Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-305

CWE-305

Authentication Bypass by Primary Weakness

Parent: CWE-1390 - Weak Authentication

The authentication algorithm is sound, but the implemented mechanism can be bypassed as the result of a separate weakness that is primary to the authentication error.

146 vulnerabilities with CWE-305

CVE-2025-7064 MEDIUM

Freelance Security Lock – Access to Windows OS

CVE-2025-31703 LOW

Dahua NVR2-4KS3 <2026-03-03 - Privilege Escalation

CVE-2025-58382 HIGH

Brocade Fabric OS <9.2.1c2 - Command Injection

CVE-2025-4320 CRITICAL

Birebirsoft Sufirmam <23012026 - Auth Bypass

CVE-2025-68609 MEDIUM

Palantir Aries - Unauthenticated Authentication Bypass

CVE-2025-13915 CRITICAL

IBM API Connect <10.0.8.5, 10.0.11.0 - Auth Bypass

CVE-2025-68435 CRITICAL

Zerobyte <0.18.5-0.19.0 - Auth Bypass

CVE-2025-51663 HIGH

FileCodeBox < 2.2 - Authentication Bypass via X-Real-IP and X-Forwarded-For Header Spoofing

CVE-2025-41733 CRITICAL

Commissioning Wizard - Privilege Escalation

CVE-2025-47776 CRITICAL

MantisBT < 2.27.2 - Authentication Bypass via MD5 Hash Type Juggling

CVE-2025-36386 CRITICAL

IBM Maximo Application Suite - Auth Bypass

CVE-2025-62772 LOW

Mercku M6a <2.1.0 - Info Disclosure

CVE-2025-59980 MEDIUM

Juniper Junos < 22.4R3-S8, 23.2 < 23.2R2-S3, 23.4 < 23.4R2 - Unauthenticated FTP Authentication Bypass

CVE-2025-56132 HIGH

LiquidFiles < 4.2.0 - Unauthenticated User Enumeration via Password Reset Response Discrepancy

CVE-2025-59941 MEDIUM

go-f3 <0.8.8 - Code Injection

CVE-2025-54622 HIGH

HarmonyOS - Authentication Bypass in DeviceManager Module

CVE-2025-53534 HIGH

RatPanel 2.3.19 to 2.5.5 - Path Cleaning Authentication Bypass Command Execution

CVE-2025-31965 HIGH

HCL BigFix Remote Control Server WebUI <10.1.0.0248 - Info Disclosure

CVE-2025-53826 CRITICAL

File Browser <2.39.0 - Info Disclosure

CVE-2025-53167 MEDIUM

Distributed Collaboration Framework - Info Disclosure

CVE-2025-52996 LOW

File Browser <2.32.0 - Info Disclosure

CVE-2025-46801 CRITICAL

Pgpool-II 4.0-4.6 - Authentication Bypass

CVE-2025-4658 CRITICAL

OpenPubkey < 0.10.0 and OPKSSH < 0.5.0 - Authentication Bypass via JWS Signature Verification

CVE-2025-3757 CRITICAL

OpenPubkey < 0.10.0 - Authentication Bypass via JWS Signature Verification

CVE-2025-46750 MEDIUM

SEL BIOS <1.3.49152.117, <2.6.49152.98 - Auth Bypass

Previous Page 2 of 6 Next

Details

Vulnerabilities 146

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy