Weaknesses of type CWE-287

1,848 results
CVE-2024-6078HIGHRockwell Automation Authentication Bypass Vulnerability in DataMosaix™EPSS 0.4%CVE-2025-25227HIGH[20250402] - Joomla Core - MFA Authentication BypassEPSS 0.4%CVE-2025-6926HIGHSecurity Authentication Bypass in CentralAuthEPSS 0.4%CVE-2020-3388HIGHCisco SD-WAN vManage Software Command Injection VulnerabilityEPSS 0.4%CVE-2024-23251MEDIUMAn authentication issue was addressed with improved state management. This issue is fixed in iOS 16.7.8 and iPadOS 16.7.8, iOS 17.5 and iPadEPSS 0.4%CVE-2025-58065MEDIUMFlask App Builder has an Authentication Bypass vulnerability when using non AUTH_DB methodsEPSS 0.4%CVE-2025-30168MEDIUMParse Server has an OAuth login vulnerabilityEPSS 0.4%CVE-2024-5201HIGHDimensions RM - Privilege EscalationEPSS 0.4%CVE-2025-67822CRITICALA vulnerability in the Provisioning Manager component of Mitel MiVoice MX-ONE 7.3 (7.3.0.0.50) through 7.8 SP1 (7.8.1.0.14) could allow an uEPSS 0.4%CVE-2025-31271HIGHThis issue was addressed through improved state management. This issue is fixed in macOS Tahoe 26. Incoming FaceTime calls can appear or be EPSS 0.4%CVE-2023-51511MEDIUMWordPress Booster Elite for WooCommerce plugin < 7.1.3 - Authenticated Production Creation/Modification VulnerabilityEPSS 0.4%CVE-2024-30939MEDIUMAn issue discovered in Yealink VP59 Teams Editions with firmware version 91.15.0.118 allows a physically proximate attacker to gain control EPSS 0.4%CVE-2024-2244MEDIUMREST service authentication anomaly with “valid username/no password” credential combination for batch job processing resulting in successfuEPSS 0.4%CVE-2026-50623MEDIUMApache CXF: Authentication Bypass in OAuth2 TokenIntrospectionServiceEPSS 0.4%CVE-2026-48114CRITICALMetacat has an unauthenticated SQL injection vulnerabilityEPSS 0.4%CVE-2025-46572CRITICALpassport-wsfed-saml2 Has SAML Authentication Bypass via Signature WrappingEPSS 0.4%CVE-2022-39019MEDIUMBroken access controls on PDFtron WebviewerUI in M-Files HubshareEPSS 0.4%CVE-2025-3910MEDIUMOrg.keycloak.authentication: two factor authentication bypassEPSS 0.4%CVE-2022-43528MEDIUMUnder certain configurations, an attacker can login to Aruba EdgeConnect Enterprise Orchestrator without supplying a multi-factor authenticaEPSS 0.4%CVE-2022-3156HIGHRockwell Automation Studio 5000 Logix Emulate Vulnerable to a Remote Code Execution VulnerabilityEPSS 0.4%