Falhas do tipo CWE-288

579 resultados

CVE-2023-42793CRITICALIn JetBrains TeamCity before 2023.05.4 authentication bypass leading to RCE on TeamCity Server was possibleEPSS 100.0%KEV CVE-2024-1709CRITICALAuthentication bypass using an alternate path or channelEPSS 100.0%KEV CVE-2024-27198CRITICALIn JetBrains TeamCity before 2023.11.4 authentication bypass allowing to perform admin actions was possibleEPSS 99.9%KEV CVE-2025-4427MEDIUMAuthentication BypassEPSS 99.6%KEV CVE-2024-55591CRITICALAn Authentication Bypass Using an Alternate Path or Channel vulnerability [CWE-288] affecting FortiOS version 7.0.0 through 7.0.16 and FortiEPSS 98.3%KEV CVE-2023-46747CRITICALBIG-IP Configuration utility unauthenticated remote code execution vulnerabilityEPSS 96.5%KEV CVE-2026-23760CRITICALSmarterTools SmarterMail < Build 9511 Authentication Bypass via Password Reset APIEPSS 96.3%KEV CVE-2025-57819CRITICALFreePBX Affected by Authentication Bypass Leading to SQL Injection and RCEEPSS 93.3%KEV CVE-2020-10148CRITICALSolarWinds Orion API is vulnerable to an authentication bypass that could allow a remote attacker to execute API commandsEPSS 92.0%KEV CVE-2025-2747CRITICALKentico Xperience <= 13.0.178 Staging Sync Server None Password Type Authentication BypassEPSS 91.3%KEV CVE-2026-24858CRITICALAn Authentication Bypass Using an Alternate Path or Channel vulnerability [CWE-288] vulnerability in Fortinet FortiAnalyzer 7.6.0 through 7.EPSS 85.8%KEV CVE-2025-34026CRITICALVersa Concerto Actuator Authentication Bypass Information LeakEPSS 83.4%KEV CVE-2024-10924CRITICALReally Simple Security (Free, Pro, and Pro Multisite) 9.0.0 - 9.1.1.1 - Authentication BypassEPSS 81.7%CVE-2026-1603HIGHAn authentication bypass in Ivanti Endpoint Manager before version 2024 SU5 allows a remote unauthenticated attacker to leak specific storedEPSS 81.1%KEV CVE-2024-56325CRITICALApache Pinot: Authentication bypass issue. If the path does not contain / and contain . authentication is not requiredEPSS 78.2%CVE-2023-2732CRITICALMStore API <= 3.9.2 - Authentication BypassEPSS 67.5%CVE-2024-13179HIGHPath Traversal in Ivanti Avalanche before version 6.4.7 allows a remote unauthenticated attacker to bypass authentication.EPSS 61.8%CVE-2022-35869HIGHThis vulnerability allows remote attackers to bypass authentication on affected installations of Inductive Automation Ignition 8.1.15 (b2022EPSS 60.3%CVE-2025-2746CRITICALKentico Xperience <= 13.0.172 Staging Sync Server Digest Password Authentication BypassEPSS 58.0%KEV CVE-2024-23917CRITICALIn JetBrains TeamCity before 2023.11.3 authentication bypass leading to RCE was possibleEPSS 54.0%

← anteriorpágina 1 / 29próxima →