Falhas do tipo CWE-287
1.838 resultadosCVE-2018-0195—A vulnerability in the Cisco IOS XE Software REST API could allow an authenticated, remote attacker to bypass API authorization checks and uEPSS 1.3%CVE-2020-2018CRITICALPAN-OS: Panorama authentication bypass vulnerabilityEPSS 1.3%CVE-2020-14494—OpenClinic GA versions 5.09.02 and 5.89.05b contain an authentication mechanism within the system that does not provide sufficient complexitEPSS 1.3%CVE-2021-31917—A flaw was found in Red Hat DataGrid 8.x (8.0.0, 8.0.1, 8.1.0 and 8.1.1) and Infinispan (10.0.0 through 12.0.0). An attacker could bypass auEPSS 1.3%CVE-2021-26620HIGHIPTIME NAS2dual improper authentication vulnerabilityEPSS 1.3%CVE-2018-4856—A vulnerability has been identified in SICLOCK TC100 (All versions) and SICLOCK TC400 (All versions). An attacker with administrative accessEPSS 1.3%CVE-2024-38099MEDIUMWindows Remote Desktop Licensing Service Denial of Service VulnerabilityEPSS 1.3%CVE-2020-27254—Emerson Rosemount X-STREAM Gas AnalyzerX-STREAM enhanced XEGP, XEGK, XEFD, XEXF – all revisions, The affected products are vulnerable to impEPSS 1.3%CVE-2026-36829CRITICALAn authentication bypass vulnerability exists in the embedded HTTP server of Panabit PAP-XM320 up to and including v7.7. The server validateEPSS 1.3%CVE-2024-21390HIGHMicrosoft Authenticator Elevation of Privilege VulnerabilityEPSS 1.3%CVE-2024-22245CRITICALArbitrary Authentication Relay Vulnerability in Deprecated EAP Browser PluginEPSS 1.3%CVE-2021-38412CRITICALDigi PortServer TS 16 Improper AuthenticationEPSS 1.3%CVE-2026-4252CRITICALTenda AC8 IPv6 check_is_ipv6 ip address for authenticationEPSS 1.3%CVE-2021-41265HIGHImproper Authentication in Flask-AppBuilderEPSS 1.3%CVE-2020-8267—A security issue was found in UniFi Protect controller v1.14.10 and earlier.The authentication in the UniFi Protect controller API was usingEPSS 1.2%CVE-2024-36132HIGHInsufficient verification of authentication controls in EPMM prior to 12.1.0.1 allows a remote attacker to bypass authentication and access EPSS 1.2%CVE-2020-14504MEDIUMThe web interface of the 1734-AENTR communication module mishandles authentication for HTTP POST requests. A remote, unauthenticated attackeEPSS 1.2%CVE-2023-48228HIGHOAuth2: PKCE can be fully circumventedEPSS 1.2%CVE-2026-11374CRITICALAccount Takeover via Predictable SSO Ticket GenerationEPSS 1.2%CVE-2018-3775—Improper Authentication in Nextcloud Server prior to version 12.0.3 would allow an attacker that obtained user credentials to bypass the 2 FEPSS 1.2%