Fallos del tipo CWE-287
1843 resultadosCVE-2025-5906MEDIUMcode-projects Laundry System data missing authenticationEPSS 0.5%CVE-2024-36444HIGHcgi-bin/fdmcgiwebv2.cgi on Swissphone DiCal-RED 4009 devices allows an unauthenticated attacker to gain access to device logs.EPSS 0.5%CVE-2021-32738MEDIUMUtils.readChallengeTx does not verify the server account signatureEPSS 0.5%CVE-2024-56336CRITICALA vulnerability has been identified in SINAMICS S200 (All versions with serial number beginning with SZVS8, SZVS9, SZVS0 or SZVSN and the FSEPSS 0.5%CVE-2024-11671MEDIUMImproper authentication in SQL data source MFA validation in Devolutions Remote Desktop Manager 2024.3.17 and earlier on Windows allows an aEPSS 0.5%CVE-2024-41929HIGHImproper authentication vulnerability in multiple digital video recorders provided by TAKENAKA ENGINEERING CO., LTD. allows a remote authentEPSS 0.5%CVE-2025-64055CRITICALAn issue was discovered in Fanvil x210 V2 2.12.20 allowing unauthenticated attackers on the local network to access administrative functionsEPSS 0.5%CVE-2025-27414MEDIUMMinIO SFTP authentication bypass due to improperly trusted SSH keyEPSS 0.5%CVE-2025-15457MEDIUMbg5sbk MiniCMS Trash File Restore post.php improper authenticationEPSS 0.5%CVE-2025-9994CRITICALAmp’ed RF BT-AP 111 Bluetooth access point's HTTP admin interface does not require authenticationEPSS 0.5%CVE-2025-15458MEDIUMbg5sbk MiniCMS Article post-edit.php improper authenticationEPSS 0.5%CVE-2022-3674HIGHSourceCodester Sanitization Management System missing authenticationEPSS 0.5%CVE-2023-32081MEDIUMVert.x STOMP server process client frames that would not send initially a connect frameEPSS 0.5%CVE-2024-57432HIGHmacrozheng mall-tiny 1.0.1 suffers from Insecure Permissions. The application's JWT signing keys are hardcoded and do not change. User inforEPSS 0.5%CVE-2022-26508MEDIUMImproper authentication in the Intel(R) SDP Tool before version 3.0.0 may allow an unauthenticated user to potentially enable information diEPSS 0.5%CVE-2026-5959HIGHGL.iNet GL-RM1/GL-RM10/GL-RM10RC/GL-RM1PE Factory Reset improper authenticationEPSS 0.5%CVE-2026-12795MEDIUMBerriAI litellm SSO Debug Flow ui_sso.py json.dumps missing authenticationEPSS 0.5%CVE-2026-46859CRITICALVulnerability in the Oracle Agile PLM product of Oracle Supply Chain (component: Security). The supported version that is affected is 9.3.EPSS 0.5%CVE-2025-30116HIGHAn issue was discovered on the Forvia Hella HELLA Driving Recorder DR 820. Remotely Dumping of Video Footage and the Live Video Stream can oEPSS 0.5%CVE-2026-3224CRITICALAuthentication bypass in the Microsoft Entra ID (Azure AD) authentication mode in Devolutions Server 2025.3.15.0 and earlier allows an unautEPSS 0.5%