Weaknesses of type CWE-287
1,847 resultsCVE-2025-47889CRITICALIn Jenkins WSO2 Oauth Plugin 1.0 and earlier, authentication claims are accepted without validation by the "WSO2 Oauth" security realm, alloEPSS 0.6%CVE-2025-52856CRITICALVioStorEPSS 0.6%CVE-2023-44397HIGHCloudExplorer Lite permission bypass vulnerabilityEPSS 0.6%CVE-2026-12773MEDIUMBerriAI litellm MCP Proxy user_api_key_auth_mcp.py UserAPIKeyAuth improper authenticationEPSS 0.6%CVE-2026-8979CRITICALAuthentication BypassEPSS 0.6%CVE-2022-35726MEDIUMWordPress Video Gallery plugin <= 1.3.4.5 - Broken Authentication vulnerabilityEPSS 0.6%CVE-2026-42041MEDIUMAxios: Authentication Bypass via Prototype Pollution Gadget in `validateStatus` Merge StrategyEPSS 0.6%CVE-2022-38180MEDIUMIn JetBrains Ktor before 2.1.0 the wrong authentication provider could be selected in some casesEPSS 0.6%CVE-2024-9946HIGHSocial Share, Social Login and Social Comments Plugin – Super Socializer <= 7.13.68 - Authentication Bypass via Disqus OAuth providerEPSS 0.6%CVE-2023-51717CRITICALDataiku DSS before 11.4.5 and 12.4.1 has Incorrect Access Control that could lead to a full authentication bypass.EPSS 0.6%CVE-2023-49791MEDIUMWorkflows do not require password confirmation on API levelEPSS 0.6%CVE-2019-15617—A missing check in Nextcloud Server 17.0.0 allowed an attacker to set up a new second factor when trying to login.EPSS 0.6%CVE-2025-4494MEDIUMJAdmin-JAVA JAdmin Admin Backend NoNeedLoginController.java toLogin improper authenticationEPSS 0.6%CVE-2025-14703MEDIUMShiguangwu sgwbox N3 POST Message fsnotify improper authenticationEPSS 0.6%CVE-2024-11209MEDIUMApereo CAS 2FA login improper authenticationEPSS 0.6%CVE-2023-3597MEDIUMKeycloak: secondary factor bypass in step-up authenticationEPSS 0.6%CVE-2025-4019MEDIUM20120630 Novel-Plus GeneratorController.java genCode missing authenticationEPSS 0.6%CVE-2022-31131MEDIUMOwnership check missing when updating or deleting mail attachments in Nextcloud mailEPSS 0.6%CVE-2024-45113HIGHColdFusion | Improper Authentication (CWE-287)EPSS 0.6%CVE-2022-4041MEDIUMPrivilege Escalation Vulnerability in Hitachi Storage Plug-in for VMware vCenterEPSS 0.6%