUMApp pin of the iOS app can be bypassed in Nextcloud iOSEPSS 0.3%CVE-2026-7664CRITICALUnauthenticated Flow Execution via Webhook Endpoint in Langflow OSSEPSS 0.3%CVE-2023-52111HIGHAuthorization vulnerability in the BootLoader module. Successful exploitation of this vulnerability may affect service integrity.EPSS 0.3%CVE-2024-56445MEDIUMInstruction authentication bypass vulnerability in the Findnetwork module
Impact: Successful exploitation of this vulnerability may cause feEPSS 0.3%CVE-2026-2756LOWOmniPEMF NeoRhythm BLE missing authenticationEPSS 0.3%CVE-2024-37408HIGHfprintd through 1.94.3 lacks a security attention mechanism, and thus unexpected actions might be authorized by "auth sufficient pam_fprintdEPSS 0.3%CVE-2026-28787HIGHOneUptime has WebAuthn 2FA bypass: server accepts client-supplied challenge instead of server-stored value, allowing credential replayEPSS 0.3%CVE-2023-40282MEDIUMImproper authentication vulnerability in Rakuten WiFi Pocket all versions allows a network-adjacent attacker to log in to the product's ManaEPSS 0.3%CVE-2025-31228MEDIUMThe issue was addressed with improved authentication. This issue is fixed in iOS 18.5 and iPadOS 18.5, iPadOS 17.7.7. An attacker with physiEPSS 0.3%CVE-2024-7487MEDIUMImproper Authentication in WSO2 Identity Server 7.0.0 Allows Bypass of App-Native AuthenticationEPSS 0.3%CVE-2025-15346CRITICALwolfSSL Python library `CERT_REQUIRED` mode fails to enforce client certificate requirementEPSS 0.3%CVE-2026-35261MEDIUMVulnerability in the Oracle Access Manager product of Oracle Fusion Middleware (component: Authentication Engine). Supported versions that EPSS 0.3%