Fallos del tipo CWE-287

1838 resultados
CVE-2022-22990HIGHLimited authentication bypass vulnerability on Western Digital My Cloud devicesEPSS 2.1%CVE-2021-20288An authentication flaw was found in ceph in versions before 14.2.20. When the monitor handles CEPHX_GET_AUTH_SESSION_KEY requests, it doesn'EPSS 2.1%CVE-2017-9939A vulnerability was discovered in Siemens SiPass integrated (All versions before V2.70) that could allow an attacker with network access to EPSS 2.1%CVE-2024-57046HIGHA vulnerability in the Netgear DGN2200 router with firmware version v1.0.0.46 and earlier permits unauthorized individuals to bypass the autEPSS 2.1%CVE-2014-0769Festo CECX-X-(C1/M1) Controller Improper AuthenticationEPSS 2.1%CVE-2017-12196MEDIUMundertow before versions 1.4.18.SP1, 2.0.2.Final, 1.4.24.Final was found vulnerable when using Digest authentication, the server does not enEPSS 2.0%CVE-2018-0382MEDIUMCisco Wireless LAN Controller Software Session Hijacking VulnerabilityEPSS 2.0%CVE-2022-21618MEDIUMVulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JGSS). Supported versions that EPSS 2.0%CVE-2017-12316A vulnerability in the Guest Portal login page of Cisco Identity Services Engine (ISE) could allow an unauthenticated, remote attacker to peEPSS 2.0%CVE-2019-18284A vulnerability has been identified in SPPA-T3000 Application Server (All versions < Service Pack R8.2 SP2). The AdminService is available wEPSS 2.0%CVE-2017-7930An Improper Authentication issue was discovered in OSIsoft PI Server 2017 PI Data Archive versions prior to 2017. PI Data Archive has protocEPSS 2.0%CVE-2022-37298CRITICALShinken Solutions Shinken Monitoring Version 2.4.3 affected is vulnerable to Incorrect Access Control. The SafeUnpickler class found in shinEPSS 2.0%CVE-2026-41679CRITICALPaperclip Vulnerable to Unauthenticated Remote Code Execution via Import Authorization BypassEPSS 2.0%CVE-2017-12225A vulnerability in the web functionality of the Cisco Prime LAN Management Solution could allow an authenticated, remote attacker to hijack EPSS 2.0%CVE-2020-27780A flaw was found in Linux-Pam in versions prior to 1.5.1 in the way it handle empty passwords for non-existing users. When the user doesn't EPSS 2.0%CVE-2024-23465HIGHSolarWinds Access Rights Manager (ARM) ChangeHumster Exposed Dangerous Method Authentication Bypass VulnerabilityEPSS 1.9%CVE-2022-22576HIGHAn improper authentication vulnerability exists in curl 7.33.0 to and including 7.82.0 which might allow reuse OAUTH2-authenticated connectiEPSS 1.9%CVE-2018-0087A vulnerability in the FTP server of the Cisco Web Security Appliance (WSA) could allow an unauthenticated, remote attacker to log in to theEPSS 1.9%CVE-2024-28992HIGHSolarWinds Access Rights Manager Directory Traversal and Information Disclosure VulnerabilityEPSS 1.9%CVE-2021-38161Not validating origin TLS certificateEPSS 1.9%