Falhas do tipo CWE-1390
81 resultadosCVE-2024-48886HIGHA weak authentication in Fortinet FortiOS versions 7.4.0 through 7.4.4, 7.2.0 through 7.2.8, 7.0.0 through 7.0.15, 6.4.0 through 6.4.15, ForEPSS 0.5%CVE-2026-6274CRITICALAuthentication Bypass in DTS Electronics' Redline WR3200EPSS 0.5%CVE-2025-50173HIGHWindows Installer Elevation of Privilege VulnerabilityEPSS 0.5%CVE-2026-6886CRITICALBorG Technology Corporation|Borg SPM 2007 - Authentication BypassEPSS 0.5%CVE-2025-63807CRITICALAn issue was discovered in weijiang1994 university-bbs (aka Blogin) in commit 9e06bab430bfc729f27b4284ba7570db3b11ce84 (2025-01-13). A weak EPSS 0.4%CVE-2024-39848CRITICALInternet2 Grouper before 5.6 allows authentication bypass when LDAP authentication is used in certain ways. This is related to internet2.midEPSS 0.4%CVE-2026-0204HIGHA vulnerability in the access control mechanism of SonicOS may allow certain management interface functions to be accessible under specific EPSS 0.4%CVE-2023-4094MEDIUMWeak authentication vulnerability in Fujitsu Arconte ÁureaEPSS 0.4%CVE-2025-5484HIGHSinoTrack GPS Receiver Weak AuthenticationEPSS 0.4%CVE-2026-28710HIGHSensitive information disclosure and manipulation due to improper authentication. The following products are affected: Acronis Cyber ProtectEPSS 0.4%CVE-2025-21552MEDIUMVulnerability in the JD Edwards EnterpriseOne Orchestrator product of Oracle JD Edwards (component: E1 IOT Orchestrator Security). SupporteEPSS 0.4%CVE-2025-29994HIGHImproper Authentication Vulnerability in CAP back office applicationEPSS 0.4%CVE-2024-47397HIGHWeak authentication issue exists in AE1021 firmware versions 2.0.10 and earlier and AE1021PE firmware versions 2.0.10 and earlier. If this vEPSS 0.4%CVE-2024-29038MEDIUMtpm2 does not detect if quote was not generated by TPMEPSS 0.4%CVE-2025-30468MEDIUMThis issue was addressed through improved state management. This issue is fixed in iOS 26 and iPadOS 26. Private Browsing tabs may be accessEPSS 0.3%CVE-2025-47479MEDIUMWordPress WP Compress plugin <= 6.30.30 - Broken Authentication VulnerabilityEPSS 0.3%CVE-2026-4924HIGHImproper
authentication in the two-factor authentication (2FA) feature in
Devolutions Server 2026.1.11 and earlier allows a remote attackeEPSS 0.3%CVE-2025-1293HIGHHashiCorp Hermes Improperly Validates AWS ALB JWTs, which May Lead to Authentication BypassEPSS 0.3%CVE-2026-0274HIGHCortex XSOAR: Improper Validation of Credentials in CommvaultSecurityIQ integrationEPSS 0.3%CVE-2026-1693MEDIUMUse of vulnerable Resource Owner Password Credentials flowEPSS 0.3%