Falhas do tipo CWE-306
1.719 resultadosCVE-2021-20262—A flaw was found in Keycloak 12.0.0 where re-authentication does not occur while updating the password. This flaw allows an attacker to takeEPSS 0.3%CVE-2025-63435MEDIUMXtooltech Xtool AnyScan Android Application 4.40.40 is Missing Authentication for Critical Function. The server-side endpoint responsible foEPSS 0.3%CVE-2025-53789HIGHWindows StateRepository API Server file Elevation of Privilege VulnerabilityEPSS 0.3%CVE-2021-34983MEDIUMNETGEAR Multiple Routers httpd Missing Authentication for Critical Function Information Disclosure VulnerabilityEPSS 0.3%CVE-2022-27495MEDIUMOn all versions 1.3.x (fixed in 1.4.0) NGINX Service Mesh control plane endpoints are exposed to the cluster overlay network. Note: SoftwareEPSS 0.3%CVE-2020-25697—A privilege escalation flaw was found in the Xorg-x11-server due to a lack of authentication for X11 clients. This flaw allows an attacker tEPSS 0.3%CVE-2026-12199HIGHUnauthenticated Denial of Service in nltk.app.wordnet_appEPSS 0.3%CVE-2026-4582LOWShenzhen HCC Technology MPOS M6 PLUS Bluetooth missing authenticationEPSS 0.3%CVE-2024-41968MEDIUMWAGO: Docker Settings Manipulation in Multiple DevicesEPSS 0.3%CVE-2025-52551CRITICALProprietary protocol allows for unauthenticated file operationsEPSS 0.3%CVE-2026-44328HIGHfree5GC: SMF UPI DELETE /upi/v1/upNodesLinks/{ref} panics on AN-node deletion via nil UPF dereference; unauthenticated, state-mutatingEPSS 0.3%CVE-2026-27471CRITICALERP: Document access through endpoints due to missing validationEPSS 0.3%CVE-2022-48496—Vulnerability of lax app identity verification in the pre-authorization function.Successful exploitation of this vulnerability will cause maEPSS 0.3%CVE-2022-48494—Vulnerability of lax app identity verification in the pre-authorization function.Successful exploitation of this vulnerability will cause maEPSS 0.3%CVE-2026-49357HIGHStreamable HTTP mode exposes LINE Desktop read/send tools without MCP authenticationEPSS 0.3%CVE-2025-3319HIGHIBM Spectrum Protect Server authentication bypassEPSS 0.3%CVE-2021-47710HIGHCOMMAX Smart Home Ruvie CCTV Bridge DVR Service RTSP Credentials DisclosureEPSS 0.3%CVE-2021-47709HIGHCOMMAX Smart Home Ruvie CCTV Bridge DVR Service Config Write / DoSEPSS 0.3%CVE-2026-7844MEDIUMchatchat-space Langchain-Chatchat Compatible File Service openai_routes.py delete_file missing authenticationEPSS 0.3%CVE-2026-56321MEDIUMCapgo - Missing Authentication Middleware on GET /private/role_bindings EndpointEPSS 0.3%