Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-287

CWE-287

High likelihood

Improper Authentication

Parent: CWE-284 - Improper Access Control

When an actor claims to have a given identity, the product does not prove or insufficiently proves that the claim is correct.

4,320 vulnerabilities with CWE-287

CVE-2025-55340 HIGH

Windows Remote Desktop - Privilege Escalation

CVE-2025-53845 MEDIUM

Fortinet FortiAnalyzer <7.6.3 - Info Disclosure

CVE-2025-9064 CRITICAL

FactoryTalk View Machine Edition - Path Traversal

CVE-2025-9063 CRITICAL

FactoryTalk View Machine Edition - Auth Bypass

CVE-2025-9265 CRITICAL

Kiloview NDI N30 < 2.02.246 - Unauthenticated Broken Authorization

CVE-2025-11661 HIGH

oranbyte School Management System - Improper Authentication

CVE-2025-11633 LOW

Furbo 360 Dog Camera <036 & Furbo Mini <074 - Improper Certificate Validation

CVE-2025-61884 HIGH KEV

Oracle Configurator 12.2.3-12.2.14 - Unauthenticated CRLF Injection via Runtime UI

CVE-2025-60306 CRITICAL

code-projects Simple Car Rental System 1.0 - Auth Bypass

CVE-2025-11529 HIGH

ChurchCRM < 5.19.0 - Authentication Bypass in AuthMiddleware

CVE-2025-11192 HIGH

Extreme Networks Fabric Engine <9.3 - Privilege Escalation

CVE-2025-11287 HIGH

samanhappy MCPHub <0.9.10 - Auth Bypass

CVE-2025-61882 CRITICAL KEV

Oracle Concurrent Processing 12.2.3-12.2.14 - Unauthenticated Takeover

CVE-2025-61679 HIGH

anyquery < 0.4.4 - Unauthenticated Exposure of Sensitive Integration Data via HTTP Server

CVE-2025-54154 MEDIUM

QNAP Authenticator 1.3.0-1.3.1.1226 - Improper Authentication

CVE-2025-61665 HIGH

WeGIA < 3.5.0 - Unauthenticated Sensitive Information Exposure via get_relatorios_socios.php Endpoint

CVE-2025-41064 CRITICAL

GTT OpenSIAC - Improper Authentication via Cl@ve Impersonation

CVE-2025-11130 HIGH

iHongRen pptp-vpn 1.0/1.0.1 - Missing Authentication

CVE-2025-59934 CRITICAL

formbricks < 4.0.1 - Unauthenticated Authentication Bypass via JWT Signature Verification Missing

CVE-2025-20160 HIGH

Cisco IOS Software - Info Disclosure

CVE-2025-10906 HIGH

Magnetism Studios Endurance <3.3.0 - Use After Free

CVE-2025-0672 LOW

WSO2 Identity Server - Authentication Bypass via FIDO Registration Data

CVE-2025-0663 MEDIUM

WSO2 Identity Server - Cross-Tenant Authentication Bypass via Adaptive Authentication Cookie Forgery

CVE-2025-9965 CRITICAL

Novakon P series < P-2.0.05 - Unauthenticated Arbitrary Application Upload/Download

CVE-2025-57434 HIGH

Creacast Creabox Manager - Improper Authentication via Password Prefix Bypass

Previous Page 17 of 173 Next

Details

Vulnerabilities 4,320

Exploit Likelihood High

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy