Fallos del tipo CWE-288
586 resultadosCVE-2023-42771HIGHAuthentication bypass vulnerability in ACERA 1320 firmware ver.01.26 and earlier, and ACERA 1310 firmware ver.01.26 and earlier allows a netEPSS 0.3%CVE-2022-31022MEDIUMMissing Role Based Access Control for the REST handlers in bleve/http packageEPSS 0.3%CVE-2025-67070HIGHA vulnerability exists in Intelbras CFTV IP NVD 9032 R Ftd V2.800.00IB00C.0.T, which allows an unauthenticated attacker to bypass the multi-EPSS 0.3%CVE-2025-0549MEDIUMAuthentication Bypass Using an Alternate Path or Channel in GitLabEPSS 0.3%CVE-2025-8093HIGHAuthenticator Login - Moderately critical - Access bypass - SA-CONTRIB-2025-098EPSS 0.3%CVE-2026-40790MEDIUMWordPress WP SMS plugin <= 7.2.1 - Sensitive Data Exposure vulnerabilityEPSS 0.3%CVE-2025-47710HIGHEnterprise MFA - TFA for Drupal - Critical - Access bypass - SA-CONTRIB-2025-056EPSS 0.3%CVE-2026-25439HIGHWordPress Booknetic plugin <= 4.8.5 - Account Takeover vulnerabilityEPSS 0.3%CVE-2026-48970HIGHWordPress Really Simple SSL plugin <= 9.5.10 - Broken Authentication vulnerabilityEPSS 0.3%CVE-2026-22037HIGH@fastify/express vulnerable to Improper Handling of URL Encoding (Hex Encoding)EPSS 0.3%CVE-2026-32678HIGHAuthentication bypass issue exists in BUFFALO Wi-Fi router products, which may allow an attacker to alter critical configuration settings wiEPSS 0.3%CVE-2017-6871—A vulnerability was discovered in Siemens SIMATIC WinCC Sm@rtClient for Android (All versions before V1.0.2.2) and SIMATIC WinCC Sm@rtClientEPSS 0.3%CVE-2026-42629HIGHWordPress PowerPack Pro for Elementor plugin < v2.13.0 - Broken Authentication vulnerabilityEPSS 0.3%CVE-2025-3932MEDIUMTracking Links in Attachments Bypassed Remote Content BlockingEPSS 0.3%CVE-2026-42303MEDIUMFides: Privacy Request Identity Verification Bypass Vulnerability via Duplicate DetectionEPSS 0.3%CVE-2026-6771CRITICALMitigation bypass in the DOM: Security componentEPSS 0.3%CVE-2026-40799MEDIUMWordPress Simple Cloudflare Turnstile plugin <= 1.38.0 - Broken Authentication vulnerabilityEPSS 0.3%CVE-2026-27611HIGHFileBrowser Quantum: Password Protection Not Enforced on Shared File LinksEPSS 0.3%CVE-2024-5620MEDIUMAuthentication Bypass in PruvaSoft Informatics' Apinizer Management ConsoleEPSS 0.3%CVE-2025-67507HIGHFilament's multi-factor authentication (app) recovery codes can be used multiple timesEPSS 0.3%