Fallos del tipo CWE-287
1843 resultadosCVE-2022-36093HIGHXWiki Platform Web Templates vulnerable to Unauthorized User Registration Through the Distribution WizardEPSS 0.7%CVE-2020-7293CRITICALWeb Gateway (MWG) - Privilege Escalation vulnerabilityEPSS 0.7%CVE-2018-0163—A vulnerability in the 802.1x multiple-authentication (multi-auth) feature of Cisco IOS Software could allow an unauthenticated, adjacent atEPSS 0.7%CVE-2022-23554MEDIUMAuthentication bypass in AlpineEPSS 0.7%CVE-2023-30845HIGHESPv2 vulnerable to JWT authentication bypass via `X-HTTP-Method-Override` headerEPSS 0.7%CVE-2022-42951HIGHAn issue was discovered in Couchbase Server 6.5.x and 6.6.x before 6.6.6, 7.x before 7.0.5, and 7.1.x before 7.1.2. During the start-up of aEPSS 0.7%CVE-2022-0910MEDIUMA downgrade from two-factor authentication to one-factor authentication vulnerability in the CGI program of Zyxel USG/ZyWALL series firmwareEPSS 0.7%CVE-2023-51472CRITICALWordPress Checkout Mestres WP plugin <= 7.1.9.7 - Unauthenticated Account Takeover vulnerabilityEPSS 0.7%CVE-2025-5512MEDIUMquequnlong shiyi-blog Administrator Backend verifyPassword improper authenticationEPSS 0.7%CVE-2023-4373CRITICAL
Inadequate validation of permissions when employing remote tools and macros within Devolutions Remote Desktop Manager versions 2023.2.19 anEPSS 0.7%CVE-2025-46548MEDIUMApache Pekko Management, Apache Pekko Management, Apache Pekko Management, Akka Management, Akka Management, Akka Management: management API basic authentication is not effectiveEPSS 0.7%CVE-2026-0953CRITICALTutor LMS Pro <= 3.9.5 - Authentication Bypass via Social LoginEPSS 0.7%CVE-2023-51405HIGHWordPress BookingPress plugin <= 1.0.74 - Booking Price Manipulation vulnerabilityEPSS 0.7%CVE-2023-51482CRITICALWordPress Eazy Plugin Manager plugin <= 4.1.2 - Auth. Arbitrary Options Update lead to RCE vulnerabilityEPSS 0.7%CVE-2023-46249CRITICALauthentik potential installation takeover when default admin user is deletedEPSS 0.7%CVE-2026-3794MEDIUMdoramart DoraCMS Email API send improper authenticationEPSS 0.7%CVE-2022-2533MEDIUMAn issue has been discovered in GitLab affecting all versions starting from 12.10 before 15.1.6, all versions starting from 15.2 before 15.2EPSS 0.7%CVE-2023-3622MEDIUMAccess Control Bypass Vulnerability in the SolarWinds Platform EPSS 0.7%CVE-2021-26074MEDIUMBroken Authentication in Atlassian Connect Spring Boot (ACSB) from version 1.1.0 before version 2.1.3: Atlassian Connect Spring Boot is a JaEPSS 0.7%CVE-2022-47408CRITICALAn issue was discovered in the fp_newsletter (aka Newsletter subscriber management) extension before 1.1.1, 1.2.0, 2.x before 2.1.2, 2.2.1 tEPSS 0.7%