Weaknesses of type CWE-287
1,853 resultsCVE-2023-21425MEDIUMImproper access control vulnerability in telecom application prior to SMR JAN-2023 Release 1 allows local attackers to get sensitive informaEPSS 0.2%CVE-2023-21437MEDIUMImproper access control vulnerability in Phone application prior to SMR Feb-2023 Release 1 allows local attackers to access sensitive informEPSS 0.2%CVE-2025-26475MEDIUMDell Secure Connect Gateway (SCG) 5.0 Appliance - SRS, version(s) 5.26, Enables Live-Restore setting which enhances security by keeping contEPSS 0.1%CVE-2025-22236HIGHCVE-2025-22236 salt advisoryEPSS 0.1%CVE-2023-21484MEDIUMImproper access control vulnerability in AppLock prior to SMR May-2023 Release 1 allows local attackers without proper permission to executeEPSS 0.1%CVE-2024-24279HIGHAn issue in secdiskapp 1.5.1 (management program for NewQ Fingerprint Encryption Super Speed Flash Disk) allows attackers to gain escalated EPSS 0.1%CVE-2026-40995MEDIUMX.509 authentication bypasses Spring Security account checksEPSS 0.1%CVE-2025-71057HIGHImproper session management in D-Link Wireless N 300 ADSL2+ Modem Router DSL-124 ME_1.00 allows attackers to execute a session hijacking attEPSS 0.1%CVE-2023-21487MEDIUMImproper access control vulnerability in Telephony framework prior to SMR May-2023 Release 1 allows local attackers to change a call settingEPSS 0.1%CVE-2025-61679HIGHAnyquery Unauthenticated Access Vulnerability Exposes Private Integration DataEPSS 0.1%CVE-2026-55962MEDIUMTLS 1.3 post-handshake authentication: server accepts Finished without client Certificate/CertificateVerifyEPSS 0.1%CVE-2025-20083HIGHImproper authentication in the firmware for the Intel(R) Slim Bootloader may allow a privileged user to potentially enable escalation of priEPSS 0.1%CVE-2026-33248MEDIUMNATS has mTLS verify_and_map authentication bypass via incorrect Subject DN matchingEPSS 0.1%CVE-2026-33246MEDIUMNATS: Leafnode connections allow spoofing of Nats-Request-Info identity headersEPSS 0.1%CVE-2026-1568CRITICALRapid7 InsightVM Signature Validation VulnerabilityEPSS 0.1%CVE-2023-33070HIGHImproper Authentication in Automotive OSEPSS 0.1%CVE-2022-33242HIGHImproper authentication in Qualcomm IPCEPSS 0.1%CVE-2025-65431MEDIUMAn issue was discovered in allauth-django before 65.13.0. Both Okta and NetIQ were using preferred_username as the identifier for third-partEPSS 0.1%CVE-2026-10548MEDIUMNousResearch hermes-agent Credential Pool Synchronization credential_pool.py _sync_anthropic_entry_from_credentials_file improper authenticationEPSS 0.1%CVE-2026-45289MEDIUMCloudburstMC Protocol: Partially missing validation for FULL type authentication tokensEPSS 0.1%