Falhas do tipo CWE-294
153 resultadosCVE-2018-14781MEDIUMMedtronic MiniMed MMT-500/MMT-503 Remote Controllers Authentication Bypass by Capture-replayEPSS 0.7%CVE-2024-34065HIGH@strapi/plugin-users-permissions leaks 3rd party authentication tokens and authentication bypassEPSS 0.7%CVE-2022-44457CRITICALA vulnerability has been identified in Mendix SAML (Mendix 7 compatible) (All versions < V1.17.0), Mendix SAML (Mendix 7 compatible) (All veEPSS 0.7%CVE-2022-36089HIGHVelaUX APIServer vulnerable to Authentication Bypass by Capture-replayEPSS 0.7%CVE-2022-40621—WAVLINK Quantum D4G (WN531G3) Pass-The-HashEPSS 0.7%CVE-2023-0014CRITICALCapture-replay vulnerability in SAP NetWeaver AS for ABAP and ABAP PlatformEPSS 0.7%CVE-2025-30201HIGHWazuh NetNTLMv2 Hash Theft In Multiple Centralized Configuration CapabilitiesEPSS 0.7%CVE-2022-38766HIGHThe remote keyless system on Renault ZOE 2021 vehicles sends 433.92 MHz RF signals from the same Rolling Codes set for each door-open requesEPSS 0.7%CVE-2024-12839HIGHChanging Information Technology CGFIDO - Authentication BypassEPSS 0.7%CVE-2018-17935—All versions of Telecrane F25 Series Radio Controls before 00.0A use fixed codes that are reproducible by sniffing and re-transmission. ThisEPSS 0.7%CVE-2024-38438CRITICALD-Link - CWE-294: Authentication Bypass by Capture-replayEPSS 0.7%CVE-2024-29901MEDIUM@workos-inc/authkit-nextjs session replay vulnerabilityEPSS 0.7%CVE-2022-31158HIGHAuthentication Bypass by Capture-replay in packbackbooks/lti-1-3-php-libraryEPSS 0.6%CVE-2025-6029CRITICALKIA-branded Aftermarket Generic Smart Keyless Entry System Replay AttackEPSS 0.6%CVE-2023-39547—CLUSTERPRO X Ver5.1 and earlier and EXPRESSCLUSTER X 5.1 and earlier, CLUSTERPRO X SingleServerSafe 5.1 and earlier, EXPRESSCLUSTER X SingleEPSS 0.6%CVE-2023-47435CRITICALAn issue in the verifyPassword function of hexo-theme-matery v2.0.0 allows attackers to bypass authentication and access password protected EPSS 0.6%CVE-2025-26201CRITICALCredential disclosure vulnerability via the /staff route in GreaterWMS <= 2.1.49 allows a remote unauthenticated attackers to bypass authentEPSS 0.6%CVE-2024-40715HIGHA vulnerability in Veeam Backup & Replication Enterprise Manager has been identified, which allows attackers to perform authentication bypasEPSS 0.6%CVE-2023-41890HIGHSustainsys.Saml2 Insufficient Identity Provider Issuer ValidationEPSS 0.6%CVE-2024-45244MEDIUMHyperledger Fabric through 3.0.0 and 2.5.x through 2.5.9 do not verify that a request has a timestamp within the expected time window.EPSS 0.6%