Vulnerabilities (CVE)

Filtered by CWE-288
Total 202 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2025-32357 1 Zammad 1 Zammad 2025-04-15 N/A 4.3 MEDIUM
In Zammad 6.4.x before 6.4.2, an authenticated agent with knowledge base permissions was able to use the Zammad API to fetch knowledge base content that they have no permission for.
CVE-2025-1283 1 Dingtian-tech 8 Dt-r002, Dt-r002 Firmware, Dt-r008 and 5 more 2025-04-10 N/A 9.8 CRITICAL
The Dingtian DT-R0 Series is vulnerable to an exploit that allows attackers to bypass login requirements by directly navigating to the main page.
CVE-2022-3614 1 Octopus 1 Octopus Server 2025-04-10 N/A 6.1 MEDIUM
In affected versions of Octopus Deploy users of certain browsers using AD to sign-in to Octopus Server were able to bypass authentication checks and be redirected to the configured redirect url without any validation.
CVE-2024-46887 2025-04-08 N/A 5.3 MEDIUM
The web server of affected devices do not properly authenticate user request to the '/ClientArea/RuntimeInfoData.mwsl' endpoint. This could allow an unauthenticated remote attacker to gain knowledge about current actual and configured maximum cycle times as well as about configured maximum communication load.
CVE-2025-24095 1 Apple 3 Ipados, Iphone Os, Visionos 2025-04-07 N/A 7.6 HIGH
This issue was addressed with additional entitlement checks. This issue is fixed in visionOS 2.4, iOS 18.4 and iPadOS 18.4. An app may be able to bypass Privacy preferences.
CVE-2024-13446 1 Amentotech 1 Workreap 2025-04-02 N/A 9.8 CRITICAL
The Workreap plugin for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 3.2.5. This is due to the plugin not properly validating a user's identity prior to (1) performing a social auto-login or (2) updating their profile details (e.g. password). This makes it possible for unauthenticated attackers to (1) login as an arbitrary user if their email address is known or (2) change an arbitrary user's password, including administrators, and leverage that to gain access to their account. NOTE: This vulnerability was partially fixed in version 3.2.5.
CVE-2025-27658 1 Printerlogic 2 Vasion Print, Virtual Appliance 2025-04-01 N/A 9.8 CRITICAL
Vasion Print (formerly PrinterLogic) before Virtual Appliance Host 22.0.843 Application 20.0.1923 allows Authentication Bypass OVE-20230524-0001.
CVE-2025-31095 2025-04-01 N/A 9.8 CRITICAL
Authentication Bypass Using an Alternate Path or Channel vulnerability in ho3einie Material Dashboard allows Authentication Bypass. This issue affects Material Dashboard: from n/a through 1.4.5.
CVE-2025-22277 2025-04-01 N/A 8.8 HIGH
Authentication Bypass Using an Alternate Path or Channel vulnerability in appsbd Vitepos allows Authentication Abuse. This issue affects Vitepos: from n/a through 3.1.4.
CVE-2023-50915 2025-03-28 N/A 6.5 MEDIUM
An issue exists in GalaxyClientService.exe in GOG Galaxy (Beta) 2.0.67.2 through 2.0.71.2 that could allow authenticated users to overwrite and corrupt critical system files via a combination of an NTFS Junction and an RPC Object Manager symbolic link and could result in a denial of service.
CVE-2024-13772 1 Uxper 1 Civi 2025-03-28 N/A 5.6 MEDIUM
The Civi - Job Board & Freelance Marketplace WordPress Theme plugin for WordPress is vulnerable to authentication bypass in all versions up to, and including, 2.1.4. This is due to a lack of randomization of a password created during Single Sign-On via Google or Facebook. This makes it possible for unauthenticated attackers to change the password of arbitrary Candidate-level users if the attacker knows the username assigned to the victim during account creation.
CVE-2024-13771 1 Uxper 1 Civi 2025-03-28 N/A 9.8 CRITICAL
The Civi - Job Board & Freelance Marketplace WordPress Theme plugin for WordPress is vulnerable to authentication bypass in all versions up to, and including, 2.1.4. This is due to a lack of user validation before changing a password. This makes it possible for unauthenticated attackers to change the password of arbitrary users, including administrators, if the attacker knows the username of the victim.
CVE-2025-30112 2025-03-27 N/A 7.1 HIGH
On 70mai Dash Cam 1S devices, by connecting directly to the dashcam's network and accessing the API on port 80 and RTSP on port 554, an attacker can bypass the device authorization mechanism from the official mobile app that requires a user to physically press on the power button during a connection.
CVE-2025-22230 2025-03-27 N/A 7.8 HIGH
VMware Tools for Windows contains an authentication bypass vulnerability due to improper access control. A malicious actor with non-administrative privileges on a guest VM may gain ability to perform certain high privilege operations within that VM.
CVE-2025-24472 1 Fortinet 2 Fortios, Fortiproxy 2025-03-19 N/A 8.1 HIGH
An Authentication Bypass Using an Alternate Path or Channel vulnerability [CWE-288] affecting FortiOS 7.0.0 through 7.0.16 and FortiProxy 7.2.0 through 7.2.12, 7.0.0 through 7.0.19 may allow a remote attacker to gain super-admin privileges via crafted CSF proxy requests.
CVE-2024-13442 2025-03-19 N/A 9.8 CRITICAL
The Service Finder Bookings plugin for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 5.0. This is due to the plugin not properly validating a user's identity prior to (1) performing a post-booking auto-login or (2) updating their profile details (e.g. password). This makes it possible for unauthenticated attackers to (1) login as an arbitrary user if their email address is known or (2) change an arbitrary user's password, including administrators, and leverage that to gain access to their account.
CVE-2024-31814 1 Totolink 2 Ex200, Ex200 Firmware 2025-03-18 N/A 8.8 HIGH
TOTOLINK EX200 V4.0.3c.7646_B20201211 allows attackers to bypass login through the Form_Login function.
CVE-2020-10148 1 Solarwinds 1 Orion Platform 2025-03-17 7.5 HIGH 9.8 CRITICAL
The SolarWinds Orion API is vulnerable to an authentication bypass that could allow a remote attacker to execute API commands. This vulnerability could allow a remote attacker to bypass authentication and execute API commands which may result in a compromise of the SolarWinds instance. SolarWinds Orion Platform versions 2019.4 HF 5, 2020.2 with no hotfix installed, and 2020.2 HF 1 are affected.
CVE-2023-37057 2025-03-14 N/A 9.8 CRITICAL
An issue in JLINK Unionman Technology Co. Ltd Jlink AX1800 v.1.0 allows a remote attacker to execute arbitrary code via the router's authentication mechanism.
CVE-2024-11286 2025-03-14 N/A 9.8 CRITICAL
The WP JobHunt plugin for WordPress is vulnerable to authentication bypass in all versions up to, and including, 7.1. This is due to the plugin not properly verifying a user's identity prior to authenticating them through the cs_parse_request() function. This makes it possible for unauthenticated attackers to to log in to any user's account, including administrators.