Weaknesses of type CWE-305
147 resultsCVE-2025-31161CRITICALCrushFTP 10 before 10.8.4 and 11 before 11.3.1 allows authentication bypass and takeover of the crushadmin account (unless a DMZ proxy instaEPSS 100.0%KEVCVE-2020-10923MEDIUMThis vulnerability allows network-adjacent attackers to bypass authentication on affected installations of NETGEAR R6700 V1.0.4.84_10.0.58 rEPSS 84.7%CVE-2023-28126MEDIUMAn authentication bypass vulnerability exists in Avalanche versions 6.3.x and below that could allow an attacker to gain access by exploitinEPSS 66.7%CVE-2023-34124CRITICALThe authentication mechanism in SonicWall GMS and Analytics Web Services had insufficient checks, allowing authentication bypass. This issueEPSS 40.9%CVE-2024-37085MEDIUMVMware ESXi contains an authentication bypass vulnerability. A malicious actor with sufficient Active Directory (AD) permissions can gain fuEPSS 26.8%KEVCVE-2025-32011CRITICALKUNBUS Revolution Pi Authentication Bypass by Primary WeaknessEPSS 21.8%CVE-2024-20674HIGHWindows Kerberos Security Feature Bypass VulnerabilityEPSS 17.2%CVE-2021-26102CRITICALA relative path traversal vulnerability (CWE-23) in FortiWAN version 4.5.7 and below, 4.4 all versions may allow a remote non-authenticated EPSS 16.4%CVE-2023-0777HIGHAuthentication Bypass by Primary Weakness in modoboa/modoboaEPSS 15.1%CVE-2022-2651CRITICALAuthentication Bypass by Primary Weakness in bookwyrm-social/bookwyrmEPSS 11.4%CVE-2025-13915CRITICALAuthentication bypass in IBM API ConnectEPSS 8.7%CVE-2026-4670CRITICALImproper Authentication vulnerability in Progress MOVEit AutomationEPSS 5.6%CVE-2020-15078—OpenVPN 2.5.1 and earlier versions allows a remote attackers to bypass authentication and access control channel data on servers configured EPSS 5.1%CVE-2022-0547CRITICALOpenVPN 2.1 until v2.4.12 and v2.5.6 may enable authentication bypass in external authentication plug-ins when more than one of them makes uEPSS 3.5%CVE-2024-1403CRITICALAuthentication Bypass in OpenEdge Authentication Gateway and AdminServerEPSS 3.3%CVE-2019-3878HIGHA vulnerability was found in mod_auth_mellon before v0.14.2. If Apache is configured as a reverse proxy and mod_auth_mellon is configured toEPSS 3.0%CVE-2021-3850CRITICALAuthentication Bypass by Primary Weakness in adodb/adodbEPSS 2.2%CVE-2020-11012CRITICALAuthentication bypass MinIO Admin APIEPSS 2.1%CVE-2019-14833MEDIUMA flaw was found in Samba, all versions starting samba 4.5.0 before samba 4.9.15, samba 4.10.10, samba 4.11.2, in the way it handles a user EPSS 2.1%CVE-2023-27535MEDIUMAn authentication bypass vulnerability exists in libcurl <8.0.0 in the FTP connection reuse feature that can result in wrong credentials beiEPSS 1.6%