Fallos del tipo CWE-287
1838 resultadosCVE-2022-28666MEDIUMWordPress Custom Product Tabs for WooCommerce plugin <= 1.7.7 - Broken Access Control vulnerabilityEPSS 1.2%CVE-2025-53793HIGHAzure Stack Hub Information Disclosure VulnerabilityEPSS 1.2%CVE-2023-24831CRITICALApache IoTDB grafana-connector Login Bypass VulnerabilityEPSS 1.2%CVE-2023-6248CRITICALData leakage and arbitrary remote code execution in Syrus cloud devicesEPSS 1.2%CVE-2023-6483CRITICALImproper Authentication Vulnerability in ADiTaaS EPSS 1.2%CVE-2022-35248—A improper authentication vulnerability exists in Rocket.Chat <v5, <v4.8.2 and <v4.7.5 that allowed two factor authentication can be bypasseEPSS 1.2%CVE-2019-6527—PR100088 Modbus gateway versions prior to Release R02 (or Software Version 1.1.13166) may allow an attacker to be able to change the passworEPSS 1.2%CVE-2021-39196HIGHAuthenticated non-privileged user can request unfiltered data without adequate permissions in pcaptureEPSS 1.2%CVE-2026-1368HIGHVideo Conferencing with Zoom API < 4.6.6 - Unauthenticated SDK Signature GenerationEPSS 1.2%CVE-2023-6907MEDIUMcodelyfe Stupid Simple CMS Deletion Interface delete.php improper authenticationEPSS 1.2%CVE-2021-43444HIGHONLYOFFICE all versions as of 2021-11-08 is affected by Incorrect Access Control. Signed document download URLs can be forged due to a weak EPSS 1.2%CVE-2021-39215HIGHAuthentication Bypass: Forged Tokens Allow Access to Arbitrary RoomsEPSS 1.2%CVE-2021-22858HIGHChanGate EnterPrise Co., Ltd property management system - Broken AuthenticationEPSS 1.2%CVE-2017-9630—An Improper Authentication issue was discovered in PDQ Manufacturing LaserWash G5 and G5 S Series all versions, LaserWash M5, all versions, EPSS 1.2%CVE-2022-28321CRITICALThe Linux-PAM package before 1.5.2-6.1 for openSUSE Tumbleweed allows authentication bypass for SSH logins. The pam_access.so module doesn'tEPSS 1.2%CVE-2023-45038MEDIUMMusic StationEPSS 1.2%CVE-2024-49076HIGHWindows Virtualization-Based Security (VBS) Enclave Elevation of Privilege VulnerabilityEPSS 1.2%CVE-2019-18321—A vulnerability has been identified in SPPA-T3000 MS3000 Migration Server (All versions). An attacker with network access to the MS3000 ServEPSS 1.2%CVE-2019-18322—A vulnerability has been identified in SPPA-T3000 MS3000 Migration Server (All versions). An attacker with network access to the MS3000 ServEPSS 1.2%CVE-2020-15243CRITICALWebApi Authentication attribute missing in SmartstoreEPSS 1.2%