Falhas do tipo CWE-303
86 resultadosCVE-2024-3046HIGHIn Eclipse Kura LogServlet component included in versions 5.0.0 to 5.4.1, a specifically crafted request to the servlet can allow an unautheEPSS 0.6%CVE-2024-35190MEDIUMAsterisk' res_pjsip_endpoint_identifier_ip: wrongly matches ALL unauthorized SIP requestsEPSS 0.6%CVE-2022-4861MEDIUMIncorrect Implementation of Authentication AlgorithmEPSS 0.5%CVE-2026-0073HIGHIn adbd_tls_verify_cert of auth.cpp, there is a possible bypass of wireless ADB mutual authentication due to a logic error in the code. ThisEPSS 0.5%CVE-2025-61783MEDIUMPython Social Auth - Django has unsafe account associationEPSS 0.5%CVE-2023-31211HIGHDisabled automation users could still authenticateEPSS 0.5%CVE-2026-43640HIGHBitwarden Server < 2026.4.1 Authentication Bypass via SCIM API KeyEPSS 0.5%CVE-2024-25157MEDIUMAuthentication bypass in GoAnywhere MFT prior to 7.6.0EPSS 0.5%CVE-2025-63210CRITICALThe Newtec Celox UHD (models: CELOXA504, CELOXA820) running firmware version celox-21.6.13 is vulnerable to an authentication bypass. An attEPSS 0.5%CVE-2026-29515CRITICALMiCode FileExplorer SwiFTP Server Authentication BypassEPSS 0.5%CVE-2023-39953MEDIUMIssuer not verified from obtained token in user_oidcEPSS 0.4%CVE-2025-23046MEDIUMGLPI vulnerable to unauthorized authentication by email using the OAuthIMAP pluginEPSS 0.4%CVE-2024-9999MEDIUMMulti-Factor Authentication Bypass in Progress WS_FTP ServerEPSS 0.4%CVE-2024-8642MEDIUMEclipse EDC: Consumer pull transfer token validation checks not appliedEPSS 0.4%CVE-2025-14510CRITICALABB Ability OPTIMAX Authentication Bypass in Single-Sign OnEPSS 0.4%CVE-2026-33190HIGHCoreDNS TSIG authentication bypass on encrypted DNS transportsEPSS 0.4%CVE-2023-4860CRITICALInappropriate implementation in Skia in Google Chrome prior to 115.0.5790.98 allowed a remote attacker who had compromised the renderer procEPSS 0.4%CVE-2024-10214LOWIncorrect Session Creation with Desktop SSOEPSS 0.4%CVE-2024-41829LOWIn JetBrains TeamCity before 2024.07 an OAuth code for JetBrains Space could be stolen via Space Application connectionEPSS 0.3%CVE-2026-46389CRITICALUDS Identity Config has a client authentication bypass in `ClientIdAndKubernetesSecretAuthenticator`EPSS 0.3%