Weaknesses of type CWE-302
38 resultsCVE-2024-43441CRITICALApache HugeGraph-Server: Fixed JWT Token(Secret)EPSS 69.7%CVE-2024-4024HIGHAuthentication Bypass by Assumed-Immutable Data in GitLabEPSS 14.9%CVE-2016-9482—PHP FormMail Generator generates PHP code for standard web forms, and the code generated is vulnerable to authentication bypassEPSS 4.7%CVE-2025-29813CRITICALAzure DevOps Elevation of Privilege VulnerabilityEPSS 1.5%CVE-2020-15074—OpenVPN Access Server older than version 2.8.4 and version 2.9.5 generates new user authentication tokens instead of reusing exiting tokens EPSS 1.0%CVE-2024-49056HIGHAirlift.microsoft.com Elevation of Privilege VulnerabilityEPSS 1.0%CVE-2022-3875HIGHClick Studios Passwordstate API authentication bypass by assumed-immutable dataEPSS 1.0%CVE-2023-4669CRITICALAuthentication Bypass in Exagate SYSGuard 3001EPSS 1.0%CVE-2023-4612CRITICALMFA bypass in Apereo CASEPSS 0.9%CVE-2022-22729—CAMS for HIS Server contained in the following Yokogawa Electric products improperly authenticate the receiving packets. The authentication EPSS 0.9%CVE-2021-1561MEDIUMCisco Secure Email and Web Manager Spam Quarantine Unauthorized Access VulnerabilityEPSS 0.7%CVE-2024-12838HIGHChanging Information Technology CGFIDO - Authentication BypassEPSS 0.7%CVE-2025-47158CRITICALAzure DevOps Server Elevation of Privilege VulnerabilityEPSS 0.7%CVE-2024-56404CRITICALIn One Identity Identity Manager 9.x before 9.3, an insecure direct object reference (IDOR) vulnerability allows privilege escalation. Only EPSS 0.6%CVE-2021-1399MEDIUMCisco Unified Communications Manager Self Care Portal Authorization Bypass VulnerabilityEPSS 0.6%CVE-2023-47127MEDIUMWeak Authentication in Session Handling in typo3/cms-coreEPSS 0.6%CVE-2025-63210CRITICALThe Newtec Celox UHD (models: CELOXA504, CELOXA820) running firmware version celox-21.6.13 is vulnerable to an authentication bypass. An attEPSS 0.5%CVE-2024-3741HIGHElectrolink FM/DAB/TV Transmitter Authentication Bypass by Assumed-Immutable DataEPSS 0.5%CVE-2024-3462MEDIUMAuthorization bypass in Ant Media ServerEPSS 0.5%CVE-2025-24876HIGHAuthentication bypass via authorization code injection in SAP ApprouterEPSS 0.5%