CWE-302: CWE-302

CVE-2024-12838 is an authentication bypass vulnerability in CGFIDO's passwordless login mechanism that allows regular users to impersonate any other u...

CVE-2022-22729 is an authentication bypass vulnerability in Yokogawa's CAMS for HIS Server that allows attackers to send specially crafted packets to ...

This vulnerability in Optimus Software Brokerage Automation allows attackers to bypass authentication and authorization controls through multiple weak...

CVE-2025-24876 is an authentication bypass vulnerability in SAP Approuter Node.js package that allows attackers to steal user sessions during authoriz...

Electrolink transmitters have an authentication bypass vulnerability where attackers can gain full system access by setting any value except 'NO' in t...

This vulnerability allows unauthenticated attackers to bypass authentication by manipulating parameters to set credentials to blank, gaining access to...

An authentication bypass vulnerability in Socomec Easy Config System 2.6.1.0 allows attackers to gain unauthorized access by modifying local database ...

This vulnerability allows an attacker with Bitbucket credentials to hijack GitLab accounts linked to other users' Bitbucket accounts when Bitbucket is...

This vulnerability allows attackers to bypass authentication in WiFiBurada by manipulating user-controlled variables that were assumed to be immutable...

This vulnerability allows authenticated attackers to bypass OTP verification for other user accounts in Apex Softcell LD DP Back Office by manipulatin...

Ant Media Server Community Edition's default configuration has improper HTTP header-based authorization, allowing unauthorized users to access non-adm...

ZITADEL identity management platform versions 2.31.0 through 3.4.6 and 4.0.0 through 4.10.0 have a token validation flaw where truncated OIDC access t...

This vulnerability allows authenticated remote attackers with administrative credentials to bypass IP access restrictions on Cisco ISE and ISE-PIC dev...