Fallos del tipo CWE-290
466 resultadosCVE-2025-22271MEDIUMIP Spoofing in CyberArk Endpoint Privilege ManagerEPSS 0.4%CVE-2024-30058MEDIUMMicrosoft Edge (Chromium-based) Spoofing VulnerabilityEPSS 0.4%CVE-2024-36588MEDIUMAn issue in Annonshop.app DecentralizeJustice/ anonymousLocker commit 2b2b4 allows attackers to send messages erroneously attributed to arbiEPSS 0.4%CVE-2025-66507HIGH1Panel – CAPTCHA Bypass via Client-Controlled FlagEPSS 0.4%CVE-2026-33131HIGHh3 has a middleware bypass with one gadgetEPSS 0.4%CVE-2026-28954HIGHA file quarantine bypass was addressed with additional checks. This issue is fixed in iOS 18.7.9 and iPadOS 18.7.9, macOS Sequoia 15.7.7, maEPSS 0.4%CVE-2024-4846MEDIUMAuthentication bypass in the 2FA feature in Devolutions Server 2024.1.14.0 and earlier allows an authenticated attacker to authenticate to aEPSS 0.4%CVE-2026-39999HIGHApache APISIX: JWT Algorithm Confusion allows authentication bypassEPSS 0.4%CVE-2026-40460MEDIUMNGINX ngx_quic_module vulnerabilityEPSS 0.4%CVE-2024-32827MEDIUMWordPress Giveaways and Contests by RafflePress plugin <= 1.12.7 - IP Restriction Bypass vulnerabilityEPSS 0.4%CVE-2022-48513—Vulnerability of identity verification being bypassed in the Gallery module. Successful exploitation of this vulnerability may cause out-of-EPSS 0.4%CVE-2026-45223HIGHCrabbox < 0.9.0 Authentication Bypass via Admin Claim InjectionEPSS 0.4%CVE-2026-24899HIGHFleet Windows MDM Azure AD JWT Authentication BypassEPSS 0.4%CVE-2025-61778CRITICALAkka.Remote TLS did not properly implement certificate-based authenticationEPSS 0.4%CVE-2024-37430MEDIUMWordPress Patreon WordPress plugin <= 1.9.0 - Image Protection Bypass vulnerabilityEPSS 0.4%CVE-2024-41432MEDIUMAn IP Spoofing vulnerability has been discovered in Likeshop up to 2.5.7.20210811. This issue allows an attacker to replace their real IP adEPSS 0.4%CVE-2023-51543MEDIUMWordPress RegistrationMagic plugin <= 5.2.5.0 - IP Limit Bypass vulnerabilityEPSS 0.4%CVE-2026-8960HIGHSpoofing issue in WebExtensionsEPSS 0.4%CVE-2021-41130MEDIUMX-Endpoint-API-UserInfo can be spoofed in cloudendpoints Extensible Service ProxyEPSS 0.4%CVE-2026-28465HIGHOpenClaw voice-call < 2026.2.3 - Webhook Verification Bypass via Forwarded HeadersEPSS 0.4%