Falhas do tipo CWE-287
1.853 resultadosCVE-2022-30755HIGHImproper authentication vulnerability in AppLock prior to SMR Jul-2022 Release 1 allows attacker to bypass password confirm activity by hijaEPSS 0.1%CVE-2016-10394CRITICALImproper Authentication in CoreEPSS 0.1%CVE-2022-39899MEDIUMImproper authentication vulnerability in Samsung WindowManagerService prior to SMR Dec-2022 Release 1 allows attacker to send the input evenEPSS 0.1%CVE-2026-13208MEDIUMKubevirt: virt-handler-rhel9: kubevirt: virt-handler notify server trusts vmi identity from unauthenticated grpc request bodyEPSS 0.1%CVE-2026-47166MEDIUMImageMagick: Heap Buffer Over-Read in distributed pixel cache serverEPSS 0.1%CVE-2022-33689MEDIUMImproper access control vulnerability in TelephonyUI prior to SMR Jul-2022 Release 1 allows attackers to change preferred network type by unEPSS 0.1%CVE-2022-33732MEDIUMImproper access control vulnerability in Samsung Dex for PC prior to SMR Aug-2022 Release 1 allows local attackers to scan and connect to PCEPSS 0.1%CVE-2024-29757HIGHthere is a possible permission bypass due to Debug certs being allowlisted. This could lead to local escalation of privilege with no additioEPSS 0.1%CVE-2025-20730MEDIUMIn preloader, there is a possible escalation of privilege due to an insecure default value. This could lead to local escalation of privilegeEPSS 0.1%CVE-2023-21466MEDIUMPendingIntent hijacking vulnerability in CertificatePolicy in framework prior to SMR Apr-2023 Release 1 allows local attackers to access conEPSS 0.1%CVE-2026-14627MEDIUMNousResearch hermes-agent Discord Platform Integration discord.py DiscordAdapter._is_allowed_user improper authenticationEPSS —CVE-2026-14714MEDIUMzhayujie chatgpt-on-wechat CowAgent wx Endpoint common.py verify_server missing authenticationEPSS —CVE-2026-12196HIGHHestiaCP Admin TakeoverEPSS —