Falhas do tipo CWE-287
1.839 resultadosCVE-2026-26119HIGHWindows Admin Center Elevation of Privilege VulnerabilityEPSS 0.8%CVE-2021-27451HIGHMesa Labs AmegaView improper authenticationEPSS 0.8%CVE-2021-32753HIGHWeak password in API gateway in EdgeX Foundry Edinburgh, Fuji, Geneva, and Hanoi releases allows remote attackers to obtain authentication token via dictionary-based password attack when OAuth2 authentication method is enabled.EPSS 0.8%CVE-2024-10963HIGHPam: improper hostname interpretation in pam_access leads to access control bypassEPSS 0.8%CVE-2023-23612MEDIUMIssue with whitespace in JWT roles in OpenSearchEPSS 0.8%CVE-2024-3263CRITICALImproper authentication in YMS VIS ProEPSS 0.8%CVE-2023-39196MEDIUMApache Ozone: Missing mutual TLS authentication in one of the service internal Ozone Storage Container Manager endpointsEPSS 0.8%CVE-2020-15240HIGHRegression in JWT Signature ValidationEPSS 0.8%CVE-2026-1202MEDIUMCRMEB LoginController.php appleLogin improper authenticationEPSS 0.8%CVE-2020-14380—An account takeover flaw was found in Red Hat Satellite 6.7.2 onward. A potential attacker with proper authentication to the relevant externEPSS 0.8%CVE-2023-1464HIGHSourceCodester Medicine Tracker System improper authenticationEPSS 0.8%CVE-2023-24093CRITICALAn access control issue in H3C A210-G A210-GV100R005 allows attackers to authenticate without a password.EPSS 0.8%CVE-2018-17926—The product M2M ETHERNET (FW Versions 2.22 and prior, ETH-FW Versions 1.01 and prior) is vulnerable in that an attacker can upload a malicioEPSS 0.8%CVE-2020-25183HIGHMedtronic MyCareLink Smart Improper AuthenticationEPSS 0.8%CVE-2017-12213—A vulnerability in the dynamic access control list (ACL) feature of Cisco IOS XE Software running on Cisco Catalyst 4000 Series Switches couEPSS 0.8%CVE-2022-2662CRITICALSequi PortBloque S Improper AuthenticationEPSS 0.8%CVE-2023-3065CRITICALMobatime mobile application - Authentication bypassEPSS 0.8%CVE-2024-34103HIGHCustomer account takeover via web API call & subsequent password resetEPSS 0.8%CVE-2022-32514CRITICALA CWE-287: Improper Authentication vulnerability exists that could allow an attacker to gain control of the device when logging into a web pEPSS 0.8%CVE-2024-25313HIGHCode-projects Simple School Managment System 1.0 allows Authentication Bypass via the username and password parameters at School/teacher_logEPSS 0.8%