Fallos del tipo CWE-290
466 resultadosCVE-2023-35392MEDIUMMicrosoft Edge (Chromium-based) Spoofing VulnerabilityEPSS 0.7%CVE-2020-11015HIGHDevice Authentication Vulnerability in thinx-device-api IoT Device Management ServerEPSS 0.7%CVE-2021-45036HIGHVelneo vClient improper authenticationEPSS 0.7%CVE-2021-27853MEDIUML2 network filtering can be bypassed using stacked VLAN0 and LLC/SNAP headersEPSS 0.7%CVE-2022-40269MEDIUMAuthentication Bypass by Spoofing vulnerability in Mitsubishi Electric Corporation GOT2000 Series GT27 model versions 01.14.000 to 01.47.000EPSS 0.7%CVE-2024-49193HIGHZendesk before 2024-07-02 allows remote attackers to read ticket history via e-mail spoofing, because Cc fields are extracted from incoming EPSS 0.7%CVE-2023-31424HIGHWeb authentication and authorization bypassEPSS 0.7%CVE-2024-31008MEDIUMAn issue was discovered in WUZHICMS version 4.1.0, allows an attacker to execute arbitrary code and obtain sensitive information via the indEPSS 0.7%CVE-2024-1547MEDIUMThrough a series of API calls and redirects, an attacker-controlled alert dialog could have been displayed on another website (with the victEPSS 0.7%CVE-2024-39350HIGHA vulnerability regarding authentication bypass by spoofing is found in the RTSP functionality. This allows man-in-the-middle attackers to oEPSS 0.7%CVE-2023-22474HIGHParse Server is vulnerable to authentication bypass via spoofingEPSS 0.7%CVE-2021-27854MEDIUML2 network filtering bypass using stacked VLAN0, LLC/SNAP headers, and Ethernet to Wifi frame translationEPSS 0.7%CVE-2018-25316CRITICALTenda W308R v2 V5.07.48 Cookie Session Weakness DNS ChangeEPSS 0.7%CVE-2018-25318CRITICALTenda FH303/A300 V5.07.68_EN Cookie Session Weakness DNS ChangeEPSS 0.7%CVE-2018-25317CRITICALTenda W3002R/A302/W309R V5.07.64_en Cookie Session Weakness DNS ChangeEPSS 0.7%CVE-2025-43245CRITICALA downgrade issue was addressed with additional code-signing restrictions. This issue is fixed in macOS Sequoia 15.6, macOS Sonoma 14.7.7, mEPSS 0.6%CVE-2025-25182CRITICALStroom Authentication/Authorization Bypass when using AWS ALBEPSS 0.6%CVE-2023-4178CRITICALAuthentication Bypass in Neutron Smart VMSEPSS 0.6%CVE-2025-8853CRITICAL2100 Technology|Official Document Management System - Authentication BypassEPSS 0.6%CVE-2024-53862MEDIUMArgo Workflows Allows Access to Archived Workflows with Fake Token in `client` modeEPSS 0.6%