Falhas do tipo CWE-287

1.845 resultados
CVE-2025-22375CRITICALAuthentication Bypass in CyberAudit-WebEPSS 0.4%CVE-2024-34093MEDIUMAn issue was discovered in Archer Platform 6 before 2024.03. There is an X-Forwarded-For Header Bypass vulnerability. An unauthenticated attEPSS 0.4%CVE-2020-3216MEDIUMCisco IOS XE SD-WAN Software Authentication Bypass VulnerabilityEPSS 0.4%CVE-2026-4021HIGHContest Gallery <= 28.1.5 - Unauthenticated Privilege Escalation Admin Account Takeover via Registration Confirmation Email-to-ID Type ConfusionEPSS 0.4%CVE-2025-14738MEDIUMConfiguration Disclosure Vulnerability in TP-Link WA850REEPSS 0.4%CVE-2026-27197CRITICALSentry: Improper Authentication on SAML SSO process allows user identity linkingEPSS 0.4%CVE-2025-20160HIGHA vulnerability in the implementation of the TACACS+ protocol in Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticatedEPSS 0.4%CVE-2026-2991HIGHKiviCare – Clinic & Patient Management System (EHR) <= 4.1.2 - Unauthenticated Authentication Bypass via Social Login TokenEPSS 0.4%CVE-2025-27416MEDIUMAsking For Scratch Username And PasswordEPSS 0.4%CVE-2026-6579MEDIUMliangliangyy DjangoBlog Clean Endpoint views.py missing authenticationEPSS 0.4%CVE-2024-22395MEDIUMImproper access control vulnerability has been identified in the SMA100 SSL-VPN virtual office portal, which in specific conditions could poEPSS 0.4%CVE-2026-21881CRITICALKanboard is Vulnerable to Reverse Proxy Authentication BypassEPSS 0.4%CVE-2026-7630MEDIUMinnocommerce InnoShop Installation Endpoint InstallServiceProvider.php boot improper authenticationEPSS 0.4%CVE-2025-62169HIGHOctoPrint-SpoolManager Plugin APIs do not enforce authenticationEPSS 0.4%CVE-2025-12374CRITICALEmail Verification, Email OTP, Block Spam Email, Passwordless login, Hide Login, Magic Login – User Verification <= 2.0.44 - Authentication Bypass to Account TakeoverEPSS 0.4%CVE-2026-6588MEDIUMserge-chat serge Model API Endpoint model.py delete_model missing authenticationEPSS 0.4%CVE-2024-41800MEDIUMCraft CMS Allows TOTP Token To Stay Valid After UseEPSS 0.4%CVE-2020-7296MEDIUMWeb Gateway (MWG) - Privilege Escalation vulnerabilityEPSS 0.4%CVE-2020-7297MEDIUMWeb Gateway (MWG) - Privilege Escalation vulnerabilityEPSS 0.4%CVE-2023-4242MEDIUMFULL - Customer <= 2.2.3 - Authenticated(Subscriber+) Information Disclosure via Health CheckEPSS 0.4%