Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-287 (认证机制不恰当) — Vulnerability Class 1187

1187 vulnerabilities classified as CWE-287 (认证机制不恰当). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2023-41999 Arcserve UDP Management Authentication Bypass — Arcserve UDP 9.8 Critical2023-11-27
CVE-2023-6329 Control iD iDSecure passwordCustom Authentication Bypass — iDSecure 9.8 Critical2023-11-27
CVE-2023-48312 Authentication bypass using an empty token in capsule-proxy — capsule-proxy 9.8 Critical2023-11-24
CVE-2023-4677 Unauthenticated Admin Account Takeover Via Cron Log File Backups — Pandora FMS 7.0 High2023-11-23
CVE-2023-6248 Data leakage and arbitrary remote code execution in Syrus cloud devices — Syrus4 IoT Telematics Gateway 10.0 Critical2023-11-21
CVE-2023-48228 OAuth2: PKCE can be fully circumvented — authentik 7.5 High2023-11-21
CVE-2023-44324 ZDI-CAN-21344: Adobe FrameMaker Publishing Server Authentication Bypass Vulnerability — Adobe Framemaker Publishing Server 9.8 Critical2023-11-17
CVE-2023-24852 Improper Authentication in Core — Snapdragon 8.4 High2023-11-07
CVE-2023-39345 Unauthorized Access to Private Fields in User Registration API in strapi — strapi 7.6 High2023-11-06
CVE-2023-40660 Opensc: potential pin bypass when card tracks its own login state 6.6 Medium2023-11-06
CVE-2023-26455 Open-Xchange App Suite 授权问题漏洞 — OX App Suite 5.6 Medium2023-11-02
CVE-2023-46249 authentik potential installation takeover when default admin user is deleted — authentik 9.7 Critical2023-10-31
CVE-2023-44397 CloudExplorer Lite permission bypass vulnerability — CloudExplorer-Lite 7.5 High2023-10-30
CVE-2023-5830 ColumbiaSoft Document Locator WebTools login improper authentication — Document Locator 7.3 High2023-10-27
CVE-2022-3681 Motorola MR2600 授权问题漏洞 — MR2600 Router 6.5 Medium2023-10-27
CVE-2022-34887 Lenovo printers 授权问题漏洞 — Printer GM265DN (production date June 2022 and before) 4.3 Medium2023-10-27
CVE-2023-46290 Rockwell Automation FactoryTalk Services Platform Elevated Privileges Vulnerability — FactoryTalk® Services Platform 8.1 High2023-10-27
CVE-2023-37283 Authentication Bypass via HTML Form & Identifier First Adapter — PingFederate 8.1 High2023-10-25
CVE-2023-38735 IBM Cognos Dashboards improper authentication — Cognos Dashboards on Cloud Pak for Data 5.7 Medium2023-10-22
CVE-2023-41089 Improper Authentication in DEXMA DEXGate — DexGate 8.0 High2023-10-19
CVE-2023-45669 Improper signature counter value handling in webauthn4j-spring-security — webauthn4j-spring-security 4.8 Medium2023-10-16
CVE-2023-4562 Information Disclosure, Information Tampering and Authentication Bypass Vulnerability in MELSEC-F Series main module — MELSEC-F Series FX3U-16MT/ES 9.1 Critical2023-10-13
CVE-2023-44096 Huawei HarmonyOS 安全漏洞 — HarmonyOS 7.5 -2023-10-11
CVE-2023-36724 Windows Power Management Service Information Disclosure Vulnerability — Windows 10 Version 1809 5.5 Medium2023-10-10
CVE-2023-43809 Soft Serve Public Key Authentication Bypass Vulnerability when Keyboard-Interactive SSH Authentication is Enabled — soft-serve 7.5 High2023-10-04
CVE-2023-43805 Nexkey allows users to bypass authentication of Bull dashboard — nexkey 7.5 High2023-10-04
CVE-2023-43793 Misskey allows users to bypass authentication of Bull dashboard — misskey 7.5 High2023-10-04
CVE-2021-3784 Garuda Linux Improper Authorization — Garuda Linux 5.3 Medium2023-10-04
CVE-2023-28540 Improper Authentication in Data Modem — Snapdragon 9.1 Critical2023-10-03
CVE-2023-26150 asyncua 授权问题漏洞 — asyncua 6.5 Medium2023-10-03

Vulnerabilities classified as CWE-287 (认证机制不恰当) represent 1187 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.