Fallos del tipo CWE-290
466 resultadosCVE-2025-50328HIGHA vulnerability in B1 Free Archiver v1.5.86 allows files extracted from downloaded archives to bypass Windows Mark of the Web (MotW) protectEPSS 0.3%CVE-2025-0442MEDIUMInappropriate implementation in Payments in Google Chrome prior to 132.0.6834.83 allowed a remote attacker who convinced a user to engage inEPSS 0.3%CVE-2024-31802MEDIUMDESIGNA ABACUS v.18 and before allows an attacker to bypass the payment process via a crafted QR code.EPSS 0.3%CVE-2025-25055MEDIUMAuthentication bypass by spoofing issue exists in FileMegane versions above 1.0.0.0 prior to 3.4.0.0, which may lead to user impersonation. EPSS 0.3%CVE-2025-24628MEDIUMWordPress reCaptcha by BestWebSoft Plugin <= 1.78 - Captcha Bypass vulnerabilityEPSS 0.3%CVE-2025-26696HIGHCrafted email message incorrectly shown as being encryptedEPSS 0.3%CVE-2025-69401HIGHWordPress WooODT Lite plugin <= 2.5.2 - Payment Bypass Vulnerability vulnerabilityEPSS 0.3%CVE-2026-32666HIGHAutomated Logic WebCTRL Premium Server Authentication Bypass by SpoofingEPSS 0.3%CVE-2026-6213CRITICALRemote Spark SparkView RCEEPSS 0.3%CVE-2026-8961MEDIUMSpoofing issue in the Form Autofill componentEPSS 0.3%CVE-2025-3875HIGHSender Spoofing via Malformed From Header in ThunderbirdEPSS 0.3%CVE-2023-44117HIGHVulnerability of trust relationships being inaccurate in distributed scenarios. Successful exploitation of this vulnerability may affect serEPSS 0.3%CVE-2024-10125MEDIUMLack of JWT issuer and signer validationEPSS 0.3%CVE-2023-4566HIGHVulnerability of trust relationships being inaccurate in distributed scenarios. Successful exploitation of this vulnerability may affect serEPSS 0.3%CVE-2026-8644CRITICALIBM WebSphere Application Server is affected by an identity spoofing vulnerabilityEPSS 0.3%CVE-2025-31122CRITICALscratch-coding-hut.github.io Login Links Generation vulnerabilityEPSS 0.3%CVE-2025-46345MEDIUMAuth0 Account Link Extension JWT Invalid Signature ValidationEPSS 0.3%CVE-2025-58595MEDIUMWordPress All In One Login plugin <= 2.0.8 - Bypass Vulnerability vulnerabilityEPSS 0.3%CVE-2025-54288MEDIUMSource Container Identification Vulnerability via cmdline Spoofing in devLXD ServerEPSS 0.3%CVE-2026-42662MEDIUMWordPress Event Tickets plugin <= 5.27.5 - Bypass Vulnerability vulnerabilityEPSS 0.3%