Fallos del tipo CWE-288
584 resultadosCVE-2024-9106CRITICALWechat Social login <= 1.3.0 - Authentication BypassEPSS 1.7%CVE-2024-8277CRITICALWooCommerce Photo Reviews Premium <= 1.3.13.2 - Authentication Bypass to Account Takeover and Privilege EscalationEPSS 1.6%CVE-2023-2704CRITICALBP Social Connect <= 1.5 - Authentication BypassEPSS 1.6%CVE-2020-36713CRITICALMStore API <= 2.1.5 - Authentication BypassEPSS 1.6%CVE-2018-8859CRITICALEchelon SmartServer 1 all versions, SmartServer 2 all versions prior to release 4.11.007, i.LON 100 all versions, and i.LON 600 all versionsEPSS 1.6%CVE-2023-1260HIGHKube-apiserver: privescEPSS 1.6%CVE-2021-43985CRITICALmySCADA myPROEPSS 1.5%CVE-2020-36724CRITICALWordable <= 3.1.1 - Authentication BypassEPSS 1.5%CVE-2019-5486—A authentication bypass vulnerability exists in GitLab CE/EE <v12.3.2, <v12.2.6, and <v12.1.10 in the Salesforce login integration that coulEPSS 1.5%CVE-2020-10283HIGHRVD#3317: MAVLink version handshaking allows for an attacker to bypass authenticationEPSS 1.5%CVE-2019-3758HIGHRSA Archer, versions prior to 6.6 P2 (6.6.0.2), contain an improper authentication vulnerability. The vulnerability allows sysadmins to creaEPSS 1.5%CVE-2024-49328CRITICALWordPress WP REST API FNS Plugin plugin <= 1.0.0 - Account Takeover vulnerabilityEPSS 1.5%CVE-2025-21589CRITICALSession Smart Router, Session Smart Conductor, WAN Assurance Router: API Authentication Bypass vulnerabilityEPSS 1.4%CVE-2023-32002CRITICALThe use of `Module._load()` can bypass the policy mechanism and require modules outside of the policy.json definition for a given module.
TEPSS 1.4%CVE-2024-51464MEDIUMIBM i authentication bypassEPSS 1.4%CVE-2021-32967—Delta Electronics DIAEnergie Version 1.7.5 and prior may allow an attacker to add a new administrative user without being authenticated or aEPSS 1.4%CVE-2023-2546HIGHWP User Switch <= 1.0.2 - Authenticated (Subscriber+) Authentication Bypass via CookieEPSS 1.4%CVE-2026-3324HIGHAuthentication BypassEPSS 1.3%CVE-2023-2499CRITICALRegistrationMagic <= 5.2.1.0 - Authentication BypassEPSS 1.3%CVE-2021-26634CRITICALMaxboard multiple vulnerabilitiesEPSS 1.3%