Falhas do tipo CWE-287
1.839 resultadosCVE-2022-21684MEDIUMUser can bypass approval when invited to DiscourseEPSS 1.0%CVE-2025-58060HIGHcups has Authentication bypass with AuthType NegotiateEPSS 1.0%CVE-2021-34578CRITICALWAGO: Authentication Vulnerability in Web-Based ManagementEPSS 1.0%CVE-2017-20237CRITICALHirschmann Industrial HiVision Authentication Bypass Remote Code ExecutionEPSS 1.0%CVE-2023-25264HIGHAn issue was discovered in Docmosis Tornado prior to version 2.9.5. An unauthenticated attacker can bypass the authentication check filter cEPSS 1.0%CVE-2018-7340HIGHMultiple SAML libraries may allow authentication bypass via incorrect XML canonicalization and DOM traversalEPSS 1.0%CVE-2024-10511MEDIUMCWE-287: Improper Authentication vulnerability exists that could cause Denial of access to the web interface
when someone on the local netwoEPSS 1.0%CVE-2024-5044MEDIUMEmlog Pro Cookie improper authenticationEPSS 1.0%CVE-2022-34155HIGHWordPress OAuth Single Sign On – SSO (OAuth Client) Plugin <= 6.23.3 is vulnerable to Broken AuthenticationEPSS 1.0%CVE-2023-28862CRITICALAn issue was discovered in LemonLDAP::NG before 2.16.1. Weak session ID generation in the AuthBasic handler and incorrect failure handling dEPSS 1.0%CVE-2022-47633HIGHAn image signature validation bypass vulnerability in Kyverno 1.8.3 and 1.8.4 allows a malicious image registry (or a man-in-the-middle attaEPSS 1.0%CVE-2022-31685CRITICALVMware Workspace ONE Assist prior to 22.10 contains an Authentication Bypass vulnerability. A malicious actor with network access to WorkspaEPSS 1.0%CVE-2022-4002HIGHA command injection vulnerability could allow an authenticated user to execute operating system commands as root via a specially crafted APIEPSS 1.0%CVE-2021-28174MEDIUMMitake Smart Stock Selection System - Broken AuthenticationEPSS 1.0%CVE-2026-23600CRITICALA remote authentication bypass vulnerability
exists in HPE AutoPass License Server (APLS).EPSS 1.0%CVE-2014-125060HIGHholdennb CollabCal calenderServer.cpp handleGet improper authenticationEPSS 1.0%CVE-2021-26077CRITICALBroken Authentication in Atlassian Connect Spring Boot (ACSB) in version 1.1.0 before 2.1.3 and from version 2.1.4 before 2.1.5: Atlassian CEPSS 1.0%CVE-2018-0247—A vulnerability in Web Authentication (WebAuth) clients for the Cisco Wireless LAN Controller (WLC) and Aironet Access Points running Cisco EPSS 0.9%CVE-2025-14746MEDIUMNingyuanda TC155 RTSP Live Video Stream Endpoint improper authenticationEPSS 0.9%CVE-2023-22303CRITICALTP-Link SG105PE firmware prior to 'TL-SG105PE(UN) 1.0_1.0.0 Build 20221208' contains an authentication bypass vulnerability. Under the certaEPSS 0.9%