Syntax: kev:true severity:critical epss:>0.95 vendor:cisco patch:false
Filters
Severity
Exploitation
Data Source
Data Quality
Vendor
CWE — Weakness Type
Clear all
Top 20 matches Showing top matches — use filters or a more specific query to narrow
9 CRITICAL7 HIGH4 MEDIUM ⚡ 1 KEV
CVE-2022-4001
HIGH CVSS 7.3
Find Similar
An authentication bypass vulnerability could allow an attacker to access API functions without authentication.
NVD RRF 0.016
CVE-2024-10511
MEDIUM CVSS 6.3
Find Similar
CWE-287: Improper Authentication vulnerability exists that could cause Denial of access to the web interface when someone on the local network repeatedly requests the /accessdenied URL.
NVD RRF 0.016
CVE-2024-45369
CRITICAL CVSS 9.2
Find Similar
The web application uses a weak authentication mechanism to verify that a request is coming from an authenticated and authorized resource.
NVD RRF 0.016
CVE-2026-23600
CRITICAL CVSS 10.0
Find Similar
A remote authentication bypass vulnerability  exists in HPE AutoPass License Server (APLS).
NVD RRF 0.015
CVE-2025-0813
HIGH CVSS 7.0
Find Similar
CWE-287: Improper Authentication vulnerability exists that could cause an Authentication Bypass when an unauthorized user without permission rights has physical access to the EPAS-UI computer and is a
NVD RRF 0.015
CVE-2017-20237
CRITICAL CVSS 9.3
Find Similar
Hirschmann Industrial HiVision versions prior to 06.0.07 and 07.0.03 contains an authentication bypass vulnerability in the master service that allows unauthenticated remote attackers to execute arbit
NVD RRF 0.014
CVE-2024-32119
MEDIUM CVSS 4.8
Find Similar
An improper authentication vulnerability [CWE-287] in Fortinet FortiClientEMS version 7.4.0 and before 7.2.4 allows an unauthenticated attacker with the knowledge of the targeted user's FCTUID and VDO
fortinet
NVD RRF 0.014
CVE-2023-29117
HIGH CVSS 8.8
Find Similar
Waybox Enel X web management API authentication could be bypassed and provide administrator’s privileges over the Waybox system.
enelx
NVD RRF 0.014
CVE-2024-53704
CRITICAL CVSS 9.8 KEV
Find Similar
An Improper Authentication vulnerability in the SSLVPN authentication mechanism allows a remote attacker to bypass authentication.
sonicwall
NVD RRF 0.014
CVE-2024-35294
MEDIUM CVSS 6.5
Find Similar
An unauthenticated remote attacker may use the devices traffic capture without authentication to grab plaintext administrative credentials.
NVD RRF 0.014
CVE-2025-2230
HIGH CVSS 8.5
Find Similar
A flaw exists in the Windows login flow where an AuthContext token can be exploited for replay attacks and authentication bypass.
NVD RRF 0.013
CVE-2025-55340
HIGH CVSS 7.0
Find Similar
Improper authentication in Windows Remote Desktop Protocol allows an authorized attacker to bypass a security feature locally.
microsoft
NVD RRF 0.013
CVE-2025-53845
MEDIUM CVSS 6.5
Find Similar
An improper authentication vulnerability [CWE-287] in Fortinet FortiAnalyzer version 7.6.0 through 7.6.3 and before 7.4.6 allows an unauthenticated attacker to obtain information pertaining to the dev
fortinet
NVD RRF 0.013
CVE-2026-12183
CRITICAL CVSS 9.3
Find Similar
Nefteprodukttekhnika BUK TS-G Gas Station Automation System 2.9.1 through 2.10.2 on Linux contains an Improper Authentication vulnerability (CWE-287) in the system configuration module. The /php/ajax-
NVD RRF 0.013
Page 1+ Next →