Falhas do tipo CWE-640
169 resultadosCVE-2023-7028CRITICALWeak Password Recovery Mechanism for Forgotten Password in GitLabEPSS 95.0%KEVCVE-2025-6216CRITICALAllegra calculateTokenExpDate Password Recovery Authentication Bypass VulnerabilityEPSS 29.4%CVE-2025-47646CRITICALWordPress PSW Front-end Login & Registration plugin <= 1.13 - Broken Authentication VulnerabilityEPSS 21.7%CVE-2021-22763CRITICALA CWE-640: Weak Password Recovery Mechanism for Forgotten Password vulnerability exists in PowerLogic PM55xx, PowerLogic PM8ECC, PowerLogic EPSS 1.8%CVE-2018-16529—A password reset vulnerability has been discovered in Forcepoint Email Security 8.5.x. The password reset URL can be used after the intendedEPSS 1.6%CVE-2021-22731—Weak Password Recovery Mechanism for Forgotten Password vulnerability exists on Modicon Managed Switch MCSESM* and MCSESP* V8.21 and prior wEPSS 1.4%CVE-2022-29174HIGHPredictable password reset token may lead to account takeover in countly-serverEPSS 1.3%CVE-2024-8878CRITICALUnauthenticated Password ResetEPSS 1.3%CVE-2022-0777HIGHWeak Password Recovery Mechanism for Forgotten Password in microweber/microweberEPSS 1.2%CVE-2022-44004CRITICALAn issue was discovered in BACKCLICK Professional 5.9.63. Due to insecure design or lack of authentication, unauthenticated attackers can coEPSS 1.2%CVE-2023-30466CRITICALAuthentication Bypass Vulnerability in Milesight Network Video Recorder (NVR)EPSS 1.1%CVE-2019-6560—In Auto-Maskin RP210E Versions 3.7 and prior, DCU210E Versions 3.7 and prior and Marine Observer Pro (Android App), the software contains a EPSS 1.1%CVE-2026-7554MEDIUMD-Link M60 httpd password recoveryEPSS 1.1%CVE-2021-25957HIGHAccount Takeover in "Dolibarr" via Password Reset FunctionalityEPSS 1.1%CVE-2023-3007MEDIUMningzichun Student Management System Password Reset resetPassword.php password recoveryEPSS 1.0%CVE-2022-22691MEDIUMUmbraco Password Reset URL PoisonEPSS 1.0%CVE-2025-41251HIGHWeak password recovery vulnerabilityEPSS 1.0%CVE-2021-36804MEDIUMAkaunting Password Reset RelayEPSS 1.0%CVE-2023-49589HIGHAn insufficient entropy vulnerability exists in the userRecoverPass.php recoverPass generation functionality of WWBN AVideo dev master commiEPSS 0.9%CVE-2022-3485CRITICALWeak Password Recovery in ifm moneo applianceEPSS 0.9%