Fallos del tipo CWE-287

1843 resultados
CVE-2024-23637MEDIUMOctoPrint Unverified Password Change via Access Control SettingsEPSS 0.5%CVE-2023-41089HIGHImproper Authentication in DEXMA DEXGateEPSS 0.5%CVE-2023-25913HIGHAuthentication Bypass in Danfoss AK-SM800AEPSS 0.5%CVE-2024-34399CRITICAL**UNSUPPORTED WHEN ASSIGNED** An issue was discovered in BMC Remedy Mid Tier 7.6.04. An unauthenticated remote attacker is able to access anEPSS 0.5%CVE-2026-4562MEDIUMMacCMS Timming API Endpoint Timming.php weak authenticationEPSS 0.5%CVE-2024-11293HIGHRegistration Forms – User Registration Forms, Invitation-Based Registrations, Front-end User Profile, Login Form & Content Restriction Social Sites Login <= 1.7.9 - Authentication Bypass via WordPress.com OAuth providerEPSS 0.5%CVE-2025-5149MEDIUMWCMS Login getallcon getMemberByUid improper authenticationEPSS 0.5%CVE-2025-49812HIGHApache HTTP Server: mod_ssl TLS upgrade attackEPSS 0.5%CVE-2024-41198CRITICALAn issue in Ocuco Innovation - REPORTS.EXE v2.10.24.13 allows attackers to bypass authentication and escalate privileges to Administrator viEPSS 0.5%CVE-2024-41197CRITICALAn issue in Ocuco Innovation - INVCLIENT.EXE v2.10.24.5 allows attackers to bypass authentication and escalate privileges to Administrator vEPSS 0.5%CVE-2024-41195CRITICALAn issue in Ocuco Innovation - INNOVASERVICEINTF.EXE v2.10.24.17 allows attackers to bypass authentication and escalate privileges to AdminiEPSS 0.5%CVE-2024-38523HIGHHush Line OTP issueEPSS 0.5%CVE-2023-1980MEDIUMTwo factor authentication bypass on login in Devolutions Remote Desktop Manager 2022.3.35 and earlier allow user to cancel the two factorEPSS 0.5%CVE-2022-38982CRITICALThe fingerprint module has service logic errors.Successful exploitation of this vulnerability will cause the phone lock to be cracked.EPSS 0.5%CVE-2026-31387MEDIUMApache OFBiz: Cookie Manipulation Allows Authenticated JWT Forgery and Account ImpersonationEPSS 0.5%CVE-2026-28408CRITICALWeGIA lacks authentication verification in adicionar_tipo_docs_atendido.phpEPSS 0.5%CVE-2025-5906MEDIUMcode-projects Laundry System data missing authenticationEPSS 0.5%CVE-2026-2249CRITICALUnauthenticated Remote Command Execution via Web Console in METIS DFSEPSS 0.5%CVE-2024-9947HIGHProfilePress - Pro <= 4.11.1 - Authentication Bypass via WordPress.com OAuth providerEPSS 0.5%CVE-2026-4187MEDIUMTiandy Easy7 Integrated Management Platform Device Identifier UpdateLocalDevInfo.jsp missing authenticationEPSS 0.5%