Falhas do tipo CWE-287
1.847 resultadosCVE-2026-35261MEDIUMVulnerability in the Oracle Access Manager product of Oracle Fusion Middleware (component: Authentication Engine). Supported versions that EPSS 0.3%CVE-2025-15346CRITICALwolfSSL Python library `CERT_REQUIRED` mode fails to enforce client certificate requirementEPSS 0.3%CVE-2024-23219MEDIUMThe issue was addressed with improved authentication. This issue is fixed in iOS 17.3 and iPadOS 17.3. Stolen Device Protection may be unexpEPSS 0.3%CVE-2023-30560MEDIUM PCU Configuration Lacks AuthenticationEPSS 0.3%CVE-2025-54786MEDIUMSuiteCRM: Legacy iCal service allows unauthenticated access to meeting dataEPSS 0.3%CVE-2026-44847HIGHMaxKB: Webhook Trigger Authentication BypassEPSS 0.3%CVE-2026-39324CRITICALRack::Session::Cookie secrets: decrypt failure fallback enables secretless session forgery and Marshal deserializationEPSS 0.3%CVE-2026-32246HIGHTinyauth vulnerable to TOTP/2FA bypass via OIDC authorize endpointEPSS 0.3%CVE-2026-40910MEDIUMfrp: Authentication bypass in frp HTTP vhost routing when routeByHTTPUser is used for access controlEPSS 0.3%CVE-2022-34887MEDIUMStandard users can directly operate and set printer configuration information , such as IP, in some Lenovo Printers without having to authenEPSS 0.3%CVE-2025-54573MEDIUMCVAT vulnerable to email verification bypass by use of basic authenticationEPSS 0.3%CVE-2025-9815HIGHalaneuler batteryKid NSXPCListener PrivilegeHelper.swift missing authenticationEPSS 0.3%CVE-2024-45036MEDIUMImproper Access Control Vulnerability When Accessing a Maliciously Crafted Tophat LinkEPSS 0.3%CVE-2025-1024HIGHSession Hijacking via Reflected Cross-Site Scripting (XSS) in ChurchCRM EditEventAttendees.php EID ParameterEPSS 0.3%CVE-2025-3659CRITICALImproper authentication handling for Digi PortServer TS; Digi One SP, SP IA, IA; Digi One IAPEPSS 0.3%CVE-2022-42453MEDIUMHCL BigFix Platform is affected by insufficient warningsEPSS 0.3%CVE-2025-8964MEDIUMcode-projects Hostel Management System Login hostel_manage.exe improper authenticationEPSS 0.3%CVE-2024-20301MEDIUMA vulnerability in Cisco Duo Authentication for Windows Logon and RDP could allow an authenticated, physical attacker to bypass secondary auEPSS 0.3%CVE-2026-44460HIGHFileRise: TOTP Bypass via Setup Endpoint Disclosing Existing SecretEPSS 0.3%CVE-2022-29838MEDIUMAuthentication issue with the encrypted volumes and auto mount feature in My Cloud devicesEPSS 0.3%