Fallos del tipo CWE-287

1847 resultados
CVE-2025-24292MEDIUMA misconfigured query in UniFi Network (v9.1.120 and earlier) could allow users to authenticate to Enterprise WiFi or VPN Server (l2tp and OEPSS 0.3%CVE-2022-31011HIGHTiDB authentication bypass vulnerabilityEPSS 0.3%CVE-2025-56578MEDIUMAn issue in RTSPtoWeb v.2.4.3 allows a remote attacker to obtain sensitive information and executearbitrary code via the lack of authenticatEPSS 0.3%CVE-2026-34917MEDIUMLow‑privileged session IDs generated for the web admin console could be reused in the XML‑RPC API, whose authentication is normally restrictEPSS 0.3%CVE-2024-0568HIGH CWE-287: Improper Authentication vulnerability exists that could cause unauthorized tampering of device configuration over NFC communicatioEPSS 0.3%CVE-2025-69273HIGHSpectrum broken authenticationEPSS 0.3%CVE-2025-31478HIGHZulip Authentication Backend Configuration BypassEPSS 0.3%CVE-2023-39531MEDIUMSentry vulnerable to incorrect credential validation on OAuth token requestsEPSS 0.3%CVE-2024-37897MEDIUMInsufficient access control for password reset in sftpgoEPSS 0.3%CVE-2026-27611HIGHFileBrowser Quantum: Password Protection Not Enforced on Shared File LinksEPSS 0.3%CVE-2025-67507HIGHFilament's multi-factor authentication (app) recovery codes can be used multiple timesEPSS 0.3%CVE-2023-50804LOWAn issue was discovered in Samsung Mobile Processor, and Modem Exynos 9820, Exynos 9825, Exynos 980, Exynos 990, Exynos 850, Exynos 1080, ExEPSS 0.3%CVE-2024-55886MEDIUMOpenTelemetry Logs source may lack authentication with some custom pluginsEPSS 0.3%CVE-2022-43978MEDIUMLimited Authentication bypass due to hardcoded secretEPSS 0.3%CVE-2025-10224MEDIUMIncorrect Evaluation of LDAP Nested Groups during Login in AxxonSoft Axxon One (C-Werk)EPSS 0.3%CVE-2025-14908MEDIUMJeecgBoot Multi-Tenant Management SysTenantController.java improper authenticationEPSS 0.3%CVE-2024-10474CRITICALFocus was incorrectly allowing internal links to utilize the app scheme used for deeplinking, which could result in links potentially circumEPSS 0.3%CVE-2026-46928HIGHVulnerability in the Oracle Spares Management product of Oracle E-Business Suite (component: Internal Operations). Supported versions that EPSS 0.3%CVE-2026-30223HIGHOliveTin: JWT Audience Validation Bypass in Local Key and HMAC ModesEPSS 0.3%CVE-2026-46916HIGHVulnerability in the Oracle Process Manufacturing Product Development product of Oracle E-Business Suite (component: Quality Management SpecEPSS 0.3%