Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-287 (认证机制不恰当) — Vulnerability Class 1185

1185 vulnerabilities classified as CWE-287 (认证机制不恰当). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2025-52856 VioStor — VioStor 9.8 -2025-08-29
CVE-2025-7955 RingCentral Communications 1.5 - 1.6.8 - Missing Server‑Side Verification to Authentication Bypass via ringcentral_admin_login_2fa_verify Function — RingCentral Communications Plugin – FREE 9.8 Critical2025-08-28
CVE-2025-9533 TOTOLINK T10 formLoginAuth.htm improper authentication — T10 7.3 High2025-08-27
CVE-2025-55293 Meshtastic allows crafting of specific NodeInfo packets that overwrite any publicKey saved in the NodeDB — firmware 9.4 Critical2025-08-18
CVE-2025-8964 code-projects Hostel Management System Login hostel_manage.exe improper authentication — Hostel Management System 5.3 Medium2025-08-14
CVE-2025-55171 WeGIA Anonymous Attacker can Delete Arbitrary Image file at endpoint `/html/personalizacao_remover.php` — WeGIA 7.5 High2025-08-12
CVE-2025-55169 WeGIA Path Traversal at endpoint 'html/socio/sistema/download_remessa.php' via parameter 'file' — WeGIA 7.5AIHighAI2025-08-12
CVE-2025-53793 Azure Stack Hub Information Disclosure Vulnerability — Azure Stack Hub 2406 7.5 High2025-08-12
CVE-2025-53778 Windows NTLM Elevation of Privilege Vulnerability — Windows 10 Version 1507 8.8 High2025-08-12
CVE-2025-8838 WinterChenS my-site Backend admin preHandle improper authentication — my-site 7.3 High2025-08-11
CVE-2025-54888 @fedify/fedify: Improper Authentication and Incorrect Authorization — fedify 9.8 -2025-08-09
CVE-2025-53786 Microsoft Exchange Server Hybrid Deployment Elevation of Privilege Vulnerability — Microsoft Exchange Server 2016 Cumulative Update 23 8.0 High2025-08-06
CVE-2025-8348 Kehua Charging Pile Cloud Platform home improper authentication — Charging Pile Cloud Platform 7.3 High2025-07-31
CVE-2025-54573 CVAT vulnerable to email verification bypass by use of basic authentication — cvat 4.3 Medium2025-07-30
CVE-2025-54419 Node-SAML Contains SAML Signature Verification Vulnerability — node-saml 10.0 Critical2025-07-28
CVE-2025-0249 HCL IEM is affected by an improper invalidation of access or JWT token vulnerability — IEM 3.3 Low2025-07-24
CVE-2024-12310 Bypass of Login Screen on Shared Kiosk Workstations — Enterprise Access Management 6.8 -2025-07-23
CVE-2025-54452 SAMSUNG MagicINFO 9 Server 安全漏洞 — MagicINFO 9 Server 7.3 High2025-07-23
CVE-2025-41459 Insecure authentication due to missing bruteforce protection and runtime manipulation in Two App Studio Journey 5.5.6 for iOS — Journey 7.8 High2025-07-21
CVE-2024-6107 Canonical MAAS 安全漏洞 — MAAS 9.6 Critical2025-07-21
CVE-2025-53771 Microsoft SharePoint Server Spoofing Vulnerability — Microsoft SharePoint Enterprise Server 2016 6.5 Medium2025-07-20
CVE-2025-7875 Metasoft 美特软件 MetaCRM debug.jsp improper authentication — MetaCRM 7.3 High2025-07-20
CVE-2025-7699 An improper access control vulnerability was found in the EZ Sync Manager of ADM — ADM 6.5AIMediumAI2025-07-16
CVE-2025-7703 TECNO tech.palm.id 安全漏洞 — tech.palm.id 7.5AIHighAI2025-07-16
CVE-2025-49831 Conjur OSS and Secrets Manager, Self-Hosted (formerly Conjur Enterprise) vulnerable to IAM Authenticator Bypass via Mis-configured Network Device — conjur 9.3AICriticalAI2025-07-15
CVE-2025-53889 Directus missing permission checks for manual trigger Flows — directus 6.5 Medium2025-07-14
CVE-2025-7574 LB-LINK BL-WR9000 Web Interface lighttpd.cgi restore improper authentication — BL-AC1900 9.8 Critical2025-07-14
CVE-2025-49812 Apache HTTP Server: mod_ssl TLS upgrade attack — Apache HTTP Server 7.4AIHighAI2025-07-10
CVE-2025-49706 Microsoft SharePoint Server Spoofing Vulnerability — Microsoft SharePoint Enterprise Server 2016 6.5 Medium2025-07-08
CVE-2025-53545 Press has a potential 2FA bypass — press 9.8AICriticalAI2025-07-08

Vulnerabilities classified as CWE-287 (认证机制不恰当) represent 1185 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.