Fallos del tipo CWE-288
586 resultadosCVE-2025-24206HIGHAn authentication issue was addressed with improved state management. This issue is fixed in iOS 18.4 and iPadOS 18.4, iPadOS 17.7.6, macOS EPSS 0.3%CVE-2026-1241HIGHAuthentication Bypass Using an Alternate Path or Channel in Pelco, Inc. Sarix Pro 3 Series IP CamerasEPSS 0.3%CVE-2020-1618MEDIUMJunos OS: EX and QFX Series: Console port authentication bypass vulnerabilityEPSS 0.3%CVE-2025-34520HIGHArcserve UDP < 10.2 Authentication BypassEPSS 0.3%CVE-2025-12466HIGHSimple OAuth (OAuth2) & OpenID Connect - Critical - Access bypass - SA-CONTRIB-2025-114EPSS 0.3%CVE-2025-64530HIGH@apollo/composition has Improper Enforcement of Access Control on Interface Types and FieldsEPSS 0.3%CVE-2026-23480MEDIUMBlinko: Low Privilege User Privilege Escalation - upsertUser EndpointEPSS 0.3%CVE-2026-25357HIGHWordPress Ultimate Membership Pro plugin <= 13.7 - Account Takeover vulnerabilityEPSS 0.3%CVE-2026-25406HIGHWordPress Tutor LMS Pro plugin <= 3.9.4 - Broken Authentication vulnerabilityEPSS 0.3%CVE-2025-24496HIGHAn information disclosure vulnerability exists in the /goform/getproductInfo functionality of Tenda AC6 V5.0 V02.03.01.110. Specially crafteEPSS 0.3%CVE-2024-44286HIGHThis issue was addressed through improved state management. This issue is fixed in macOS Sequoia 15.1. An attacker with physical access can EPSS 0.3%CVE-2024-9658HIGHSchool Management System for Wordpress <= 93.0.0 - Authenticated (Student+) Account Takeover and Privilege EscalationEPSS 0.3%CVE-2026-30777MEDIUMEC-CUBE provided by EC-CUBE CO.,LTD. contains a multi-factor authentication (MFA) bypass vulnerability. An attacker who has obtained a validEPSS 0.3%CVE-2020-10048—A vulnerability has been identified in SIMATIC PCS 7 (All versions), SIMATIC WinCC (All versions < V7.5 SP2). Due to an insecure password veEPSS 0.3%CVE-2023-20003MEDIUMCisco Business Wireless Access Points Social Login Guest User Authentication Bypass VulnerabilityEPSS 0.3%CVE-2023-30946LOWIssues notification metadata lacks authorizationEPSS 0.3%CVE-2026-1779HIGHUser Registration & Membership <= 5.1.2 - Authentication BypassEPSS 0.3%CVE-2024-12225CRITICALIo.quarkus:quarkus-security-webauthn: quarkus webauthn unexpected authentication bypassEPSS 0.3%CVE-2025-22230HIGHAuthentication bypass vulnerabilityEPSS 0.3%CVE-2026-22731HIGHAuthentication Bypass under Actuator Health groups pathsEPSS 0.3%