Falhas do tipo CWE-287
1.825 resultadosCVE-2023-28121—An issue in WooCommerce Payments plugin for WordPress (versions 5.6.1 and lower) allows an unauthenticated attacker to send requests on behaEPSS 86.9%CVE-2022-41678—Apache ActiveMQ: Insufficient API restrictions on Jolokia allow authenticated users to perform RCEEPSS 85.8%CVE-2022-0342CRITICALAn authentication bypass vulnerability in the CGI program of Zyxel USG/ZyWALL series firmware versions 4.20 through 4.70, USG FLEX series fiEPSS 84.8%CVE-2023-38096CRITICALNETGEAR ProSAFE Network Management System MyHandlerInterceptor Authentication Bypass VulnerabilityEPSS 83.0%CVE-2015-1187CRITICALThe ping tool in multiple D-Link and TRENDnet devices allow remote attackers to execute arbitrary code via the ping_addr parameter to ping.cEPSS 82.9%KEVCVE-2023-27351HIGHThis vulnerability allows remote attackers to bypass authentication on affected installations of PaperCut NG 22.0.5 (Build 63914). AuthenticEPSS 78.4%KEVCVE-2023-32243CRITICALWordPress Essential Addons for Elementor Plugin 5.4.0-5.7.1 is vulnerable to Privilege EscalationEPSS 75.9%CVE-2019-1937CRITICALCisco Integrated Management Controller Supervisor, Cisco UCS Director, and Cisco UCS Director Express for Big Data Authentication Bypass VulnerabilityEPSS 75.9%CVE-2024-5806CRITICALMOVEit Transfer Authentication Bypass VulnerabilityEPSS 75.8%CVE-2021-41303—Apache Shiro before 1.8.0, when using Apache Shiro with Spring Boot, a specially crafted HTTP request may cause an authentication bypassEPSS 75.6%CVE-2025-1044CRITICALLogsign Unified SecOps Platform Authentication Bypass VulnerabilityEPSS 73.3%CVE-2024-28255CRITICALAuthentication Bypass in OpenMetadataEPSS 73.3%CVE-2023-27482CRITICALhomeassistant is an open source home automation tool. A remotely exploitable vulnerability bypassing authentication for accessing the SupervEPSS 72.0%CVE-2026-50751CRITICALUser Authentication Bypass in VPN Remote Access and Mobile AccessEPSS 71.1%KEVCVE-2020-4427CRITICALIBM Data Risk Manager 2.0.1, 2.0.2, 2.0.3, 2.0.4, 2.0.5, and 2.0.6 could allow a remote attacker to bypass security restrictions when configEPSS 70.0%KEVCVE-2020-26214CRITICALLDAP authentication bypass in AlertaEPSS 65.9%CVE-2023-6329CRITICALControl iD iDSecure passwordCustom Authentication BypassEPSS 65.2%CVE-2022-44574—An improper authentication vulnerability exists in Avalanche version 6.3.x and below allows unauthenticated attacker to modify properties onEPSS 64.8%CVE-2017-7546—PostgreSQL versions before 9.2.22, 9.3.18, 9.4.13, 9.5.8 and 9.6.4 are vulnerable to incorrect authentication flaw allowing remote attackersEPSS 61.6%CVE-2015-7755CRITICALJuniper ScreenOS 6.2.0r15 through 6.2.0r18, 6.3.0r12 before 6.3.0r12b, 6.3.0r13 before 6.3.0r13b, 6.3.0r14 before 6.3.0r14b, 6.3.0r15 beforeEPSS 61.4%KEV