Fallos del tipo CWE-287

1839 resultados
CVE-2021-44056HIGHImproper authentication in Video StationEPSS 0.8%CVE-2021-44057HIGHImproper authentication in Photo StationEPSS 0.8%CVE-2025-43995CRITICALDell Storage Center - Dell Storage Manager, version(s) 20.1.21, contain(s) an Improper Authentication vulnerability. An unauthenticated attaEPSS 0.8%CVE-2022-39229MEDIUMGrafana users with email as a username can block other users from signing inEPSS 0.8%CVE-2022-36092HIGHXWiki Platform Old Core vulnerable to Authentication Bypass Using the Login ActionEPSS 0.8%CVE-2023-6847HIGHImproper Authentication in GitHub Enterprise Server leading to Authentication Bypass for Public Repository DataEPSS 0.8%CVE-2024-7923CRITICALPuppet-pulpcore: an authentication bypass vulnerability exists in pulpcoreEPSS 0.8%CVE-2018-14637MEDIUMThe SAML broker consumer endpoint in Keycloak before version 4.6.0.Final ignores expiration conditions on SAML assertions. An attacker can eEPSS 0.8%CVE-2022-36073HIGHRubyGems allows creation of users with arbitrary unverified emailsEPSS 0.8%CVE-2021-43833HIGHAccount takeover in eLabFTWEPSS 0.8%CVE-2025-3621CRITICALRemote Code Execution in ProTNS ActADUREPSS 0.8%CVE-2021-38688HIGHImproper Authentication in QfileEPSS 0.8%CVE-2018-16465Missing state in Nextcloud Server prior to 14.0.0 would not enforce the use of a second factor at login if the the provider of the second faEPSS 0.8%CVE-2026-41574CRITICALNhost Vulnerable to Account Takeover via OAuth Email Verification BypassEPSS 0.8%CVE-2019-5426In Ubiquiti Networks EdgeSwitch X v1.1.0 and prior, an unauthenticated user can use the "local port forwarding" and "dynamic port forwardingEPSS 0.8%CVE-2017-7557dnsdist version 1.1.0 is vulnerable to a flaw in authentication mechanism for REST API potentially allowing CSRF attack.EPSS 0.8%CVE-2025-44083CRITICALAn issue in D-Link DI-8100 16.07.26A1 allows a remote attacker to bypass administrator login authenticationEPSS 0.8%CVE-2025-5495MEDIUMNetgear WNR614 URL improper authenticationEPSS 0.8%CVE-2021-41309MEDIUMAffected versions of Atlassian Jira Server and Data Center allow a user who has had their Jira Service Management access revoked to export aEPSS 0.8%CVE-2022-31083HIGHAuthentication bypass in Parse Server Apple Game Center auth adapter EPSS 0.8%