Fallos del tipo CWE-287

1848 resultados
CVE-2025-62169HIGHOctoPrint-SpoolManager Plugin APIs do not enforce authenticationEPSS 0.4%CVE-2026-7630MEDIUMinnocommerce InnoShop Installation Endpoint InstallServiceProvider.php boot improper authenticationEPSS 0.4%CVE-2020-7296MEDIUMWeb Gateway (MWG) - Privilege Escalation vulnerabilityEPSS 0.4%CVE-2020-7297MEDIUMWeb Gateway (MWG) - Privilege Escalation vulnerabilityEPSS 0.4%CVE-2024-38810MEDIUMMissing Authorization When Using @AuthorizeReturnObjectEPSS 0.4%CVE-2023-4242MEDIUMFULL - Customer <= 2.2.3 - Authenticated(Subscriber+) Information Disclosure via Health CheckEPSS 0.4%CVE-2026-21508HIGHWindows Storage Elevation of Privilege VulnerabilityEPSS 0.4%CVE-2021-41503HIGHDCS-5000L v1.05 and DCS-932L v2.17 and older are affecged by Incorrect Acess Control. The use of the basic authentication for the devices coEPSS 0.4%CVE-2021-44458HIGHLack of websocket authentication in Lens causes remote code execution when visiting a malicious websiteEPSS 0.4%CVE-2024-11087HIGHminiOrange Social Login and Register (Discord, Google, Twitter, LinkedIn) Pro Addon <= 200.3.9 - Authentication BypassEPSS 0.4%CVE-2025-41064CRITICALIncorrect authentication in GTT´s group OpenSIACEPSS 0.4%CVE-2025-64717HIGHZITADEL vulnerable to Account Takeover with deactivated Instance IdPEPSS 0.4%CVE-2026-4959MEDIUMOpenBMB XAgent ShareServer WebSocket Endpoint share.py check_user missing authenticationEPSS 0.4%CVE-2026-0558HIGHUnauthenticated File Upload in parisneo/lollmsEPSS 0.4%CVE-2025-5247MEDIUMGowabby HFish url.go LoadUrl improper authenticationEPSS 0.4%CVE-2023-28540CRITICALImproper Authentication in Data ModemEPSS 0.4%CVE-2025-37106HIGHAn authentication bypass and disclosure of information vulnerability exists in HPE AutoPass License Server (APLS) prior to 9.18.EPSS 0.4%CVE-2022-46829HIGHIn JetBrains JetBrains Gateway before 2022.3 a client could connect without a valid token if the host consented.EPSS 0.4%CVE-2022-39231LOWParse Server subject to Improper Authentication allowing Auth adapter app ID validation to be circumventedEPSS 0.4%CVE-2026-30949HIGHParse Server is missing audience validation in Keycloak authentication adapterEPSS 0.4%