Falhas do tipo CWE-306

1.704 resultados

CVE-2025-34077CRITICALWordPress Pie Register Plugin ≤ 3.7.1.4 Authentication Bypass RCEEPSS 9.9%CVE-2022-26925HIGHWindows LSA Spoofing VulnerabilityEPSS 9.8%KEV CVE-2026-8732CRITICALWP Maps Pro <= 6.1.0 - Unauthenticated Privilege Escalation via Administrator Account Creation to wpgmp_temp_access_ajax AJAX ActionEPSS 9.5%CVE-2024-12106CRITICALWhatsUp Gold - LDAP configuration interface leading to allowing attacker to configure LDAP settings without authenticationEPSS 9.4%CVE-2026-34472HIGHUnauthenticated credential disclosure in the wizard interface in ZTE ZXHN H188A V6.0.10P2_TE and V6.0.10P3N3_TE allows unauthenticated attacEPSS 8.9%CVE-2024-24578CRITICALRaspberryMatic Unauthenticated Remote Code Execution vulnerability through HMServer File Upload EPSS 8.7%CVE-2023-27290CRITICALIBM Observability with Instana missing authenticationEPSS 8.6%CVE-2026-41179CRITICALRClone: Unauthenticated operations/fsinfo allows attacker-controlled backend instantiation and local command executionEPSS 8.4%CVE-2026-27446CRITICALApache Artemis, Apache ActiveMQ Artemis: Auth bypass for Core downstream federationEPSS 8.3%CVE-2021-32930—The affected product’s configuration is vulnerable due to missing authentication, which may allow an attacker to change configurations and eEPSS 8.1%CVE-2024-21006HIGHVulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core). Supported versions that are affected areEPSS 7.9%CVE-2016-9369CRITICALAn issue was discovered in Moxa NPort 5110 versions prior to 2.6, NPort 5130/5150 Series versions prior to 3.6, NPort 5200 Series versions pEPSS 7.2%CVE-2025-52089HIGHA hidden remote support feature protected by a static secret in TOTOLINK N300RB firmware version 8.54 allows an authenticated attacker to exEPSS 7.1%CVE-2025-59246CRITICALAzure Entra ID Elevation of Privilege VulnerabilityEPSS 6.9%CVE-2025-24865CRITICALmySCADA myPRO Manager Missing Authentication for Critical FunctionEPSS 6.8%CVE-2025-34102CRITICALCryptoLog Unauthenticated RCE via SQL Injection and Command InjectionEPSS 6.8%CVE-2024-32735CRITICALCyberPower PowerPanel Enterprise Missing AuthenticationEPSS 6.8%CVE-2023-7308HIGHSecGate3600 Firewall Information Disclosure via authManageSet.cgiEPSS 6.7%CVE-2025-34057HIGHRuijie NBR Router Administrative Credential DisclosureEPSS 6.4%CVE-2023-37265CRITICALIncorrect identification of source IP addresses in CasaOSEPSS 6.4%

← anteriorpágina 6 / 86próxima →