Fallos del tipo CWE-288
586 resultadosCVE-2025-48926MEDIUMThe admin panel in the TeleMessage service through 2025-05-05 allows attackers to discover usernames, e-mail addresses, passwords, and telepEPSS 0.2%CVE-2026-48491HIGHTraefik: SNICheck ignores wildcard TLSOptions mappings, allowing domain-fronted mTLS bypassEPSS 0.2%CVE-2021-35530MEDIUMUser authentication bypass in TXpert Hub CoreTec 4EPSS 0.2%CVE-2022-23725HIGHPingID Windows Login prior to 2.8 does not properly set permissions on the Windows Registry entries used to store sensitive API keys under some circumstancesEPSS 0.2%CVE-2026-53622HIGHTraefik: HTTP/3 mTLS bypass via exact SNI TLSOptions lookup for wildcard and mixed-case hostsEPSS 0.2%CVE-2024-52586MEDIUMeLabFTW MFA bypassEPSS 0.2%CVE-2026-2540HIGHMicca KE700 Acceptance of previously used rolling codesEPSS 0.2%CVE-2026-8990MEDIUMAuthentication Bypass in KidsviewEPSS 0.2%CVE-2026-42654HIGHWordPress Wallet System for WooCommerce plugin <= 2.7.5 - Broken Authentication vulnerabilityEPSS 0.2%CVE-2024-31463MEDIUMIronic-image allows unauthenticated local access to Ironic APIEPSS 0.2%CVE-2025-6675MEDIUMEnterprise MFA - TFA for Drupal - Critical - Access bypass - SA-CONTRIB-2025-082EPSS 0.2%CVE-2026-1917MEDIUMLogin Disable - Less critical - Access bypass - SA-CONTRIB-2026-008EPSS 0.2%CVE-2026-0948MEDIUMMicrosoft Entra ID SSO Login - Critical - Access bypass - SA-CONTRIB-2026-005EPSS 0.2%CVE-2021-33700HIGHSAP Business One, version - 10.0, allows a local attacker with access to the victim's browser under certain circumstances, to login as the vEPSS 0.2%CVE-2025-3652MEDIUMPetlibro Smart Pet Feeder Platform through 1.7.31 Audio Information Disclosure via API endpointEPSS 0.2%CVE-2026-35642MEDIUMOpenClaw < 2026.3.25 - Authorization Bypass in Group Reactions via requireMention BypassEPSS 0.2%CVE-2022-42275HIGHNVIDIA BMC IPMI handler allows an unauthenticated host to write to a host SPI flash bypassing secureboot protections. This may lead to a losEPSS 0.2%CVE-2024-7125HIGHAuthentication Bypass Vulnerability in Hitachi Ops Center Common ServicesEPSS 0.2%CVE-2025-67282MEDIUMIn TIM BPM Suite/ TIM FLOW through 9.1.2 multiple Authorization Bypass vulnerabilities exists which allow a low privileged user to download EPSS 0.2%CVE-2024-35214HIGHVulnerability in CylanceOPTICS Windows Installer Package Impacts CylanceOPTICS for WindowsEPSS 0.2%