Fallos del tipo CWE-294
153 resultadosCVE-2021-38827HIGHXiongmai Camera XM-JPR2-LX V4.02.R12.A6420987.10002.147502.00000 is vulnerable to account takeover.EPSS 0.6%CVE-2023-29158MEDIUMSUBNET PowerSYSTEM Center Authentication Bypass by Capture-replayEPSS 0.6%CVE-2025-9100MEDIUMzhenfeng13 My-Blog Frontend Blog Article Comment comment authentication replayEPSS 0.6%CVE-2022-29475MEDIUMAn information disclosure vulnerability exists in the XFINDER functionality of Abode Systems, Inc. iota All-In-One Security Kit 6.9X and 6.9EPSS 0.6%CVE-2025-30072HIGHTiiwee X1 Alarm System TWX1HAKV2 allows Authentication Bypass by Capture-replay, leading to physical Access to the protected facilities withEPSS 0.6%CVE-2017-5251—In version 1012 and prior of Insteon's Insteon Hub, the radio transmissions used for communication between the hub and connected devices areEPSS 0.5%CVE-2024-49595HIGHDell Wyse Management Suite, version WMS 4.4 and before, contain an Authentication Bypass by Capture-replay vulnerability. A high privileged EPSS 0.5%CVE-2022-47930MEDIUMAn issue was discovered in IO FinNet tss-lib before 2.0.0. The parameter ssid for defining a session id is not used through the MPC implemenEPSS 0.5%CVE-2022-2780HIGHIn affected versions of Octopus Server it is possible to use the Git Connectivity test function on the VCS project to initiate an SMB requesEPSS 0.5%CVE-2020-27269—In SOOIL Developments Co., Ltd Diabecare RS, AnyDana-i and AnyDana-A, the communication protocol of the insulin pump and its AnyDana-i and AEPSS 0.5%CVE-2025-6533MEDIUMxxyopen/201206030 novel-plus CATCHA LoginController.java ajaxLogin authentication replayEPSS 0.5%CVE-2024-39081MEDIUMAn issue in SMART TYRE CAR & BIKE v4.2.0 allows attackers to perform a man-in-the-middle attack via Bluetooth communications.EPSS 0.5%CVE-2021-25480MEDIUMA lack of replay attack protection in GUTI REALLOCATION COMMAND message process in Qualcomm modem prior to SMR Oct-2021 Release 1 can lead tEPSS 0.5%CVE-2026-37982MEDIUMKeycloak: org.keycloak.authentication: keycloak: unauthorized account takeover via webauthn token replayEPSS 0.4%CVE-2023-45794MEDIUMA vulnerability has been identified in Mendix Applications using Mendix 10 (All versions < V10.4.0), Mendix Applications using Mendix 7 (AllEPSS 0.4%CVE-2022-44555HIGHThe DDMP/ODMF module has a service hijacking vulnerability. Successful exploit of this vulnerability may cause services to be unavailable.EPSS 0.4%CVE-2026-47341MEDIUMApache APISIX: Session replay issue in hmac-authEPSS 0.4%CVE-2022-2226MEDIUMAn OpenPGP digital signature includes information about the date when the signature was created. When displaying an email that contains a diEPSS 0.4%CVE-2025-65552CRITICALD3D Wi-Fi Home Security System ZX-G12 v2.1.1 is vulnerable to RF replay attacks on the 433 MHz sensor communication channel. The system doesEPSS 0.4%CVE-2025-46815HIGHZITADEL Allows IdP Intent Token ReuseEPSS 0.4%