Fallos del tipo CWE-287
1844 resultadosCVE-2023-21027HIGHIn multiple functions of PasspointXmlUtils.java, there is a possible authentication misconfiguration due to a logic error in the code. This EPSS 0.5%CVE-2023-5326MEDIUMSATO CL4NX-J Plus WebConfig improper authenticationEPSS 0.5%CVE-2023-5328MEDIUMSATO CL4NX-J Plus Cookie improper authenticationEPSS 0.5%CVE-2023-42662CRITICALJFrog Artifactory Improper SSO Mechanism may lead to Exposure of Access TokensEPSS 0.5%CVE-2025-6533MEDIUMxxyopen/201206030 novel-plus CATCHA LoginController.java ajaxLogin authentication replayEPSS 0.5%CVE-2025-2344MEDIUMIROAD Dash Cam X5/Dash Cam X6 API Endpoint missing authenticationEPSS 0.5%CVE-2025-67158HIGHAn authentication bypass in the /cgi-bin/jvsweb.cgi endpoint of Revotech I6032W-FHW v1.0.0014 - 20210517 allows attackers to access sensitivEPSS 0.5%CVE-2023-39303MEDIUMQTS, QuTS hero, QuTScloudEPSS 0.5%CVE-2026-34500MEDIUMApache Tomcat: OCSP checks sometimes soft-fail with FFM even when soft-fail is disabledEPSS 0.5%CVE-2026-22236CRITICALImproper Authentication Vulnerability in BLUVOYIXEPSS 0.5%CVE-2025-5985MEDIUMcode-projects School Fees Payment System improper authenticationEPSS 0.5%CVE-2025-47275CRITICALBrute Force Authentication Tags of CookieStore Sessions in Auth0-PHP SDKEPSS 0.5%CVE-2022-24885LOWImproper Authentication in Nextcloud Android FilesEPSS 0.5%CVE-2024-1609HIGHOPPO Store APP has a WebView component privilege escalation vulnerability.EPSS 0.5%CVE-2026-6635MEDIUMrowboatlabs rowboat tools_webhook app.py tool_call improper authenticationEPSS 0.5%CVE-2025-32879HIGHAn issue was discovered on COROS PACE 3 devices through 3.0808.0. It starts advertising if no device is connected via Bluetooth. This allowsEPSS 0.5%CVE-2022-40616MEDIUMIBM Maximo Asset Management 7.6.1.1, 7.6.1.2, and 7.6.1.3 could allow a user to bypass authentication and obtain sensitive information or peEPSS 0.5%CVE-2023-37268MEDIUMUser login confusion with SSO in warpgateEPSS 0.5%CVE-2025-6172CRITICALPermission vulnerability in the mobile application (com.afmobi.boomplayer) may lead to the risk of unauthorized operation.EPSS 0.5%CVE-2022-34331MEDIUMIBM Power FW security bypassEPSS 0.5%