Fallos del tipo CWE-287
1838 resultadosCVE-2025-32975CRITICALQuest KACE Systems Management Appliance (SMA) 13.0.x before 13.0.385, 13.1.x before 13.1.81, 13.2.x before 13.2.183, 14.0.x before 14.0.341 EPSS 2.4%KEVCVE-2018-1112HIGHglusterfs server before versions 3.10.12, 4.0.2 is vulnerable when using 'auth.allow' option which allows any unauthenticated gluster clientEPSS 2.4%CVE-2020-3361HIGHCisco Webex Meetings and Cisco Webex Meetings Server Token Handling Unauthorized Access VulnerabilityEPSS 2.4%CVE-2020-3125HIGHCisco Adaptive Security Appliance Software Kerberos Authentication Bypass VulnerabilityEPSS 2.4%CVE-2024-37152MEDIUMUnauthenticated Access to sensitive settings in Argo CDEPSS 2.3%CVE-2021-25315CRITICALsalt-api unauthenticated remote code executionEPSS 2.3%CVE-2017-9625—An Improper Authentication issue was discovered in Envitech EnviDAS Ultimate Versions prior to v1.0.0.5. The web application lacks proper auEPSS 2.3%CVE-2020-7533—CWE-287: Improper Authentication vulnerability exists which could cause the execution of
commands on the webserver without authentication whEPSS 2.3%CVE-2019-18314—A vulnerability has been identified in SPPA-T3000 Application Server (All versions < Service Pack R8.2 SP2). An attacker with network accessEPSS 2.3%CVE-2021-43786CRITICALAPI token verification can be bypassedEPSS 2.3%CVE-2017-11430HIGHMultiple SAML libraries may allow authentication bypass via incorrect XML canonicalization and DOM traversalEPSS 2.3%CVE-2017-14000—An Improper Authentication issue was discovered in Ctek SkyRouter Series 4200 and 4400, all versions prior to V6.00.11. By accessing a speciEPSS 2.3%CVE-2021-35029CRITICALAn authentication bypasss vulnerability in the web-based management interface of Zyxel USG/Zywall series firmware versions 4.35 through 4.64EPSS 2.3%CVE-2023-28125MEDIUMAn improper authentication vulnerability exists in Avalanche Premise versions 6.3.x and below that could allow an attacker to gain access toEPSS 2.3%CVE-2018-4835—A vulnerability has been identified in TeleControl Server Basic < V3.1. An attacker with network access to the TeleControl Server Basic's poEPSS 2.2%CVE-2022-40664CRITICALAuthentication Bypass Vulnerability in Shiro when forwarding or including via RequestDispatcherEPSS 2.2%CVE-2022-41912CRITICALcrewjam/saml go library is vulnerable to signature bypass via multiple Assertion elementsEPSS 2.2%CVE-2022-24883HIGHFreeRDP Server authentication might allow invalid credentials to passEPSS 2.2%CVE-2026-21891CRITICALZimaOS has Authentication Bypass via System-Level UsernameEPSS 2.2%CVE-2017-7934—An Improper Authentication issue was discovered in OSIsoft PI Server 2017 PI Data Archive versions prior to 2017. PI Network Manager using oEPSS 2.1%