Falhas do tipo CWE-305
147 resultadosCVE-2023-27536MEDIUMAn authentication bypass vulnerability exists libcurl <8.0.0 in the connection reuse feature which can reuse previously established connectiEPSS 1.6%CVE-2026-25555CRITICALOpenBullet2 0.3.2 Authentication Bypass via X-Api-Key HeaderEPSS 1.5%CVE-2026-2652HIGHAuthentication Bypass in mlflow/mlflowEPSS 1.5%CVE-2020-15787—A vulnerability has been identified in SIMATIC HMI Unified Comfort Panels (All versions <= V16). Affected devices insufficiently validate auEPSS 1.5%CVE-2020-24683CRITICALAuthentication Bypass in Symphony PlusEPSS 1.4%CVE-2021-21403HIGHAuthentication Bypass by Primary Weakness in github.com/kongchuanhujiao/serverEPSS 1.4%CVE-2020-15077—OpenVPN Access Server 2.8.7 and earlier versions allows a remote attackers to bypass authentication and access control channel data on serveEPSS 1.2%CVE-2024-34077HIGHMantisBT user account takeover in the signup/reset password processEPSS 1.2%CVE-2023-27538HIGHAn authentication bypass vulnerability exists in libcurl prior to v8.0.0 where it reuses a previously established SSH connection despite theEPSS 1.2%CVE-2021-43175—The GOautodial API prior to commit 3c3a979 made on October 13th, 2021 exposes an API router that accepts a username, password, and action thEPSS 1.2%CVE-2022-4722HIGHAuthentication Bypass by Primary Weakness in ikus060/rdiffwebEPSS 1.1%CVE-2021-26726HIGHRemote code execution in Valmet DNA before Collection 2021EPSS 1.1%CVE-2024-50478CRITICALWordPress 1-Click Login: Passwordless Authentication plugin 1.4.5 - Broken Authentication vulnerabilityEPSS 1.1%CVE-2019-14909CRITICALA vulnerability was found in Keycloak 7.x where the user federation LDAP bind type is none (LDAP anonymous bind), any password, invalid or vEPSS 1.1%CVE-2023-1307CRITICALAuthentication Bypass by Primary Weakness in froxlor/froxlorEPSS 1.1%CVE-2019-14910CRITICALA vulnerability was found in keycloak 7.x, when keycloak is configured with LDAP user federation and StartTLS is used instead of SSL/TLS froEPSS 1.1%CVE-2023-27582CRITICALFull authentication bypass if SASL authorization username is specifiedEPSS 1.0%CVE-2022-0451MEDIUMAuth bypass in Dark SDKEPSS 1.0%CVE-2021-3547—OpenVPN 3 Core Library version 3.6 and 3.6.1 allows a man-in-the-middle attacker to bypass the certificate authentication by issuing an unreEPSS 1.0%CVE-2020-14359—A vulnerability was found in all versions of Keycloak Gatekeeper, where on using lower case HTTP headers (via cURL) an attacker can bypass oEPSS 1.0%