Weaknesses of type CWE-290
466 resultsCVE-2022-1745MEDIUM2.2.7 AUTHENTICATION BYPASS BY SPOOFING CWE-290EPSS 0.3%CVE-2020-7327MEDIUMMcAfee MVEDR - Improperly implemented security checkEPSS 0.3%CVE-2024-9391MEDIUMA user who enables full-screen mode on a specially crafted web page could potentially be prevented from exiting full screen mode. This may EPSS 0.3%CVE-2026-56020CRITICALWebmin HTTP header authentication bypassEPSS 0.3%CVE-2026-34025MEDIUMIP restriction bypass in Wertheim SafeController Software allows logins from unauthorized network locationsEPSS 0.3%CVE-2025-46018MEDIUMCSC Pay Mobile App 2.19.4 (fixed in version 2.20.0) contains a vulnerability allowing users to bypass payment authorization by disabling BluEPSS 0.3%CVE-2025-12430HIGHObject lifecycle issue in Media in Google Chrome prior to 142.0.7444.59 allowed a remote attacker to perform UI spoofing via a crafted HTML EPSS 0.3%CVE-2023-34158MEDIUMVulnerability of spoofing trustlists of Huawei desktop.Successful exploitation of this vulnerability can cause third-party apps to hide app EPSS 0.3%CVE-2023-34160MEDIUMVulnerability of spoofing trustlists of Huawei desktop.Successful exploitation of this vulnerability can cause third-party apps to hide app EPSS 0.3%CVE-2023-34167MEDIUMVulnerability of spoofing trustlists of Huawei desktop.Successful exploitation of this vulnerability can cause third-party apps to hide app EPSS 0.3%CVE-2026-54308MEDIUMn8n: Missing Token Validation on Microsoft Agent 365 Trigger NodeEPSS 0.3%CVE-2026-46356MEDIUMFleet: IP spoofing allows bypassing API rate limitingEPSS 0.3%CVE-2025-10530MEDIUMSpoofing issue in the WebAuthn component in Firefox for AndroidEPSS 0.3%CVE-2025-36753HIGHSWD Interface Open on Growatt ShineLan-XEPSS 0.3%CVE-2026-24853HIGHCaido has an insufficient patch for DNS rebind leading to RCEEPSS 0.3%CVE-2025-59699MEDIUMEntrust nShield Connect XC, nShield 5c, and nShield HSMi through 13.6.11, or 13.7, allow a physically proximate attacker to escalate privileEPSS 0.3%CVE-2025-69203MEDIUMSignal K Server Vulnerable to Access Request SpoofingEPSS 0.3%CVE-2025-2188HIGHWhitelist bypass Vulnerability in GameCenterEPSS 0.3%CVE-2025-59802HIGHFoxit PDF Editor and Reader before 2025.2.1 allow signature spoofing via OCG. When Optional Content Groups (OCG) are supported, the state prEPSS 0.3%CVE-2024-8273HIGHAuthentication Bypass by Spoofing vulnerability in HYPR Server allows Identity Spoofing.This issue affects Server: before 10.1.EPSS 0.3%