Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-290 (使用欺骗进行的认证绕过) — Vulnerability Class 237

237 vulnerabilities classified as CWE-290 (使用欺骗进行的认证绕过). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2022-3180 WPGateway <= 3.5 - Unauthenticated Privilege Escalation — WPGateway 9.8 -2025-02-11
CVE-2025-1104 D-Link DHP-W310AV authentication spoofing — DHP-W310AV 7.3 High2025-02-07
CVE-2025-21415 Azure AI Face Service Elevation of Privilege Vulnerability — Azure AI Face Service 9.9 Critical2025-01-29
CVE-2025-24628 WordPress reCaptcha by BestWebSoft Plugin <= 1.78 - Captcha Bypass vulnerability — Google Captcha 9.1 -2025-01-27
CVE-2024-55925 API Security bypass through header manipulation — Xerox Workplace Suite 7.5 High2025-01-23
CVE-2025-24458 JetBrains YouTrack 安全漏洞 — YouTrack 7.1 High2025-01-21
CVE-2024-13061 2100 Technology Electronic Official Document Management System - Authentication Bypass — Official Document Management System 9.8 Critical2024-12-31
CVE-2024-12108 WhatsUp Gold - Public API signing key rotation issue — WhatsUp Gold 9.6 Critical2024-12-31
CVE-2023-41133 WordPress Secure Admin IP plugin <= 2.0 - IP Spoofing vulnerability — Secure Admin IP 5.3 Medium2024-12-13
CVE-2024-50380 Authentication Bypass by Spoofing in Snap One OVRC cloud — OVRC cloud 8.2 -2024-12-02
CVE-2024-36466 Unauthenticated Zabbix frontend takeover when SSO is being used — Zabbix 8.8 High2024-11-28
CVE-2024-8935 Schneider Electric Modicon M340 安全漏洞 — Modicon M340 CPU (part numbers BMXP34*) 7.5 High2024-11-13
CVE-2024-51504 Apache ZooKeeper: Authentication bypass with IP-based authentication in Admin Server — Apache ZooKeeper 9.1AICriticalAI2024-11-07
CVE-2024-20384 Cisco Firepower Threat Defense和Cisco Adaptive Security Appliance 安全漏洞 — Cisco Adaptive Security Appliance (ASA) Software 5.8 Medium2024-10-23
CVE-2024-20299 Cisco Adaptive Security Appliance and Firepower Threat Defense AnyConnect Access Control List Bypass Vulnerability — Cisco Adaptive Security Appliance (ASA) Software 5.8 Medium2024-10-23
CVE-2024-20297 Cisco Adaptive Security Appliance and Firepower Threat Defense AnyConnect Access Control List Bypass Vulnerability — Cisco Adaptive Security Appliance (ASA) Software 5.8 Medium2024-10-23
CVE-2024-10125 Lack of JWT issuer and signer validation — Amazon.ApplicationLoadBalancer.Identity.AspNetCore Middleware 7.5 High2024-10-21
CVE-2024-8901 Lack of JWT issuer and signer validation — AWS ALB Route Directive Adapter For Istio 7.5 High2024-10-21
CVE-2024-45453 WordPress Maintenance Redirect plugin <= 2.0.1 - IP Bypass vulnerability — Maintenance Redirect 3.7 Low2024-09-23
CVE-2024-6678 Authentication Bypass by Spoofing in GitLab — GitLab 9.9 Critical2024-09-12
CVE-2024-44104 Ivanti Workspace Control 安全漏洞 — Workspace Control 8.8 High2024-09-10
CVE-2024-43944 WordPress Maintenance & Coming Soon Redirect Animation plugin <= 2.3.3 - Bypass Vulnerability vulnerability — Maintenance & Coming Soon Redirect Animation 3.7 Low2024-08-29
CVE-2023-48396 Apache SeaTunnel Web: Authentication bypass — Apache SeaTunnel Web 9.8AICriticalAI2024-07-30
CVE-2024-41107 Apache CloudStack: SAML Signature Exclusion — Apache CloudStack 9.8 -2024-07-19
CVE-2023-40356 PingOne MFA Integration Kit MFA bypass — PingOne MFA Integration Kit for PingFederate 5.3AIMediumAI2024-07-09
CVE-2023-40702 PingOne MFA Integration Kit MFA bypass — PingOne MFA Integration Kit for PingFederate 8.1AIHighAI2024-07-09
CVE-2024-37430 WordPress Patreon WordPress plugin <= 1.9.0 - Image Protection Bypass vulnerability — Patreon WordPress 5.3 Medium2024-07-09
CVE-2024-6163 local IP restriction of internal HTTP endpoints — Checkmk 5.3 Medium2024-07-08
CVE-2024-37082 Cloud Foundry 安全漏洞 — haproxy-boshrelease 9.1 Critical2024-07-03
CVE-2024-39350 Synology Camera Firmware 安全漏洞 — Camera Firmware 7.5 High2024-06-28

Vulnerabilities classified as CWE-290 (使用欺骗进行的认证绕过) represent 237 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.