Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-303 (认证算法的不正确实现) — Vulnerability Class 67

67 vulnerabilities classified as CWE-303 (认证算法的不正确实现). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2024-25157 Authentication bypass in GoAnywhere MFT prior to 7.6.0 — GoAnywhere MFT 6.5 Medium2024-08-14
CVE-2024-41829 JetBrains TeamCity 安全漏洞 — TeamCity 3.5 Low2024-07-22
CVE-2024-5658 CraftCMS Plugin - Two-Factor Authentication - TOTP Token Stays Valid After Use — CraftCMS Plugin - Two-Factor Authentication 4.8 Medium2024-06-06
CVE-2024-4332 Improper Authentication in Tripwire Enterprise 9.1.0 APIs — Tripwire Enterprise 8.1AIHighAI2024-06-03
CVE-2024-4985 GitHub Enterprise Server 安全漏洞 — Enterprise Server 9.8AICriticalAI2024-05-20
CVE-2024-35190 Asterisk' res_pjsip_endpoint_identifier_ip: wrongly matches ALL unauthorized SIP requests — asterisk 5.8 Medium2024-05-17
CVE-2023-44420 D-Link DIR-X3260 prog.cgi Incorrect Implementation of Authentication Algorithm Authentication Bypass Vulnerability — DIR-X3260 8.8 -2024-05-03
CVE-2023-34282 D-Link DIR-2150 HNAP Incorrect Implementation of Authentication Algorithm Authentication Bypass Vulnerability — DIR-2150 8.8 -2024-05-03
CVE-2023-34274 D-Link DIR-2150 LoginPassword Incorrect Implementation of Authentication Algorithm Authentication Bypass Vulnerability — DIR-2150 8.8 -2024-05-03
CVE-2023-32152 D-Link DIR-2640 HNAP LoginPassword Authentication Bypass Vulnerability — DIR-2640 8.8 -2024-05-03
CVE-2023-32148 D-Link DIR-2640 HNAP PrivateLogin Authentication Bypass Vulnerability — DIR-2640 8.8 -2024-05-03
CVE-2024-26248 Windows Kerberos Elevation of Privilege Vulnerability — Windows 10 Version 1809 7.5 High2024-04-09
CVE-2024-3046 Eclipse Kura 安全漏洞 — Kura 7.5 High2024-04-09
CVE-2023-31211 Disabled automation users could still authenticate — Checkmk 8.8 High2024-01-12
CVE-2023-4641 Shadow-utils: possible password leak during passwd(1) change 4.7 Medium2023-12-27
CVE-2023-5627 Incorrect Implementation of Authentication Algorithm Vulnerability — NPort 6000 Series 7.5 High2023-11-01
CVE-2023-39953 Issuer not verified from obtained token in user_oidc — security-advisories 4.8 Medium2023-08-10
CVE-2023-3326 Network authentication attack via pam_krb5 — FreeBSD 9.8 -2023-06-22
CVE-2023-29357 Microsoft SharePoint Server Elevation of Privilege Vulnerability — Microsoft SharePoint Server 2019 9.8 Critical2023-06-13
CVE-2023-29129 Siemens Mendix SAML Module 授权问题漏洞 — Mendix SAML (Mendix 7 compatible) 9.1 Critical2023-06-13
CVE-2022-41985 Weston Embedded uC-FTPs 授权问题漏洞 — uC-FTPs 8.6 High2023-05-10
CVE-2022-43635 TP-LINK TL-WR940N 安全漏洞 — TL-WR940N 6.5 -2023-03-29
CVE-2023-25957 Siemens Mendix SAML Module 授权问题漏洞 — Mendix SAML (Mendix 7 compatible) 9.1 Critical2023-03-14
CVE-2022-4861 Incorrect Implementation of Authentication Algorithm — M-Files Client 4.8 Medium2022-12-30
CVE-2022-46146 Prometheus Exporter Toolkit vulnerable to basic authentication bypass — exporter-toolkit 6.2 Medium2022-11-29
CVE-2022-39366 DataHub missing JWT signature check — datahub 9.9 Critical2022-10-28
CVE-2022-20923 Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers IPSec VPN Server Authentication Bypass Vulnerability — Cisco Small Business RV Series Router Firmware 4.0 Medium2022-09-08
CVE-2022-33736 Siemens Opcenter Quality 授权问题漏洞 — Opcenter Quality V13.1 9.1 -2022-07-12
CVE-2022-20695 Cisco Wireless LAN Controller Management Interface Authentication Bypass Vulnerability — Cisco Wireless LAN Controller (WLC) 10.0 Critical2022-04-15
CVE-2021-21902 Garrett Metal Detectors 授权问题漏洞 — Garrett Metal Detectors 8.1 -2021-12-22

Vulnerabilities classified as CWE-303 (认证算法的不正确实现) represent 67 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.