Falhas do tipo CWE-288

584 resultados
CVE-2022-23722PingFederate Password Reset via Authentication API MishandlingEPSS 0.6%CVE-2025-66200MEDIUMApache HTTP Server: mod_userdir+suexec bypass via AllowOverride FileInfoEPSS 0.6%CVE-2026-22572MEDIUMAn authentication bypass using an alternate path or channel vulnerability in Fortinet FortiAnalyzer 7.6.0 through 7.6.3, FortiAnalyzer 7.4.0EPSS 0.6%CVE-2024-9289CRITICALWordPress & WooCommerce Affiliate Program <= 8.4.1 - Authentication Bypass to Account Takeover and Privilege EscalationEPSS 0.6%CVE-2024-9105CRITICALUltimateAI <= 2.8.3 - Authentication BypassEPSS 0.6%CVE-2025-53187CRITICALUnauthenticated RCEEPSS 0.6%CVE-2026-27842CRITICALAuthentication bypass issue exists in MR-GM5L-S1 and MR-GM5A-L1, which may allow an attacker to bypass authentication and change the device EPSS 0.6%CVE-2024-26009HIGHAn authentication bypass using an alternate path or channel [CWE-288] vulnerability in Fortinet FortiOS 6.4.0 through 6.4.15, FortiOS 6.2.0 EPSS 0.6%CVE-2026-31271CRITICALmegagao production_ssm v1.0 contains an authorization bypass vulnerability in the user addition functionality. The insert() method in UserCoEPSS 0.6%CVE-2025-46412CRITICALVertiv Liebert RDU101 and UNITY Authentication Bypass Using an Alternate Path or ChannelEPSS 0.6%CVE-2025-1909CRITICALBuddyBoss Platform Pro <= 2.7.01 - Authentication Bypass via Apple OAuth providerEPSS 0.6%CVE-2024-31916HIGHIBM OpenBMC information disclosureEPSS 0.5%CVE-2025-7444CRITICALLoginPress Pro <= 5.0.1 - Authentication Bypass via WordPress.com OAuth providerEPSS 0.5%CVE-2026-24206HIGHNVIDIA Triton Inference Server contains a vulnerability where an attacker could cause an authentication bypass. A successful exploit of thisEPSS 0.5%CVE-2025-34251HIGHTesla Telematics Control Unit (TCU) < v2025.14 Authentication BypassEPSS 0.5%CVE-2026-49767CRITICALWordPress wpForo Forum plugin <= 3.1.0 - Broken Authentication vulnerabilityEPSS 0.5%CVE-2025-69101CRITICALWordPress Workreap Core plugin <= 3.4.1 - Broken Authentication vulnerabilityEPSS 0.5%CVE-2025-24000HIGHWordPress Post SMTP plugin <= 3.2.0 - Account Takeover VulnerabilityEPSS 0.5%CVE-2025-1283CRITICALDingtian DT-R0 Series Authentication Bypass Using an Alternate Path or ChannelEPSS 0.5%CVE-2024-9931CRITICALWux Blog Editor <= 3.0.0 - Authentication Bypass to AdministratorEPSS 0.5%