Fallos del tipo CWE-620
84 resultadosCVE-2025-71337HIGHFlowise - Unverified Email Change via Account Profile EndpointEPSS 0.3%CVE-2024-51493MEDIUMAPI key access in settings without reauthentication in OctoPrintEPSS 0.3%CVE-2025-71328HIGHFlowise - Unverified Password Change via Account SettingsEPSS 0.3%CVE-2026-2543MEDIUMvichan-devel vichan Password Change pages.php unverified password changeEPSS 0.3%CVE-2026-24440HIGHTenda W30E V2 Allows Password Changes Without Verifying Current PasswordEPSS 0.3%CVE-2023-25931MEDIUMMedtronic Micro Clinician & InterStim X Clinician App Password Reset IssueEPSS 0.3%CVE-2024-28143HIGHInsecure Password Change FunctionEPSS 0.3%CVE-2024-45647MEDIUMIBM Security Verify Access unverified password changeEPSS 0.3%CVE-2026-27757HIGHSODOLA SL902-SWTGW124AS <= 200.1.20 Unverified Password ChangeEPSS 0.3%CVE-2024-2213LOWImproper Authentication in zenml-io/zenmlEPSS 0.2%CVE-2025-47938LOWTYPO3 Vulnerable to Unverified Password Change for Backend UsersEPSS 0.2%CVE-2025-13148HIGHIBM Aspera Orchestrator Unverified Password ChangeEPSS 0.2%CVE-2026-40588HIGHblueprintUE: Authenticated Password Change Does Not Verify Current PasswordEPSS 0.2%CVE-2025-46748LOWUnverified Password ChangeEPSS 0.2%CVE-2025-46389MEDIUMCWE-620: Unverified Password ChangeEPSS 0.2%CVE-2019-25653MEDIUMNavicat for Oracle 12.1.15 Password Field Denial of ServiceEPSS 0.2%CVE-2025-59808MEDIUMAn unverified password change vulnerability [CWE-620] vulnerability in Fortinet FortiSOAR PaaS 7.6.0 through 7.6.2, FortiSOAR PaaS 7.5.0 thrEPSS 0.2%CVE-2024-21757MEDIUMA unverified password change in Fortinet FortiManager versions 7.0.0 through 7.0.10, versions 7.2.0 through 7.2.4, and versions 7.4.0 througEPSS 0.2%CVE-2025-3793MEDIUMBuddypress Force Password Change <= 0.1 - Authenticated (Subscriber+) Account Takeover via Password UpdateEPSS 0.2%CVE-2026-8327MEDIUMConcrete CMS below 9.5.0 and below is vulnerable to password change without reauthorization and session-hardening bypass.EPSS 0.2%