Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-287 (认证机制不恰当) — Vulnerability Class 1187

1187 vulnerabilities classified as CWE-287 (认证机制不恰当). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2022-21695 Improper Access Control in Onionshare — onionshare 4.3 Medium2022-01-18
CVE-2021-25036 All In One SEO < 4.1.5.3 - Authenticated Privilege Escalation — All in One SEO – Best WordPress SEO Plugin – Easily Improve SEO Rankings & Increase Traffic 8.8 -2022-01-17
CVE-2021-34993 Commvault CommCell 授权问题漏洞 — CommCell 9.8 -2022-01-13
CVE-2022-21684 User can bypass approval when invited to Discourse — discourse 4.3 Medium2022-01-13
CVE-2022-22990 Limited authentication bypass vulnerability on Western Digital My Cloud devices — My Cloud 7.8 High2022-01-13
CVE-2021-43999 Improper validation of SAML responses — Apache Guacamole 8.8 -2022-01-11
CVE-2021-44458 Lack of websocket authentication in Lens causes remote code execution when visiting a malicious website — Lens 8.3 High2022-01-10
CVE-2022-22289 Samsung S Assistant 授权问题漏洞 — S Assistant 5.3 Medium2022-01-07
CVE-2022-22283 Samsung Health 代码问题漏洞 — Samsung Health 2.8 Low2022-01-07
CVE-2022-22284 Samsung Internet 授权问题漏洞 — Samsung Internet 5.7 Medium2022-01-07
CVE-2021-45917 SUN & MOON RISE CO., LTD. Shockwall - Improper Authentication — Shockwall 8.0 High2022-01-03
CVE-2021-38688 Improper Authentication in Qfile — Qfile 7.1 High2021-12-29
CVE-2021-27451 Mesa Labs AmegaView improper authentication — AmegaView 7.3 High2021-12-21
CVE-2021-40851 TCMAN GIM SQL injection vulnerability — GIM 7.5 High2021-12-17
CVE-2021-43834 Incorrect Authentication in elabftw — elabftw 9.1 Critical2021-12-15
CVE-2021-43833 Account takeover in eLabFTW — elabftw 8.1 High2021-12-15
CVE-2021-4073 RegistrationMagic <= 5.0.1.7 Authentication Bypass — RegistrationMagic 9.8 Critical2021-12-14
CVE-2021-41265 Improper Authentication in Flask-AppBuilder — Flask-AppBuilder 8.1 High2021-12-09
CVE-2021-41311 Atlassian Jira 授权问题漏洞 — Jira Server 4.9 -2021-12-08
CVE-2021-41309 Atlassian Jira授权问题漏洞 — Jira Server 4.3 -2021-12-08
CVE-2021-43786 API token verification can be bypassed — NodeBB 9.8 Critical2021-11-29
CVE-2021-38686 Improper Authentication Vulnerability in VioStor — QVR 8.8 High2021-11-26
CVE-2021-36306 Dell Networking OS10 授权问题漏洞 — Networking OS 8.1 High2021-11-20
CVE-2021-37580 Apache ShenYu Admin bypass JWT authentication — Apache ShenYu Admin 9.8 -2021-11-16
CVE-2021-3519 ThinkStation 授权问题漏洞 — Desktop BIOS 6.4 Medium2021-11-12
CVE-2021-24647 Pie Register < 3.7.1.6 - Unauthenticated Arbitrary Login — Registration Forms – User profile, Content Restriction, Spam Protection, Payment Gateways, Invitation Codes 8.1 -2021-11-08
CVE-2021-25506 Samsung Health 授权问题漏洞 — Samsung Health 4.0 Medium2021-11-05
CVE-2021-25505 Samsung Pass 授权问题漏洞 — Samsung Pass 3.3 Low2021-11-05
CVE-2021-38161 Not validating origin TLS certificate — Apache Traffic Server 7.7 -2021-11-03
CVE-2021-41312 Atlassian Jira 授权问题漏洞 — Jira Server 6.5 -2021-11-03

Vulnerabilities classified as CWE-287 (认证机制不恰当) represent 1187 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.