Fallos del tipo CWE-287

1845 resultados
CVE-2020-7296MEDIUMWeb Gateway (MWG) - Privilege Escalation vulnerabilityEPSS 0.4%CVE-2021-44458HIGHLack of websocket authentication in Lens causes remote code execution when visiting a malicious websiteEPSS 0.4%CVE-2026-21508HIGHWindows Storage Elevation of Privilege VulnerabilityEPSS 0.4%CVE-2025-41064CRITICALIncorrect authentication in GTT´s group OpenSIACEPSS 0.4%CVE-2021-41503HIGHDCS-5000L v1.05 and DCS-932L v2.17 and older are affecged by Incorrect Acess Control. The use of the basic authentication for the devices coEPSS 0.4%CVE-2024-11087HIGHminiOrange Social Login and Register (Discord, Google, Twitter, LinkedIn) Pro Addon <= 200.3.9 - Authentication BypassEPSS 0.4%CVE-2025-5247MEDIUMGowabby HFish url.go LoadUrl improper authenticationEPSS 0.4%CVE-2023-28540CRITICALImproper Authentication in Data ModemEPSS 0.4%CVE-2026-0558HIGHUnauthenticated File Upload in parisneo/lollmsEPSS 0.4%CVE-2026-4959MEDIUMOpenBMB XAgent ShareServer WebSocket Endpoint share.py check_user missing authenticationEPSS 0.4%CVE-2022-46829HIGHIn JetBrains JetBrains Gateway before 2022.3 a client could connect without a valid token if the host consented.EPSS 0.4%CVE-2025-37106HIGHAn authentication bypass and disclosure of information vulnerability exists in HPE AutoPass License Server (APLS) prior to 9.18.EPSS 0.4%CVE-2024-13804CRITICALUnauthenticated RCE in HPE Insight Cluster Management UtilityEPSS 0.4%CVE-2022-39231LOWParse Server subject to Improper Authentication allowing Auth adapter app ID validation to be circumventedEPSS 0.4%CVE-2026-30949HIGHParse Server is missing audience validation in Keycloak authentication adapterEPSS 0.4%CVE-2025-3062MEDIUMDrupal Admin LTE theme - Critical - Unsupported - SA-CONTRIB-2025-010EPSS 0.4%CVE-2025-3061MEDIUMMaterial Admin - Critical - Unsupported - SA-CONTRIB-2025-006EPSS 0.4%CVE-2025-64175HIGHGogs Vulnerable to 2FA Bypass via Recovery CodeEPSS 0.4%CVE-2025-56333CRITICALAn issue in Fossorial fosrl/pangolin v.1.6.2 and before allows a remote attacker to escalate privileges via the 2FA componentEPSS 0.4%CVE-2026-33432HIGHRoxy-WI has Pre-Authentication LDAP Injection that Leads to Authentication BypassEPSS 0.4%