Fallos del tipo CWE-287

1853 resultados
CVE-2025-3659CRITICALImproper authentication handling for Digi PortServer TS; Digi One SP, SP IA, IA; Digi One IAPEPSS 0.3%CVE-2024-45036MEDIUMImproper Access Control Vulnerability When Accessing a Maliciously Crafted Tophat LinkEPSS 0.3%CVE-2025-54573MEDIUMCVAT vulnerable to email verification bypass by use of basic authenticationEPSS 0.3%CVE-2025-8964MEDIUMcode-projects Hostel Management System Login hostel_manage.exe improper authenticationEPSS 0.3%CVE-2022-42453MEDIUMHCL BigFix Platform is affected by insufficient warningsEPSS 0.3%CVE-2024-20301MEDIUMA vulnerability in Cisco Duo Authentication for Windows Logon and RDP could allow an authenticated, physical attacker to bypass secondary auEPSS 0.3%CVE-2026-44460HIGHFileRise: TOTP Bypass via Setup Endpoint Disclosing Existing SecretEPSS 0.3%CVE-2022-29838MEDIUMAuthentication issue with the encrypted volumes and auto mount feature in My Cloud devicesEPSS 0.3%CVE-2025-65128HIGHA missing authentication mechanism in the web management API components of Shenzhen Zhibotong Electronics ZBT WE2001 23.09.27 allows unautheEPSS 0.3%CVE-2026-44810HIGHMicrosoft Cryptographic Services Elevation of Privilege VulnerabilityEPSS 0.3%CVE-2026-55955MEDIUMApache Tomcat: EncryptInterceptor not protected against replay attacksEPSS 0.3%CVE-2018-25030LOWMirmay Secure Private Browser / File Manager Auto Lock improper authenticationEPSS 0.3%CVE-2025-22477HIGHDell Storage Center - Dell Storage Manager, version(s) 20.1.20, contain(s) an Improper Authentication vulnerability. An unauthenticated attaEPSS 0.3%CVE-2026-33473MEDIUMVikunja has TOTP Reuse During Validity WindowEPSS 0.3%CVE-2025-0813HIGHCWE-287: Improper Authentication vulnerability exists that could cause an Authentication Bypass when an unauthorized user without permissionEPSS 0.3%CVE-2025-29627MEDIUMAn issue in KeeperChat IOS Application v.5.8.8 allows a physically proximate attacker to escalate privileges via the Biometric AuthenticatioEPSS 0.3%CVE-2026-41720HIGHAuthentication Bypass with Empty Password in Spring LDAPEPSS 0.3%CVE-2026-49202HIGHUnverified Meeting Recording Endpoints & Permissive CORSEPSS 0.3%CVE-2023-43551CRITICALImproper Authentication in Multi-Mode Call ProcessorEPSS 0.3%CVE-2024-27835LOWThis issue was addressed through improved state management. This issue is fixed in iOS 17.5 and iPadOS 17.5. An attacker with physical accesEPSS 0.3%