Falhas do tipo CWE-287

1.847 resultados
CVE-2025-30733MEDIUMVulnerability in the RDBMS Listener component of Oracle Database Server. Supported versions that are affected are 19.3-19.26, 21.3-21.17 anEPSS 0.3%CVE-2026-49186HIGHLack of MQTT Broker Topic Access Control ListsEPSS 0.3%CVE-2024-49755LOWDuende IdentityServer has insufficient validation of DPoP cnf claim in Local APIsEPSS 0.3%CVE-2026-8185MEDIUMUGREEN CM933 Administrative missing authenticationEPSS 0.3%CVE-2025-56447CRITICALTM2 Monitoring v3.04 contains an authentication bypass and plaintext credential disclosure.EPSS 0.3%CVE-2026-33665HIGHn8n: LDAP Email-Based Account Linking Allows Privilege Escalation and Account TakeoverEPSS 0.3%CVE-2026-49872MEDIUMApache APISIX: Improper authentication in cas-auth pluginEPSS 0.3%CVE-2026-3739MEDIUMsuitenumerique messages ThreadAccess serializers.py ThreadAccessSerializer improper authenticationEPSS 0.3%CVE-2025-31122CRITICALscratch-coding-hut.github.io Login Links Generation vulnerabilityEPSS 0.3%CVE-2024-50341LOWSecurity::login does not take into account custom user_checker in symfony/security-bundleEPSS 0.3%CVE-2023-5502HIGHOn affected platforms running Arista EOS with 802.1x authentication configured on the access/trunk ports, a malicious supplicant may bypass authentication.EPSS 0.3%CVE-2026-4476MEDIUMYi Technology YI Home Camera CGI Endpoint ipc missing authenticationEPSS 0.3%CVE-2026-1524LOWAuth misconfiguration when multiple providers enabledEPSS 0.3%CVE-2025-26438HIGHIn smp_process_secure_connection_oob_data of smp_act.cc, there is a possible way to bypass SMP authentication due to Incorrect implementatioEPSS 0.3%CVE-2024-40713HIGHA vulnerability that allows a user who has been assigned a low-privileged role within Veeam Backup & Replication to alter Multi-Factor AutheEPSS 0.3%CVE-2026-7876CRITICALAuthentication bypass vulnerability found in Aspera High-Speed Transfer Server for Cloud Pak for IntegrationEPSS 0.3%CVE-2026-29193HIGHZITADEL: Bypassing Zitadel Login Behavior and Security Policy in Login V2EPSS 0.3%CVE-2023-29117HIGHAuthentication Bypass in JuiceBox Web Manager interfaceEPSS 0.3%CVE-2025-65397MEDIUMAn insecure authentication mechanism in the safe_exec.sh startup script of Blurams Flare Camera version 24.1114.151.929 and earlier allows aEPSS 0.3%CVE-2022-31011HIGHTiDB authentication bypass vulnerabilityEPSS 0.3%