Fallos del tipo CWE-287
1841 resultadosCVE-2017-12281—A vulnerability in the implementation of Protected Extensible Authentication Protocol (PEAP) functionality for standalone configurations of EPSS 0.7%CVE-2017-7937—An Improper Authentication issue was discovered in Phoenix Contact GmbH mGuard firmware versions 8.3.0 to 8.4.2. An attacker may be able to EPSS 0.7%CVE-2022-23654HIGHImproper write access check in Requarks/wikiEPSS 0.7%CVE-2025-63216CRITICALThe Itel DAB Gateway (IDGat build c041640a) is vulnerable to Authentication Bypass due to improper JWT validation across devices. Attackers EPSS 0.7%CVE-2024-12264CRITICALPayU CommercePro Plugin <= 3.8.3 - Unauthenticated Privilege EscalationEPSS 0.7%CVE-2024-4303HIGH ArmorX Android APP - MFA BypassEPSS 0.7%CVE-2025-54888HIGH@fedify/fedify: Improper Authentication and Incorrect AuthorizationEPSS 0.7%CVE-2023-22278MEDIUMm-FILTER prior to Ver.5.70R01 (Ver.5 Series) and m-FILTER prior to Ver.4.87R04 (Ver.4 Series) allows a remote unauthenticated attacker to byEPSS 0.7%CVE-2020-18305HIGHExtreme Networks EXOS before v.22.7 and before v.30.2 was discovered to contain an issue in its Web GUI which fails to restrict URL access, EPSS 0.7%CVE-2023-51484CRITICALWordPress Login as User or Customer plugin <= 3.8 - Unauthenticated Account Takeover vulnerabilityEPSS 0.7%CVE-2026-1203MEDIUMCRMEB JSON Token LoginServices.php remoteRegister improper authenticationEPSS 0.7%CVE-2022-41436CRITICALAn issue in OXHOO TP50 OXH1.50 allows unauthenticated attackers to access the administrative panel via browsing to the URL http://device_ip/EPSS 0.7%CVE-2024-10173MEDIUMdidi DDMQ Console Module improper authenticationEPSS 0.7%CVE-2025-3268MEDIUMqinguoyi TinyWebServer http_conn.cpp improper authenticationEPSS 0.7%CVE-2021-32646MEDIUMEscalation of permissions in roomerEPSS 0.7%CVE-2023-0105MEDIUMA flaw was found in Keycloak. This flaw allows impersonation and lockout due to the email trust not being handled correctly in Keycloak. An EPSS 0.7%CVE-2023-41956HIGHWordPress Simple Membership plugin <= 4.3.4 - Authenticated Account Takeover vulnerabilityEPSS 0.7%CVE-2024-2112MEDIUMForm Maker by 10Web – Mobile-Friendly Drag & Drop Contact Form Builder <= 1.15.22 - Sensitive Information ExposureEPSS 0.7%CVE-2023-7079MEDIUMArbitrary remote file read in Wrangler dev serverEPSS 0.7%CVE-2024-25699HIGHPortal for ArcGIS has an invalid authentication vulnerabilityEPSS 0.7%