Falhas do tipo CWE-305
147 resultadosCVE-2025-53534HIGHRatPanel can perform remote command execution without authorizationEPSS 0.6%CVE-2023-4898HIGHAuthentication Bypass by Primary Weakness in mintplex-labs/anything-llmEPSS 0.6%CVE-2025-41733CRITICALPossible malfunction credential injectionEPSS 0.6%CVE-2024-51738HIGHSunshine improperly enforces pairing protocol request orderEPSS 0.6%CVE-2025-36386CRITICALThere is a vulnerability in the IBM Maximo Manage application in IBM Maximo Application Suite for Cognos AnalyticsEPSS 0.5%CVE-2023-2959HIGHAuthentication Bypass by Primary Weakness in Oliva ExpertiseEPSS 0.5%CVE-2025-31192MEDIUMThe issue was addressed with improved checks. This issue is fixed in Safari 18.4, iOS 18.4 and iPadOS 18.4, macOS Sequoia 15.4. A website maEPSS 0.5%CVE-2022-40723MEDIUMConfiguration-based MFA Bypass in PingID RADIUS PCV.EPSS 0.5%CVE-2023-36497HIGHDover Fueling Solutions MAGLINK LX Web Console Authentication Bypass by Primary WeaknessEPSS 0.5%CVE-2023-4939MEDIUMSALESmanago <= 3.2.4 - Log Injection via Weak Authentication TokenEPSS 0.5%CVE-2024-42513MEDIUMVulnerability in the OPC UA .NET Standard Stack before 1.5.374.158 allows an unauthorized attacker to bypass application authentication whenEPSS 0.5%CVE-2026-40582CRITICALChurchCRM: Authentication Bypass in `/api/public/user/login` Allows Bypass of 2FA and Account LockoutEPSS 0.5%CVE-2025-53826HIGHFileBrowser Has Insecure JWT Handling Which Allows Session Replay Attacks after LogoutEPSS 0.5%CVE-2024-12582HIGHSkupper: skupper-cli: flawed authentication method may lead to arbitrary file read or denial of serviceEPSS 0.5%CVE-2024-36388CRITICALMileSight DeviceHub - CWE-305 Missing Authentication for Critical FunctionEPSS 0.5%CVE-2024-10082HIGHCodeChecker is an analyzer tooling, defect database and viewer extension for the Clang Static Analyzer and Clang Tidy.
Authentication methoEPSS 0.5%CVE-2025-4320CRITICALInformation Disclosure in Birebirsoft's SufirmamEPSS 0.5%CVE-2024-12802CRITICALSSL-VPN MFA Bypass in SonicWALL SSL-VPN can arise in specific cases due to the separate handling of UPN (User Principal Name) and SAM (SecurEPSS 0.5%CVE-2026-3047HIGHOrg.keycloak.broker.saml: keycloak saml broker: authentication bypass due to disabled saml client completing idp-initiated loginEPSS 0.5%CVE-2020-10123—The currency dispenser of NCR SelfSev ATMs running APTRA XFS 05.01.00 or earlier does not adequately authenticate session key generation reqEPSS 0.4%