Falhas do tipo CWE-287

1.847 resultados
CVE-2023-21467MEDIUMError in 3GPP specification implementation in Exynos baseband prior to SMR Apr-2023 Release 1 allows incorrect handling of unencrypted messaEPSS 0.3%CVE-2020-7276MEDIUMUnrestricted Policy Management using MfeUpgradeTool.exeEPSS 0.3%CVE-2026-34727HIGHVikunja ahs a TOTP Two-Factor Authentication Bypass via OIDC Login PathEPSS 0.3%CVE-2025-24949MEDIUMIn JotUrl 2.0, is possible to bypass security requirements during the password change process.EPSS 0.3%CVE-2025-55340HIGHWindows Remote Desktop Protocol Security Feature BypassEPSS 0.3%CVE-2024-40648MEDIUM`UserIdentity::is_verified` not checking verification status of own user identity while performing the check in matrix-rust-sdkEPSS 0.3%CVE-2025-7703LOWAuthentication vulnerability in the mobile application(tech.palm.id)may lead to the risk of information leakage.EPSS 0.3%CVE-2025-22232MEDIUMSpring Cloud Config Server May Not Use Vault Token Sent By ClientsEPSS 0.3%CVE-2023-28647MEDIUMApp pin of the iOS app can be bypassed in Nextcloud iOSEPSS 0.3%CVE-2023-52111HIGHAuthorization vulnerability in the BootLoader module. Successful exploitation of this vulnerability may affect service integrity.EPSS 0.3%CVE-2026-7664CRITICALUnauthenticated Flow Execution via Webhook Endpoint in Langflow OSSEPSS 0.3%CVE-2024-56445MEDIUMInstruction authentication bypass vulnerability in the Findnetwork module Impact: Successful exploitation of this vulnerability may cause feEPSS 0.3%CVE-2024-37408HIGHfprintd through 1.94.3 lacks a security attention mechanism, and thus unexpected actions might be authorized by "auth sufficient pam_fprintdEPSS 0.3%CVE-2023-40282MEDIUMImproper authentication vulnerability in Rakuten WiFi Pocket all versions allows a network-adjacent attacker to log in to the product's ManaEPSS 0.3%CVE-2026-28787HIGHOneUptime has WebAuthn 2FA bypass: server accepts client-supplied challenge instead of server-stored value, allowing credential replayEPSS 0.3%CVE-2026-2756LOWOmniPEMF NeoRhythm BLE missing authenticationEPSS 0.3%CVE-2025-31228MEDIUMThe issue was addressed with improved authentication. This issue is fixed in iOS 18.5 and iPadOS 18.5, iPadOS 17.7.7. An attacker with physiEPSS 0.3%CVE-2024-7487MEDIUMImproper Authentication in WSO2 Identity Server 7.0.0 Allows Bypass of App-Native AuthenticationEPSS 0.3%CVE-2025-29773MEDIUMFroxlor allows Multiple Accounts to Share the Same Email Address Leading to Potential Privilege Escalation or Account TakeoverEPSS 0.3%CVE-2020-10709A security flaw was found in Ansible Tower when requesting an OAuth2 token with an OAuth2 application. Ansible Tower uses the token to proviEPSS 0.3%