Falhas do tipo CWE-287

1.844 resultados
CVE-2022-39252HIGHWhen matrix-rust-sdk recieves forwarded room keys, the reciever doesn't check if it requested the key from the forwarderEPSS 0.5%CVE-2024-45750HIGHAn issue in TheGreenBow Windows Standard VPN Client 6.87.108 (and older), Windows Enterprise VPN Client 6.87.109 (and older), Windows EnterpEPSS 0.5%CVE-2022-44595MEDIUMWordPress WP2FA plugin <= 2.2.0 - Broken Authentication vulnerabilityEPSS 0.5%CVE-2026-46890CRITICALVulnerability in the Siebel Apps - Marketing product of Oracle Siebel CRM (component: Marketing). Supported versions that are affected are EPSS 0.5%CVE-2023-32202MEDIUMWalchem Intuition Improper AuthenticationEPSS 0.5%CVE-2023-28963MEDIUMJunos OS: User-controlled input vulnerability in J-WebEPSS 0.5%CVE-2022-47209HIGHA support user exists on the device and appears to be a backdoor for Technical Support staff. The default password for this account is “suppEPSS 0.5%CVE-2024-50644CRITICALzhisheng17 blog 3.0.1-SNAPSHOT has an authentication bypass vulnerability. An attacker can exploit this vulnerability to access API without EPSS 0.5%CVE-2024-21654MEDIUMrubygems.org MFA Bypass through password reset function could allow account takeover EPSS 0.5%CVE-2025-49851HIGHImproper Authentication in ControlID iDSecure On-premisesEPSS 0.5%CVE-2026-27960CRITICALOpenCTI privilege escalation and unauthenticated access via default admin accountEPSS 0.5%CVE-2026-4831MEDIUMkalcaddle kodbox Password-protected Share auth.class.php can improper authenticationEPSS 0.5%CVE-2022-23501MEDIUMTYPO3 vulnerable to Improper Authentication in Frontend LoginEPSS 0.5%CVE-2026-25748HIGHauthentik has a forward authentication bypass with broken cookieEPSS 0.5%CVE-2026-33117CRITICALAzure SDK for Java Security Feature Bypass VulnerabilityEPSS 0.5%CVE-2024-4129HIGHAuthentication bypass in Snow License ManagerEPSS 0.5%CVE-2022-39360MEDIUMMetabase SSO users able to circumvent IdP login by doing password resetEPSS 0.5%CVE-2026-1740MEDIUMEFM ipTIME A8004T Hidden Hiddenloginsetup timepro.cgi httpcon_check_session_url improper authenticationEPSS 0.5%CVE-2024-25618MEDIUMExternal OpenID Connect Account Takeover by E-Mail Change in mastodonEPSS 0.5%CVE-2023-5326MEDIUMSATO CL4NX-J Plus WebConfig improper authenticationEPSS 0.5%