Fallos del tipo CWE-287

1838 resultados
CVE-2024-40794MEDIUMThis issue was addressed through improved state management. This issue is fixed in Safari 17.6, iOS 17.6 and iPadOS 17.6, macOS Sonoma 14.6.EPSS 1.2%CVE-2022-46145HIGHauthentik vulnerable to unauthorized user creation and potential account takeoverEPSS 1.2%CVE-2023-52160MEDIUMThe implementation of PEAP in wpa_supplicant through 2.10 allows authentication bypass. For a successful attack, wpa_supplicant must be confEPSS 1.2%CVE-2024-6248HIGHWyze Cam v3 Cloud Infrastructure Improper Authentication Remote Code Execution VulnerabilityEPSS 1.2%CVE-2020-15164CRITICALAuthentication Bypass in Scratch Login (mediawiki-scratch-login)EPSS 1.2%CVE-2021-41312HIGHAffected versions of Atlassian Jira Server and Data Center allow a remote attacker who has had their access revoked from Jira Service ManageEPSS 1.2%CVE-2022-2141CRITICALICSA-22-200-01 MiCODUS MV720 GPS tracker Improper AuthenticationEPSS 1.2%CVE-2023-0773CRITICALUnauthorized Access Control Vulnerability in Uniview IP CameraEPSS 1.2%CVE-2024-23470CRITICALSolarWinds Access Rights Manager (ARM) UserScriptHumster Exposed Dangerous Method Remote Command Execution VulnerabilityEPSS 1.2%CVE-2022-46146MEDIUMPrometheus Exporter Toolkit vulnerable to basic authentication bypassEPSS 1.2%CVE-2025-6763CRITICALComet System H3531 Web-based Management setupA.cfg missing authenticationEPSS 1.2%CVE-2025-49831CRITICALConjur OSS and Secrets Manager, Self-Hosted (formerly Conjur Enterprise) vulnerable to IAM Authenticator Bypass via Mis-configured Network DeviceEPSS 1.2%CVE-2024-38124CRITICALWindows Netlogon Elevation of Privilege VulnerabilityEPSS 1.2%CVE-2021-22796A CWE-287: Improper Authentication vulnerability exists that could allow remote code execution when a malicious file is uploaded. Affected PEPSS 1.2%CVE-2019-12254CRITICALTECSON/GOK: Improper Authentication and Access Control on multiple devicesEPSS 1.2%CVE-2020-24675CRITICALWeak Authentication in Symphony PlusEPSS 1.2%CVE-2024-51767HIGHAn authentication bypass vulnerability exists in HPE AutoPass License Server (APLS) prior to 9.17.EPSS 1.1%CVE-2023-6342MEDIUMTyler Technologies Court Case Management Plus "pay for print" allows authentication bypassEPSS 1.1%CVE-2023-37918MEDIUMAPI token authentication bypass in HTTP endpoints in DaprEPSS 1.1%CVE-2023-1778CRITICALDefault Credential Vulnerability in GajShield Data Security FirewallEPSS 1.1%