Falhas do tipo CWE-288
584 resultadosCVE-2025-49901CRITICALWordPress Simple Link Directory plugin < 14.8.1 - Broken Authentication vulnerabilityEPSS 0.7%CVE-2024-1646HIGHAuthentication Bypass in parisneo/lollms-webuiEPSS 0.7%CVE-2023-39930HIGHPingFederate PingID Radius PCV Authentication BypassEPSS 0.7%CVE-2025-0316CRITICALWP Directorybox Manager <= 2.5 - Authentication BypassEPSS 0.7%CVE-2020-17409MEDIUMThis vulnerability allows network-adjacent attackers to disclose sensitive information on affected installations of NETGEAR R6120, R6080, R6EPSS 0.7%CVE-2025-31022CRITICALWordPress PayU India plugin < 3.8.8 - Account Takeover vulnerabilityEPSS 0.7%CVE-2024-2013CRITICALAn authentication bypass vulnerability exists in the FOXMAN-UN/UNEM server /
API Gateway component that if exploited allows attackers withouEPSS 0.7%CVE-2023-50915MEDIUMAn issue exists in GalaxyClientService.exe in GOG Galaxy (Beta) 2.0.67.2 through 2.0.71.2 that could allow authenticated users to overwrite EPSS 0.7%CVE-2023-4702CRITICALAuthentication Bypass in Digital YepasEPSS 0.7%CVE-2025-53099MEDIUMSentry Missing Invalidation of Authorization Codes During OAuth Exchange and RevocationEPSS 0.7%CVE-2024-6328CRITICALMStore API – Create Native Android & iOS Apps On The Cloud <= 4.14.7 - Authentication BypassEPSS 0.7%CVE-2021-41995HIGHPingID Mac Login prior to 1.1 vulnerable to pre-computed dictionary attacksEPSS 0.7%CVE-2025-6895CRITICALMelaPress Login Security 2.1.0 - 2.1.1 - Authentication Bypass to Privilege Escalation via get_valid_user_based_on_token FunctionEPSS 0.7%CVE-2024-5432CRITICALLifeline Donation <= 1.2.6 - Authentication BypassEPSS 0.7%CVE-2022-36093HIGHXWiki Platform Web Templates vulnerable to Unauthorized User Registration Through the Distribution WizardEPSS 0.7%CVE-2026-35087CRITICALAuthentication Bypass in Slican telephone exchangesEPSS 0.7%CVE-2024-38437CRITICALD-Link - CWE-288: Authentication Bypass Using an Alternate Path or ChannelEPSS 0.7%CVE-2024-7628HIGHMStore API – Create Native Android & iOS Apps On The Cloud <= 4.15.2 - Authentication Bypass to Account TakeoverEPSS 0.7%CVE-2024-7350CRITICALAppointment Booking Calendar Plugin and Online Scheduling Plugin – BookingPress 1.1.6 - 1.1.7 - Authentication Bypass to Account TakeoverEPSS 0.7%CVE-2024-43234CRITICALWordPress Woffice theme <= 5.4.14 - Unauthenticated Account Takeover vulnerabilityEPSS 0.6%