Fallos del tipo CWE-287

1844 resultados
CVE-2026-6635MEDIUMrowboatlabs rowboat tools_webhook app.py tool_call improper authenticationEPSS 0.5%CVE-2024-1609HIGHOPPO Store APP has a WebView component privilege escalation vulnerability.EPSS 0.5%CVE-2023-37268MEDIUMUser login confusion with SSO in warpgateEPSS 0.5%CVE-2025-6172CRITICALPermission vulnerability in the mobile application (com.afmobi.boomplayer) may lead to the risk of unauthorized operation.EPSS 0.5%CVE-2022-34331MEDIUMIBM Power FW security bypassEPSS 0.5%CVE-2019-18246BIOTRONIK CardioMessenger II, The affected products do not properly enforce mutual authentication with the BIOTRONIK Remote Communication inEPSS 0.5%CVE-2020-7295LOWWeb Gateway (MWG) - Privilege Escalation vulnerabilityEPSS 0.5%CVE-2019-18252BIOTRONIK CardioMessenger II, The affected products allow credential reuse for multiple authentication purposes. An attacker with adjacent aEPSS 0.5%CVE-2025-3222CRITICALSmallworld SWMFS Improper AuthenticationEPSS 0.5%CVE-2023-23761HIGHImproper authentication vulnerability in GitHub Enterprise Server leading to modification of secret gistsEPSS 0.5%CVE-2025-49146HIGHpgjdbc Client Allows Fallback to Insecure Authentication Despite channelBinding=require ConfigurationEPSS 0.5%CVE-2021-25910HIGHZIV AUTOMATION 4CCT vulnerable to improper authenticationEPSS 0.5%CVE-2026-6274CRITICALAuthentication Bypass in DTS Electronics' Redline WR3200EPSS 0.5%CVE-2026-5722CRITICALMoreConvert Pro <= 1.9.14 - Authentication Bypass via Waitlist Guest Verification Token ReuseEPSS 0.5%CVE-2025-57434HIGHCreacast Creabox Manager contains a critical authentication flaw that allows an attacker to bypass login validation. The system grants accesEPSS 0.5%CVE-2025-2388MEDIUMKeytop 路内停车收费系统 API getParks improper authenticationEPSS 0.5%CVE-2026-7714MEDIUMcrocodilestick Calibre-Web-Automated Admin Endpoint cwa_functions.py missing authenticationEPSS 0.5%CVE-2024-14034CRITICALHirschmann HiEOS Authentication Bypass via HTTP Management ModuleEPSS 0.5%CVE-2026-33409HIGHParse Server: Auth provider validation bypass on login via partial authDataEPSS 0.5%CVE-2026-28215CRITICALhoppscotch Vulnerable to Unauthenticated Onboarding Config TakeoverEPSS 0.5%