Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-287 (认证机制不恰当) — Vulnerability Class 1186

1186 vulnerabilities classified as CWE-287 (认证机制不恰当). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2024-52968 Fortinet FortiClient 授权问题漏洞 — FortiClientMac 5.8 Medium2025-02-11
CVE-2025-1231 Devolutions Server 安全漏洞 — Server 8.8 -2025-02-11
CVE-2025-24032 PAM-PKCS#11 vulnerable to authentication bypass with default value for `cert_policy` (`none`) — pam_pkcs11 8.1 -2025-02-10
CVE-2025-0890 Zyxel VMG4325-B10A 授权问题漏洞 — VMG4325-B10A firmware 9.8 Critical2025-02-04
CVE-2024-12510 LDAP Authentication Sever Pass-back attack — Versalink B400 6.7 Medium2025-02-03
CVE-2025-0637 Inadequate access control in Beta10 — Beta10 9.8 Critical2025-01-23
CVE-2025-0604 Keycloak-ldap-federation: authentication bypass due to missing ldap bind after password reset in keycloak 5.4 Medium2025-01-22
CVE-2024-36402 Unauthenticated writes to the media repository allow planting of problematic content in Matrix Media Repo — matrix-media-repo 5.3 Medium2025-01-16
CVE-2025-22146 Improper authentication on SAML SSO process allows user impersonation in sentry — sentry 9.1 Critical2025-01-15
CVE-2024-11322 CyberPower PowerPanel Business Unauthenticated Restart DoS — PowerPanel Business 7.5 High2025-01-15
CVE-2024-12919 Paid Membership Subscriptions – Effortless Memberships, Recurring Payments & Content Restriction <= 2.13.7 - Authentication Bypass via pms_payment_id — Paid Membership Subscriptions – Effortless Memberships, Recurring Payments & Content Restriction 9.8 Critical2025-01-14
CVE-2025-0070 Improper Authentication in SAP NetWeaver ABAP Server and ABAP Platform — SAP NetWeaver Application Server for ABAP and ABAP Platform 9.9 Critical2025-01-14
CVE-2024-42172 HCL MyXalytics is affected by broken authentication — DRYiCE MyXalytics 5.3 Medium2025-01-11
CVE-2024-9133 A user with administrator privileges is able to retrieve authentication tokens — Arista Edge Threat Management 6.6 Medium2025-01-10
CVE-2024-13309 Login Disable - Critical - Access bypass - SA-CONTRIB-2024-073 — Login Disable 8.2 -2025-01-09
CVE-2024-53704 SonicWALL SSLVPN 安全漏洞 — SonicOS 9.8 -2025-01-09
CVE-2024-56445 Huawei HarmonyOS 授权问题漏洞 — HarmonyOS 4.3 Medium2025-01-08
CVE-2024-12264 PayU CommercePro Plugin <= 3.8.3 - Unauthenticated Privilege Escalation — PayU CommercePro Plugin 9.8 Critical2025-01-07
CVE-2025-21618 NiceGUI On Air authentication issue — nicegui 7.5 High2025-01-06
CVE-2024-13111 Beijing Yunfan Internet Technology Yunfan Learning Examination System JWT Token SysUserControl improper authentication — Yunfan Learning Examination System 5.6 Medium2025-01-02
CVE-2024-1609 OPPO Store APP has a WebView component privilege escalation vulnerability. — OPPP Store 8.8 -2024-12-25
CVE-2023-31279 Improper Authentication — AirVantage, AirVantage-Capable Devices: All Sierra Wireless devices. 8.1 High2024-12-20
CVE-2024-56329 Account Takeover Vulnerability in Social Account Linking in joelbutcher/socialstream — socialstream--2024-12-20
CVE-2020-9250 Micro Focus Vibe 跨站脚本漏洞 — HUAWEI Mate 20 Pro 3.3 Low2024-12-20
CVE-2024-12287 Biagiotti Membership <= 1.0.2 - Authentication Bypass via biagiotti_membership_check_facebook_user — Biagiotti Membership 9.8 Critical2024-12-18
CVE-2024-1610 OPPO Store app include remote account token hijacking and sensitive information leakage — OPPO Store APP 8.8 -2024-12-18
CVE-2024-21543 djoser 安全漏洞 — djoser 7.1 High2024-12-13
CVE-2024-55886 OpenTelemetry Logs source may lack authentication with some custom plugins — data-prepper 6.9 Medium2024-12-12
CVE-2024-10111 OAuth Single Sign On – SSO (OAuth Client) <= 6.26.3 - Authentication Bypass — OAuth Single Sign On – SSO (OAuth Client) 8.1 High2024-12-12
CVE-2024-11015 Sign In With Google <= 1.8.0 - Authentication Bypass in authenticate_user — Sign In With Google 9.8 Critical2024-12-12

Vulnerabilities classified as CWE-287 (认证机制不恰当) represent 1186 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.