Falhas do tipo CWE-305
147 resultadosCVE-2026-33496HIGHOry Oathkeeper has an authentication bypass by cache key confusionEPSS 0.3%CVE-2025-30428MEDIUMThis issue was addressed through improved state management. This issue is fixed in iOS 18.4 and iPadOS 18.4, iPadOS 17.7.6. Photos in the HiEPSS 0.3%CVE-2025-27371MEDIUMIn certain IETF OAuth 2.0-related specifications, when the JSON Web Token Profile for OAuth 2.0 Client Authentication mechanism is used, theEPSS 0.3%CVE-2025-27370MEDIUMOpenID Connect Core through 1.0 errata set 2 allows audience injection in certain situations. When the private_key_jwt authentication mechanEPSS 0.3%CVE-2025-52996LOWFile Browser's Password Protection of Links Vulnerable to BypassEPSS 0.3%CVE-2026-1290MEDIUM[PI141230] Fixed A broken access control issue.EPSS 0.3%CVE-2025-23017MEDIUMWorkOS Hosted AuthKit before 2025-01-07 allows a password authentication MFA bypass (by enrolling a new authentication factor) when the attaEPSS 0.3%CVE-2025-41450HIGHAuthentication bypass with privileged access in Danfoss AK-SM 8xxA Series prior to version 4.2EPSS 0.3%CVE-2026-3784MEDIUMwrong proxy connection reuse with credentialsEPSS 0.3%CVE-2026-20152MEDIUMCisco Secure Web Appliance Authentication Service Traffic Bypass VulnerabilityEPSS 0.3%CVE-2025-47776HIGHMantisBT: Authentication bypass for some passwords due to PHP type jugglingEPSS 0.3%CVE-2025-4658CRITICALAuthentication Bypass in OPKSSHEPSS 0.3%CVE-2019-0042MEDIUMIncorrect messages from Juniper Identity Management Service (JIMS) can trigger Denial of Service or firewall bypass conditions for SRX series devicesEPSS 0.3%CVE-2024-49587CRITICALGlutton V1 endpoints missing authenticationEPSS 0.3%CVE-2024-9683MEDIUMQuay: quay allows successful authentication with trucated version of the passwordEPSS 0.3%CVE-2020-10126—NCR SelfServ ATMs running APTRA XFS 05.01.00 do not properly validate softare updates for the bunch note acceptor (BNA), enabling an attackeEPSS 0.3%CVE-2025-59980MEDIUMJunos OS: When a user with the name ftp or anonymous is configured unauthenticated filesystem access is allowedEPSS 0.3%CVE-2024-4784MEDIUMAuthentication Bypass by Primary Weakness in GitLabEPSS 0.3%CVE-2026-1965MEDIUMbad reuse of HTTP Negotiate connectionEPSS 0.3%CVE-2025-1880LOWi-Drive i11/i12 Device Pairing authentication bypassEPSS 0.2%