Fallos del tipo CWE-287
1838 resultadosCVE-2024-57045CRITICALA vulnerability in the D-Link DIR-859 router with firmware version A3 1.05 and earlier permits unauthorized individuals to bypass the authenEPSS 32.3%CVE-2019-1867CRITICALCisco Elastic Services Controller REST API Authentication Bypass VulnerabilityEPSS 30.3%CVE-2025-68926CRITICALRustFS has a gRPC Hardcoded Token Authentication BypassEPSS 29.0%CVE-2017-11151—A vulnerability in synotheme_upload.php in Synology Photo Station before 6.7.3-3432 and 6.3-2967 allows remote attackers to upload arbitraryEPSS 25.3%CVE-2017-9946HIGHA vulnerability has been identified in Siemens APOGEE PXC and TALON TC BACnet Automation Controllers in all versions <V3.5. An attacker withEPSS 24.8%CVE-2024-21899CRITICALQTS, QuTS hero, QuTScloudEPSS 24.4%CVE-2026-45434CRITICALApache OFBiz: Authentication Bypass via Password-Change Logic Flaw Leading to RCEEPSS 22.9%CVE-2024-6235CRITICALSensitive information disclosureEPSS 21.3%CVE-2017-3167—In Apache httpd 2.2.x before 2.2.33 and 2.4.x before 2.4.26, use of the ap_get_basic_auth_pw() by third-party modules outside of the authentEPSS 20.2%CVE-2024-50339CRITICALGLPI vulnerable to unauthenticated session hijackingEPSS 19.8%CVE-2024-24496CRITICALAn issue in Daily Habit Tracker v.1.0 allows a remote attacker to manipulate trackers via the home.php, add-tracker.php, delete-tracker.php,EPSS 19.5%CVE-2025-49001HIGHDataease Authentication Bypass VulnerabilityEPSS 19.4%CVE-2016-7836CRITICALSKYSEA Client View Ver.11.221.03 and earlier allows remote code execution via a flaw in processing authentication on the TCP connection withEPSS 19.4%KEVCVE-2025-55234HIGHWindows SMB Elevation of Privilege VulnerabilityEPSS 18.8%CVE-2025-54918HIGHWindows NTLM Elevation of Privilege VulnerabilityEPSS 18.7%CVE-2020-27838—A flaw was found in keycloak in versions prior to 13.0.0. The client registration endpoint allows fetching information about PUBLIC clients EPSS 17.9%CVE-2025-58443CRITICALFOG's authentication bypass leads to full SQL DB dumpEPSS 17.6%CVE-2024-29849CRITICALVeeam Backup Enterprise Manager allows unauthenticated users to log in as any user to enterprise manager web interface.EPSS 16.7%CVE-2018-1163—This vulnerability allows remote attackers to bypass authentication on vulnerable installations of Quest NetVault Backup 11.2.0.13. The specEPSS 16.3%CVE-2023-22501CRITICALAn authentication vulnerability was discovered in Jira Service Management Server and Data Center which allows an attacker to impersonate anoEPSS 16.0%