Fallos del tipo CWE-290
466 resultadosCVE-2021-32631MEDIUMJSON Web Tokens not properly verifiedEPSS 1.1%CVE-2023-51747HIGHSMTP smuggling in Apache JamesEPSS 1.0%CVE-2021-28810HIGHVulnerability in Roon ServerEPSS 1.0%CVE-2024-27349CRITICALApache HugeGraph-Server: Bypass whitelist in Auth modeEPSS 1.0%CVE-2022-23949HIGHIn Keylime before 6.3.0, unsanitized UUIDs can be passed by a rogue agent and can lead to log spoofing on the verifier and registrar.EPSS 1.0%CVE-2022-2310CRITICALSkyhigh SWG Authentication bypass vulnerabilityEPSS 1.0%CVE-2021-22779MEDIUMAuthentication Bypass by Spoofing vulnerability exists in EcoStruxure Control Expert (all versions prior to V15.0 SP1, including all versionEPSS 1.0%CVE-2024-31863MEDIUMApache Zeppelin: Replacing other users notebook, bypassing any permissionsEPSS 1.0%CVE-2024-34145HIGHA sandbox bypass vulnerability involving sandbox-defined classes that shadow specific non-sandbox-defined classes in Jenkins Script SecurityEPSS 1.0%CVE-2022-25989HIGHAn authentication bypass vulnerability exists in the libxm_av.so getpeermac() functionality of Anker Eufy Homebase 2 2.1.8.5h. A specially-cEPSS 1.0%CVE-2026-25938CRITICALFUXA Unauthenticated Remote Code Execution in Node-RED IntegrationEPSS 1.0%CVE-2023-34329CRITICALAuthentication Bypass via HTTP Header SpoofingEPSS 1.0%CVE-2026-48567CRITICALAzure HorizonDB Elevation of Privilege VulnerabilityEPSS 1.0%CVE-2023-24935MEDIUMMicrosoft Edge (Chromium-based) Spoofing VulnerabilityEPSS 1.0%CVE-2022-31149HIGHActivityWatch vulnerable to DNS rebinding attackEPSS 1.0%CVE-2022-32744—A flaw was found in Samba. The KDC accepts kpasswd requests encrypted with any key known to it. By encrypting forged kpasswd requests with iEPSS 1.0%CVE-2024-51504CRITICALApache ZooKeeper: Authentication bypass with IP-based authentication in Admin ServerEPSS 0.9%CVE-2022-2368MEDIUMAuthentication Bypass by Spoofing in microweber/microweberEPSS 0.9%CVE-2024-32977HIGHOctoPrint Authentication Bypass via X-Forwarded-For Header when autologinLocal is enabledEPSS 0.9%CVE-2022-47522HIGHThe IEEE 802.11 specifications through 802.11ax allow physically proximate attackers to intercept (possibly cleartext) target-destined frameEPSS 0.9%