Fallos del tipo CWE-287

1849 resultados
CVE-2023-35901LOWIBM Robotic Process Automation security bypassEPSS 0.4%CVE-2026-8031MEDIUMPicoTronica e-Clinic Healthcare System ECHS API Endpoint patient-records missing authenticationEPSS 0.4%CVE-2018-10597IntelliVue Patient Monitors MP Series (including MP2/X2/MP30/MP50/MP70/NP90/MX700/800) Rev B-M, IntelliVue Patient Monitors MX (MX400-550) REPSS 0.4%CVE-2018-1106An authentication bypass flaw has been found in PackageKit before 1.1.10 that allows users without administrator privileges to install signeEPSS 0.4%CVE-2026-40964HIGHAuthentication Bypass in cf-auth-proxy in Cloud Foundry Foundation all installations allows an unauthenticated remote attacker to gain read EPSS 0.4%CVE-2025-27422HIGHFACTION Allows Authentication Bypass via User CreationEPSS 0.4%CVE-2026-40165HIGHauthentik: SAML NameID XML Comment Injection Enables Authentication Bypass via Identifier TruncationEPSS 0.4%CVE-2026-27856HIGHDoveadm credentials are verified using direct comparison which is susceptible to timing oracle attack. An attacker can use this to determineEPSS 0.4%CVE-2026-41076HIGHRT: LDAP authentication bypass via empty passwordEPSS 0.4%CVE-2026-50559HIGHAuthentication/Authorization Bypass via Advanced Path Normalization VulnerabilitiesEPSS 0.4%CVE-2026-8216MEDIUMIndustrial Application Software IAS Canias ERP Java RMI Session Management iasServerRemoteInterface.doAction improper authenticationEPSS 0.4%CVE-2026-6129MEDIUMzhayujie chatgpt-on-wechat CowAgent Agent Mode Service missing authenticationEPSS 0.4%CVE-2026-6582MEDIUMTransformerOptimus SuperAGI Vector Database Management Endpoint vector_dbs.py get_vector_db_details missing authenticationEPSS 0.4%CVE-2025-15456MEDIUMbg5sbk MiniCMS Publish page-edit.php improper authenticationEPSS 0.4%CVE-2026-6577MEDIUMliangliangyy DjangoBlog logtracks Endpoint views.py missing authenticationEPSS 0.4%CVE-2026-5000MEDIUMPromtEngineer localGPT API Endpoint server.py LocalGPTHandler missing authenticationEPSS 0.4%CVE-2026-8994HIGHLogin with NEAR <= 0.3.3 - Authentication Bypass via 'account' ParameterEPSS 0.4%CVE-2025-54452HIGHImproper Authentication vulnerability in Samsung Electronics MagicINFO 9 Server allows Authentication Bypass.This issue affects MagicINFO 9 EPSS 0.4%CVE-2020-7294MEDIUMWeb Gateway (MWG) - Privilege Escalation vulnerabilityEPSS 0.4%CVE-2019-13531MEDIUMMedtronic Valleylab FT10 and LS10 Improper AuthenticationEPSS 0.4%