Weaknesses of type CWE-324
19 resultsCVE-2022-35401CRITICALAn authentication bypass vulnerability exists in the get_IFTTTTtoken.cgi functionality of Asus RT-AX82U 3.0.0.4.386_49674-ge182230. A speciaEPSS 20.8%CVE-2024-36031CRITICALkeys: Fix overwrite of key expiration on instantiationEPSS 0.7%CVE-2019-3790MEDIUMOps Manager uaa client issues tokens after refresh token expirationEPSS 0.7%CVE-2021-33020HIGHPhilips Vue PACS Use of a Key Past its Expiration DateEPSS 0.6%CVE-2022-2447—A flaw was found in Keystone. There is a time lag (up to one hour in a default configuration) between when security policy says a token shouEPSS 0.6%CVE-2024-7318MEDIUMKeycloak-core: one time passcode (otp) is valid longer than expiration timeseverityEPSS 0.4%CVE-2022-24732MEDIUMMaddy Mail Server does not implement account expiryEPSS 0.4%CVE-2025-31123HIGHZitadel Expired JWT Keys Usable for Authorization GrantsEPSS 0.4%CVE-2025-2291HIGHPgBouncer default auth_query does not take Postgres password expiry into accountEPSS 0.3%CVE-2024-31895MEDIUMIBM App Connect Enterprise information disclosureEPSS 0.3%CVE-2024-31893MEDIUMIBM App Connect Enterprise information disclosureEPSS 0.3%CVE-2024-31894MEDIUMIBM App Connect Enterprise information disclosureEPSS 0.3%CVE-2024-25679MEDIUMIn PQUIC before 5bde5bb, retention of unused initial encryption keys allows attackers to disrupt a connection with a PSK configuration by seEPSS 0.3%CVE-2024-38277MEDIUMmoodle: QR login key and auto-login key for the Moodle mobile app should be generated as separate keysEPSS 0.2%CVE-2025-48813MEDIUMVirtual Secure Mode Spoofing VulnerabilityEPSS 0.2%CVE-2025-13723MEDIUMIBM Sterling Partner Engagement Manager Information DisclosureEPSS 0.2%CVE-2024-6299MEDIUMUse of a Key Past its Expiration Date in ConduitEPSS 0.2%CVE-2025-33012MEDIUMIBM Db2 improper account lockoutEPSS 0.1%CVE-2023-5342MEDIUMShim: expired secure boot certificateEPSS 0.1%