Falhas do tipo CWE-290

466 resultados

CVE-2025-6188HIGHOn affected platforms running Arista EOS, maliciously formed UDP packets with source port 3503 may be accepted by EOS. UDP Port 3503 is associated with LspPing Echo Reply. This can result in unexpected behaviors, especially for UDP based services that do nEPSS 0.4%CVE-2024-30058MEDIUMMicrosoft Edge (Chromium-based) Spoofing VulnerabilityEPSS 0.4%CVE-2024-36588MEDIUMAn issue in Annonshop.app DecentralizeJustice/ anonymousLocker commit 2b2b4 allows attackers to send messages erroneously attributed to arbiEPSS 0.4%CVE-2025-66507HIGH1Panel – CAPTCHA Bypass via Client-Controlled FlagEPSS 0.4%CVE-2026-33131HIGHh3 has a middleware bypass with one gadgetEPSS 0.4%CVE-2026-28954HIGHA file quarantine bypass was addressed with additional checks. This issue is fixed in iOS 18.7.9 and iPadOS 18.7.9, macOS Sequoia 15.7.7, maEPSS 0.4%CVE-2024-4846MEDIUMAuthentication bypass in the 2FA feature in Devolutions Server 2024.1.14.0 and earlier allows an authenticated attacker to authenticate to aEPSS 0.4%CVE-2026-39999HIGHApache APISIX: JWT Algorithm Confusion allows authentication bypassEPSS 0.4%CVE-2026-40460MEDIUMNGINX ngx_quic_module vulnerabilityEPSS 0.4%CVE-2022-48513—Vulnerability of identity verification being bypassed in the Gallery module. Successful exploitation of this vulnerability may cause out-of-EPSS 0.4%CVE-2024-32827MEDIUMWordPress Giveaways and Contests by RafflePress plugin <= 1.12.7 - IP Restriction Bypass vulnerabilityEPSS 0.4%CVE-2026-45223HIGHCrabbox < 0.9.0 Authentication Bypass via Admin Claim InjectionEPSS 0.4%CVE-2026-24899HIGHFleet Windows MDM Azure AD JWT Authentication BypassEPSS 0.4%CVE-2025-61778CRITICALAkka.Remote TLS did not properly implement certificate-based authenticationEPSS 0.4%CVE-2024-37430MEDIUMWordPress Patreon WordPress plugin <= 1.9.0 - Image Protection Bypass vulnerabilityEPSS 0.4%CVE-2026-8960HIGHSpoofing issue in WebExtensionsEPSS 0.4%CVE-2024-41432MEDIUMAn IP Spoofing vulnerability has been discovered in Likeshop up to 2.5.7.20210811. This issue allows an attacker to replace their real IP adEPSS 0.4%CVE-2023-51543MEDIUMWordPress RegistrationMagic plugin <= 5.2.5.0 - IP Limit Bypass vulnerabilityEPSS 0.4%CVE-2021-41130MEDIUMX-Endpoint-API-UserInfo can be spoofed in cloudendpoints Extensible Service ProxyEPSS 0.4%CVE-2026-28465HIGHOpenClaw voice-call < 2026.2.3 - Webhook Verification Bypass via Forwarded HeadersEPSS 0.4%

← anteriorpágina 13 / 24próxima →