Falhas do tipo CWE-290
466 resultadosCVE-2023-34157CRITICALVulnerability of HwWatchHealth being hijacked.Successful exploitation of this vulnerability may cause repeated pop-up windows of the app.EPSS 0.4%CVE-2026-52690MEDIUMSpoofed answers can mark an authoritative non-EDNS capableEPSS 0.4%CVE-2023-37865MEDIUMWordPress IP2Location Country Blocker plugin <= 2.29.1 - IP Bypass Vulnerability vulnerabilityEPSS 0.4%CVE-2023-48753MEDIUMWordPress Restricted Site Access plugin <= 7.4.1 - IP Restriction Bypass vulnerabilityEPSS 0.4%CVE-2023-48271MEDIUMWordPress Maspik – Spam Blacklist plugin <= 0.10.3 - IP Filtering Bypass vulnerabilityEPSS 0.4%CVE-2024-55925HIGHAPI Security bypass through header manipulationEPSS 0.4%CVE-2025-5067MEDIUMInappropriate implementation in Tab Strip in Google Chrome prior to 137.0.7151.55 allowed a remote attacker to perform UI spoofing via a craEPSS 0.3%CVE-2023-41591CRITICALAn issue in Open Network Foundation ONOS v2.7.0 allows attackers to create fake IP/MAC addresses and potentially execute a man-in-the-middleEPSS 0.3%CVE-2024-8908MEDIUMInappropriate implementation in Autofill in Google Chrome prior to 129.0.6668.58 allowed a remote attacker to perform UI spoofing via a crafEPSS 0.3%CVE-2023-30950MEDIUMCVE-2023-30950 EPSS 0.3%CVE-2023-42889MEDIUMThe issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14.1, macOS Monterey 12.7.1, macOS Ventura 13.6.1. An app EPSS 0.3%CVE-2025-43493MEDIUMThe issue was addressed with improved checks. This issue is fixed in Safari 26.1, iOS 18.7.2 and iPadOS 18.7.2, iOS 26.1 and iPadOS 26.1, maEPSS 0.3%CVE-2023-47769LOWWordPress WP Maintenance plugin <= 6.1.3 - IP Filtering Bypass vulnerabilityEPSS 0.3%CVE-2023-49741LOWWordPress Coming soon and Maintenance mode plugin <= 3.7.3 - IP Filtering Bypass vulnerabilityEPSS 0.3%CVE-2025-14327HIGHSpoofing issue in the Downloads Panel componentEPSS 0.3%CVE-2026-54089CRITICALFile Browser: Authentication Bypass via Proxy Auth Header ForgeryEPSS 0.3%CVE-2025-23168MEDIUMThe Versa Director SD-WAN orchestration platform implements Two-Factor Authentication (2FA) using One-Time Passcodes (OTP) delivered via emaEPSS 0.3%CVE-2022-4098HIGHWiesemann & Theis: Multiple products prone to missing authentication through spoofingEPSS 0.3%CVE-2026-55202HIGHTinyproxy - Stathost Detection Bypass via Host Header ManipulationEPSS 0.3%CVE-2024-45453LOWWordPress Maintenance Redirect plugin <= 2.0.1 - IP Bypass vulnerabilityEPSS 0.3%