Fallos del tipo CWE-287

1847 resultados
CVE-2026-32879MEDIUMNew API has passkey-based secure step-up verification bypass for root-only channel secret disclosureEPSS 0.3%CVE-2024-38351MEDIUMPassword auth and OAuth2 unverified email linkingEPSS 0.3%CVE-2022-42463HIGHSoftbus_server in communication subsystem has a authenication bypass vulnerability in a callback handler function. Attackers can launch attacks on distributed networks by sending Bluetooth rfcomm packets to any remote device and executing arbitrary co ...EPSS 0.3%CVE-2022-25768HIGHImproper Access Control in UI upgrade processEPSS 0.3%CVE-2025-15135MEDIUMjoey-zhou xiaozhi-esp32-server-java Cookie AuthenticationInterceptor.java tryAuthenticateWithCookies improper authenticationEPSS 0.3%CVE-2026-34990MEDIUMOpenPrinting CUPS: Local print admin token disclosure using temporary printersEPSS 0.3%CVE-2023-49790MEDIUMApp PIN code can be bypassed in Nextcloud Files iOSEPSS 0.3%CVE-2020-8108HIGHInsufficient client validation in Bitdefender Endpoint Security for Mac (VA-8759)EPSS 0.3%CVE-2024-35775MEDIUMWordPress Slider by Soliloquy plugin <= 2.7.6 - Broken Access Control to XSS vulnerabilityEPSS 0.3%CVE-2025-49012MEDIUMHimmelblau's Name-Based Group Matching in `pam_allow_groups` Leads to Potential Security BypassEPSS 0.3%CVE-2026-4583LOWShenzhen HCC Technology MPOS M6 PLUS Bluetooth authentication replayEPSS 0.3%CVE-2026-32072MEDIUMActive Directory Spoofing VulnerabilityEPSS 0.3%CVE-2023-3591MEDIUMLack of previous password reset tokens on new token creationEPSS 0.3%CVE-2026-41081MEDIUMApache Storm Client: Anonymous principal assigned on TLS client certificate verification failureEPSS 0.3%CVE-2025-52571CRITICALHikka vulnerable to RCE through edits in a channelEPSS 0.3%CVE-2025-68402HIGHFreshRSS has an authentication bypass due to truncated bcrypt hash [edge branch]EPSS 0.3%CVE-2026-49843MEDIUMFreeSWITCH: Pre-authentication session eviction via attacker-chosen `sessid` in `mod_verto`EPSS 0.3%CVE-2022-41579MEDIUMThere is an insufficient authentication vulnerability in some Huawei band products. Successful exploit could allow the attacker to spoof theEPSS 0.3%CVE-2026-23708MEDIUMA improper authentication vulnerability in Fortinet FortiSOAR PaaS 7.6.0 through 7.6.3, FortiSOAR PaaS 7.5.0 through 7.5.2, FortiSOAR on-preEPSS 0.3%CVE-2020-3151MEDIUMCisco Connected Mobile Experiences Restricted Shell Escape VulnerabilityEPSS 0.3%