The authentication algorithm is sound, but the implemented mechanism can be bypassed as the result of a separate weakness that is primary to the authentication error.
138 vulnerabilities with CWE-305
CVE-2025-41733
CRITICAL
Commissioning Wizard - Privilege Escalation
CVSS 9.8
CVE-2025-47776
CRITICAL
MantisBT <2.27.1 - Auth Bypass
CVSS 9.1
CVE-2025-36386
CRITICAL
IBM Maximo Application Suite - Auth Bypass
CVSS 9.8
CVE-2025-62772
LOW
Mercku M6a <2.1.0 - Info Disclosure
CVSS 3.1
CVE-2025-59980
MEDIUM
Juniper Junos < 22.4 - Authentication Bypass
CVSS 6.5
CVE-2025-56132
HIGH
LiquidFiles <4.2 - Info Disclosure
CVSS 7.3
CVE-2025-59941
MEDIUM
go-f3 <0.8.8 - Code Injection
CVSS 5.9
CVE-2025-54622
HIGH
Huawei Harmonyos - Authentication Bypass
CVSS 8.3
CVE-2025-53534
HIGH
RatPanel <2.5.5 - RCE
CVE-2025-31965
HIGH
HCL BigFix Remote Control Server WebUI <10.1.0.0248 - Info Disclosure
CVSS 8.2
CVE-2025-53826
CRITICAL
File Browser <2.39.0 - Info Disclosure
CVSS 9.8
CVE-2025-53167
MEDIUM
Distributed Collaboration Framework - Info Disclosure
CVSS 6.9
CVE-2025-52996
LOW
File Browser <2.32.0 - Info Disclosure
CVSS 3.1
CVE-2025-46801
CRITICAL
Pgpool-II - Auth Bypass
CVSS 9.8
CVE-2025-4658
CRITICAL
OpenPubkey <0.10.0 - Auth Bypass
CVSS 9.8
CVE-2025-3757
CRITICAL
OpenPubkey <0.10.0 - Auth Bypass
CVSS 9.8
CVE-2025-46750
MEDIUM
SEL BIOS <1.3.49152.117, <2.6.49152.98 - Auth Bypass
CVSS 4.4
CVE-2025-41450
HIGH
Danfoss AKSM8xxA Series <4.2 - Auth Bypass
CVSS 8.2
CVE-2025-32011
CRITICAL
KUNBUS PiCtory <2.11.1 - Auth Bypass
CVSS 9.8
CVE-2025-24522
CRITICAL
KUNBUS Revolution Pi OS Bookworm 01/2025 - RCE
CVSS 10.0
CVE-2025-31161
CRITICAL
KEV
CrushFTP - Authentication Bypass
CVSS 9.8
CVE-2025-31192
MEDIUM
Apple Safari < 18.4 - Denial of Service
CVSS 6.7
CVE-2025-30428
MEDIUM
iOS <18.4 - Info Disclosure
CVSS 5.4
CVE-2025-1880
LOW
i-Drive i11<i12 <20250227 - Auth Bypass
CVSS 2.0
CVE-2025-27371
MEDIUM
IETF OAuth 2.0 - Info Disclosure
CVSS 6.9
Details
Vulnerabilities
138