Falhas do tipo CWE-287
1.843 resultadosCVE-2024-28007CRITICALImproper authentication vulnerability in NEC Corporation Aterm WG1800HP4, WG1200HS3, WG1900HP2, WG1200HP3, WG1800HP3, WG1200HS2, WG1900HP, WEPSS 0.7%CVE-2024-28009CRITICALImproper authentication vulnerability in NEC Corporation Aterm WG1800HP4, WG1200HS3, WG1900HP2, WG1200HP3, WG1800HP3, WG1200HS2, WG1900HP, WEPSS 0.7%CVE-2023-31123CRITICALeffectindex/tripreporter vulnerable to improper password verification on POST `/api/v1/account/login`EPSS 0.6%CVE-2022-32928MEDIUMA logic issue was addressed with improved restrictions. This issue is fixed in iOS 16, macOS Ventura 13, watchOS 9. A user in a privileged nEPSS 0.6%CVE-2023-43805HIGHNexkey allows users to bypass authentication of Bull dashboardEPSS 0.6%CVE-2024-6576HIGHMOVEit Transfer Privilege Escalation VulnerabilityEPSS 0.6%CVE-2020-1778MEDIUMBypassing user account validationEPSS 0.6%CVE-2023-38372MEDIUMIBM Watson IoT Platform information disclosureEPSS 0.6%CVE-2024-11186CRITICALOn affected versions of the CloudVision Portal, improper access controls could enable a malicious authenticated user to take broader actions on managed EOS devices than intended. This advisory impacts the Arista CloudVision Portal products when run on-premEPSS 0.6%CVE-2024-3701CRITICALImproper Authentication in com.transsion.kolun.aiserviceEPSS 0.6%CVE-2022-24901HIGHAuthentication bypass and denial of service (DoS) vulnerabilities in Apple Game Center auth adapter EPSS 0.6%CVE-2023-46717MEDIUMAn improper authentication vulnerability [CWE-287] in FortiOS versions 7.4.1 and below, versions 7.2.6 and below, and versions 7.0.12 and beEPSS 0.6%CVE-2022-22523HIGHCarlo Gavazzi UWP 3.0 WebApp allows for authentication bypassEPSS 0.6%CVE-2026-8305MEDIUMOpenClaw bluebubbles Webhook monitor.ts handleBlueBubblesWebhookRequest improper authenticationEPSS 0.6%CVE-2024-47806HIGHJenkins OpenId Connect Authentication Plugin 4.354.v321ce67a_1de8 and earlier does not check the `aud` (Audience) claim of an ID Token, alloEPSS 0.6%CVE-2025-15455MEDIUMbg5sbk MiniCMS File Recovery Request page.php delete_page improper authenticationEPSS 0.6%CVE-2024-47807HIGHJenkins OpenId Connect Authentication Plugin 4.354.v321ce67a_1de8 and earlier does not check the `iss` (Issuer) claim of an ID Token, allowiEPSS 0.6%CVE-2022-46875MEDIUMThe executable file warning was not presented when downloading .atloc and .ftploc files, which can run commands on a user's computer. <br>*NEPSS 0.6%CVE-2024-51996HIGHSymphony has an Authentication Bypass via RememberMeEPSS 0.6%CVE-2026-10243MEDIUMcode-projects Smart Parking System Admin Endpoint missing authenticationEPSS 0.6%