Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-305

CWE-305

Authentication Bypass by Primary Weakness

Parent: CWE-1390 - Weak Authentication

The authentication algorithm is sound, but the implemented mechanism can be bypassed as the result of a separate weakness that is primary to the authentication error.

146 vulnerabilities with CWE-305

CVE-2025-41450 HIGH

Danfoss AKSM8xxA Series <4.2 - Auth Bypass

CVE-2025-32011 CRITICAL

KUNBUS PiCtory <2.11.1 - Auth Bypass

CVE-2025-24522 CRITICAL

KUNBUS Revolution Pi OS Bookworm 01/2025 - RCE

CVE-2025-31161 CRITICAL KEV

CrushFTP - Authentication Bypass

CVE-2025-31192 MEDIUM

Safari < 18.4 - Unauthenticated Sensor Information Access

CVE-2025-30428 MEDIUM

iPadOS < 17.7.6 and < 18.4 - Unauthenticated Hidden Photos Album Access

CVE-2025-1880 LOW

i-Drive i11<i12 <20250227 - Auth Bypass

CVE-2025-27371 MEDIUM

IETF RFC 7523 - Authentication Bypass via Ambiguous JWT Audience Values

CVE-2025-27370 MEDIUM

OpenID Connect Core <1.0 - Command Injection

CVE-2025-23017 MEDIUM

WorkOS Hosted AuthKit <2025-01-07 - Auth Bypass

CVE-2024-49587 CRITICAL

Palantir Glutton >=105.95.0 - Unauthenticated Authentication Bypass

CVE-2024-12776 HIGH

langgenius/dify v0.10.1 - Unauthenticated Authentication Bypass via Password Reset Endpoint

CVE-2024-12054 MEDIUM

ZF RSSPlus 2M 01/08-01/23 - Authentication Bypass via SecurityAccess Service Seed

CVE-2024-42513 MEDIUM

OPC UA .NET Standard Stack <1.5.374.158 - Auth Bypass

CVE-2024-51738 HIGH

lizardbyte/sunshine < 2025.118.151840 - Unauthenticated Authentication Bypass via Pairing Protocol MITM

CVE-2024-12802 CRITICAL

SonicOS Authentication Bypass via UPN/SAM Account Name Handling

CVE-2024-12582 HIGH

Service Interconnect 1 for RHEL 9 - Authentication Bypass and Denial of Service via Plaintext Password File

CVE-2024-10394 HIGH

OpenAFS < 1.6.25 - Authentication Bypass via PAG Throttling Mechanism

CVE-2024-10082 HIGH

CodeChecker <6.24.1 - Privilege Escalation

CVE-2024-50478 CRITICAL

Swoop 1-Click Login: Passwordless Authentication 1.4.5 - Authentication Bypass

CVE-2024-9683 MEDIUM

Quay - Authentication Bypass via Truncated Password

CVE-2024-20463 MEDIUM

Cisco ATA 190 Series - Unauthenticated RCE

CVE-2024-8642 HIGH

Eclipse Dataspace Components <0.9.0 - Auth Bypass

CVE-2024-5957 MEDIUM

Trellix Intrusion Prevention System Manager < 11.1.7.97 - Unauthenticated Authentication Bypass

CVE-2024-5956 MEDIUM

Trellix Intrusion Prevention System Manager - Unauthenticated Authentication Bypass

Previous Page 3 of 6 Next

Details

Vulnerabilities 146

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy