Fallos del tipo CWE-287
1841 resultadosCVE-2022-39184CRITICALEXFO - BV-10 Performance Endpoint Unit Authentication bypassEPSS 0.8%CVE-2022-47508HIGHDisable NTLM: SAM 2022.4 EPSS 0.8%CVE-2022-39289CRITICALDatabase log access in ZoneMinderEPSS 0.8%CVE-2022-23541MEDIUMjsonwebtoken's insecure implementation of key retrieval function could lead to Forgeable Public/Private Tokens from RSA to HMACEPSS 0.8%CVE-2021-25445—Unprotected component vulnerability in Samsung Internet prior to version 14.2 allows untrusted application to access internal files in SamsuEPSS 0.8%CVE-2023-32682MEDIUMImproper checks for deactivated users during login in synapseEPSS 0.8%CVE-2022-23505MEDIUMPassport-wsfed-saml2 vulnerable to Authentication Bypass for WSFed authenticationEPSS 0.8%CVE-2021-25490MEDIUMA keyblob downgrade attack in keymaster prior to SMR Oct-2021 Release 1 allows attacker to trigger IV reuse vulnerability with privileged prEPSS 0.8%CVE-2024-13111MEDIUMBeijing Yunfan Internet Technology Yunfan Learning Examination System JWT Token SysUserControl improper authenticationEPSS 0.8%CVE-2020-20402HIGHWestbrookadmin portfolioCMS v1.05 allows attackers to bypass password validation and access sensitive information via session fixation.EPSS 0.7%CVE-2023-37283HIGHAuthentication Bypass via HTML Form & Identifier First AdapterEPSS 0.7%CVE-2025-30432MEDIUMA logic issue was addressed with improved state management. This issue is fixed in iOS 18.4 and iPadOS 18.4, iPadOS 17.7.6, macOS Sonoma 14.EPSS 0.7%CVE-2024-22394CRITICALAn improper authentication vulnerability has been identified in SonicWall SonicOS SSL-VPN feature, which in specific conditions could allow EPSS 0.7%CVE-2025-6916HIGHTOTOLINK T6 formLoginAuth.htm Form_Login missing authenticationEPSS 0.7%CVE-2021-26253HIGHBypass of Splunk Enterprise's implementation of DUO MFAEPSS 0.7%CVE-2025-7574CRITICALLB-LINK BL-WR9000 Web Interface lighttpd.cgi restore improper authenticationEPSS 0.7%CVE-2025-48370LOWauth-js Vulnerable to Insecure Path Routing from Malformed User InputEPSS 0.7%CVE-2023-6787MEDIUMKeycloak: session hijacking via re-authenticationEPSS 0.7%CVE-2024-10111HIGHOAuth Single Sign On – SSO (OAuth Client) <= 6.26.3 - Authentication BypassEPSS 0.7%CVE-2024-28012CRITICALImproper authentication vulnerability in NEC Corporation Aterm WG1800HP4, WG1200HS3, WG1900HP2, WG1200HP3, WG1800HP3, WG1200HS2, WG1900HP, WEPSS 0.7%