Fallos del tipo CWE-287

1839 resultados
CVE-2023-31127CRITICALDMTF-2023-0001: SPDM mutual authentication bypassEPSS 0.9%CVE-2021-38686HIGHImproper Authentication Vulnerability in VioStorEPSS 0.9%CVE-2022-39249HIGHMatrix Javascript SDK vulnerable to impersonation via forwarded Megolm sessionsEPSS 0.9%CVE-2020-26236HIGHVerification Code Hijacking in ScratchVerifierEPSS 0.9%CVE-2025-27112MEDIUMNavidrome has authentication bypass in Subsonic API with non-existent usernameEPSS 0.9%CVE-2023-6344MEDIUMTyler Technologies Court Case Management Plus use of Aquaforest TIFF Server te003.aspx and te004.aspx allows authentication bypassEPSS 0.9%CVE-2023-6343MEDIUMTyler Technologies Court Case Management Plus use of Aquaforest TIFF Server tssp.aspx allows authentication bypassEPSS 0.9%CVE-2022-29883MEDIUMA vulnerability has been identified in SICAM T (All versions < V3.0). Affected devices do not restrict unauthenticated access to certain pagEPSS 0.9%CVE-2022-31686CRITICALVMware Workspace ONE Assist prior to 22.10 contains a Broken Authentication Method vulnerability. A malicious actor with network access to WEPSS 0.9%CVE-2022-39250HIGHMatrix JavaScript SDK vulnerable to key/device identifier confusion in SAS verificationEPSS 0.9%CVE-2023-0311MEDIUMImproper Authentication in thorsten/phpmyfaqEPSS 0.9%CVE-2023-40660MEDIUMOpensc: potential pin bypass when card tracks its own login stateEPSS 0.9%CVE-2025-4268MEDIUMTOTOLINK A720R cstecgi.cgi missing authenticationEPSS 0.9%CVE-2022-1084HIGHSourceCodester One Church Management System Session userregister.php improper authenticationEPSS 0.9%CVE-2021-37172A vulnerability has been identified in SIMATIC S7-1200 CPU family (incl. SIPLUS variants) (V4.5.0). Affected devices fail to authenticate agEPSS 0.9%CVE-2024-6057CRITICALImproper authentication in the vault password feature in Devolutions Remote Desktop Manager 2024.1.31.0 and earlier allows an attacker that EPSS 0.9%CVE-2024-12510MEDIUMLDAP Authentication Sever Pass-back attackEPSS 0.9%CVE-2013-10004MEDIUMTelecommunication Software SAMwin Contact Center Suite Password SAMwinLIBVB.dll passwordScramble improper authenticationEPSS 0.9%CVE-2022-30238HIGHA CWE-287: Improper Authentication vulnerability exists that could allow an attacker to take over the admin account when an attacker hijacksEPSS 0.9%CVE-2023-34388MEDIUMImproper authentication could lead to session hijackingEPSS 0.9%