Fallos del tipo CWE-290
466 resultadosCVE-2023-5801—Vulnerability of identity verification being bypassed in the face unlock module. Successful exploitation of this vulnerability will affect iEPSS 0.4%CVE-2021-47923CRITICALOpenCart 3.0.3.8 Session Fixation via OCSESSID CookieEPSS 0.4%CVE-2026-40575CRITICALOAuth2 Proxy has an Authentication Bypass via X-Forwarded-Uri Header SpoofingEPSS 0.4%CVE-2025-0440MEDIUMInappropriate implementation in Fullscreen in Google Chrome on Windows prior to 132.0.6834.83 allowed a remote attacker to perform UI spoofiEPSS 0.4%CVE-2024-33917MEDIUMWordPress WTI Like Post plugin <= 1.4.6 - IP Restriction Bypass Vulnerability vulnerabilityEPSS 0.4%CVE-2025-12414CRITICALLooker account compromise via punycode homograph attackEPSS 0.4%CVE-2025-13953CRITICALBypass in the authentication method of the GTT Sistema de Información Tributario applicationEPSS 0.4%CVE-2024-25595MEDIUMWordPress Defender Security plugin <= 4.4.1 - IP Restriction Bypass vulnerabilityEPSS 0.4%CVE-2026-7507HIGHOrg.keycloak/keycloak-services: session fixation in oidc login flow that can lead to account takeoverEPSS 0.4%CVE-2023-30464HIGHCoreDNS through 1.10.1 enables attackers to achieve DNS cache poisoning and inject fake responses via a birthday attack.EPSS 0.4%CVE-2023-52176MEDIUMWordPress Malware Scanner plugin <= 4.7.1 - IP Restriction Bypass vulnerabilityEPSS 0.4%CVE-2024-11701MEDIUMThe incorrect domain may have been displayed in the address bar during an interrupted navigation attempt. This could have led to user confusEPSS 0.4%CVE-2026-32045HIGHOpenClaw < 2026.2.21 - Authentication Bypass in HTTP Gateway Routes via Tokenless Tailscale AuthEPSS 0.4%CVE-2023-40356HIGHPingOne MFA Integration Kit MFA bypassEPSS 0.4%CVE-2023-40702HIGHPingOne MFA Integration Kit MFA bypassEPSS 0.4%CVE-2026-0834HIGHLogic Vulnerability on TP-Link Archer C20, Archer AX53 and TL-WR841N v13EPSS 0.4%CVE-2024-7981MEDIUMInappropriate implementation in Views in Google Chrome prior to 128.0.6613.84 allowed a remote attacker to perform UI spoofing via a craftedEPSS 0.4%CVE-2024-25906MEDIUMWordPress Comments Like Dislike plugin <= 1.2.2 - IP Restriction Bypass Vulnerability vulnerabilityEPSS 0.4%CVE-2025-22271MEDIUMIP Spoofing in CyberArk Endpoint Privilege ManagerEPSS 0.4%CVE-2026-42674HIGHWordPress Advanced Access Manager plugin <= 7.1.0 - Bypass Vulnerability vulnerabilityEPSS 0.4%