Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

access:pre-auth — CVE vulnerabilities tagged 18840

18840 CVE security advisories tagged "access:pre-auth" with AI Chinese analysis, CVSS, references and POCs.

CVE IDTitleCVSSSeverityPublished
CVE-2025-10294 OwnID Passwordless Login <= 1.3.4 - Authentication Bypass — OwnID Passwordless LoginCWE-288 9.8 Critical2025-10-15
CVE-2025-9967 Orion SMS OTP Verification <= 1.1.7 - Authentication Bypass via Account Takeover — Orion SMS OTP Verification.CWE-288 9.8 Critical2025-10-15
CVE-2025-11692 Zip Attachments <= 1.6 - Missing Authorization to Limited File Deletion — Zip AttachmentsCWE-862 5.3 Medium2025-10-15
CVE-2025-10300 TopBar <= 1.0.0 - Cross-Site Request Forgery to Settings Update — TopBarCWE-352 4.3 Medium2025-10-15
CVE-2025-10312 Theme Importer <= 1.0 - Cross-Site Request Forgery — Theme ImporterCWE-352 4.3 Medium2025-10-15
CVE-2025-10038 Binary MLM Plan <= 3.0 - Unauthenticated Limited Privilege Escalation — Binary MLM PlanCWE-266 6.5 Medium2025-10-15
CVE-2025-10743 Outdoor <= 1.3.2 - Unauthenticated SQL Injection — OutdoorCWE-89 7.5 High2025-10-15
CVE-2025-11177 External Login <= 1.11.2 - Unauthenticated SQL Injection via log — External LoginCWE-89 7.5 High2025-10-15
CVE-2025-10041 Flex QR Code Generator <= 1.2.5 - Unauthenticated Arbitrary File Upload — Flex QR Code GeneratorCWE-434 9.8 Critical2025-10-15
CVE-2025-10186 WhyDonate – FREE Donate button – Crowdfunding – Fundraising <= 4.0.15 - Missing Authorization to Unauthenticated wp_wdplugin_style Rww Deletion — WhyDonate – FREE Donate button – Crowdfunding – FundraisingCWE-862 5.3 Medium2025-10-15
CVE-2025-10301 FunKItools <= 1.0.2 - Cross-Site Request Forgery to Settings Update — FunKItoolsCWE-352 4.3 Medium2025-10-15
CVE-2025-10310 Rich Snippet Site Report <= 2.0.0105 - Authenticated (Admin+) SQL Injection — Rich Snippet Site ReportCWE-89 4.9 Medium2025-10-15
CVE-2025-10648 Login with YourMembership - YM SSO Login <= 1.1.7 - Missing Authorization to Unauthenticated Sensitive Information Exposure via 'moym_display_test_attributes' — Login with YourMembership – YM SSO LoginCWE-862 5.3 Medium2025-10-15
CVE-2025-11501 Dynamically Display Posts <= 1.1 - Unauthenticated SQL Injection — Dynamically Display PostsCWE-89 7.5 High2025-10-15
CVE-2025-55039 Apache Spark, Apache Spark: RPC encryption defaults to unauthenticated AES-CTR mode, enabling man-in-the-middle ciphertext modification attacks — Apache SparkCWE-347 5.9AIMediumAI2025-10-15
CVE-2023-7304 Ruijie RG-UAC nmc_sync.php Command Injection — RG-UACCWE-78 9.8AICriticalAI2025-10-15
CVE-2024-13991 Huijietong Cloud Video Platform fileDownload Arbitrary File Read — Cloud Video PlatformCWE-22 7.5AIHighAI2025-10-15
CVE-2025-59429 FreePBX core module vulnerable to reflected cross-site scripting via Asterisk HTTP Status page — coreCWE-79 6.1AIMediumAI2025-10-14
CVE-2025-11548 ibi WebFOCUS - Unauthenticated RCE Vulnerability — WebFOCUSCWE-94 9.8AICriticalAI2025-10-14
CVE-2025-37148 Kernel Panic triggered by Modified Ethernet Frames leads to Denial of Service Vulnerability — ArubaOS (AOS) 6.5 Medium2025-10-14
CVE-2025-53845 Fortinet FortiAnalyzer 授权问题漏洞 — FortiAnalyzerCWE-287 6.2 Medium2025-10-14
CVE-2025-31365 Fortinet FortiClientMac 代码注入漏洞 — FortiClientMacCWE-94 5.5 Medium2025-10-14
CVE-2024-33507 Fortinet FortiIsolator 代码问题漏洞 — FortiIsolatorCWE-613 7.0 High2025-10-14
CVE-2025-25255 Fortinet FortiOS和Fortinet FortiProxy 安全特征问题漏洞 — FortiOSCWE-358 4.8 Medium2025-10-14
CVE-2024-26008 Fortinet多款产品 代码问题漏洞 — FortiProxyCWE-754 5.0 Medium2025-10-14
CVE-2025-31366 Fortinet多款产品 跨站脚本漏洞 — FortiProxyCWE-79 4.5 Medium2025-10-14
CVE-2025-25253 Fortinet FortiOS和Fortinet FortiProxy 安全漏洞 — FortiProxyCWE-297 6.8 High2025-10-14
CVE-2025-47890 Fortinet多款产品 输入验证错误漏洞 — FortiSASECWE-601 2.5 Low2025-10-14
CVE-2025-9064 Rockwell Automation FactoryTalk View Machine Edition Path Traversal — FactoryTalk View Machine EditionCWE-287 8.1AIHighAI2025-10-14
CVE-2025-9066 Rockwell Automation FactoryTalk® ViewPoint XXE to Denial-of-Service Vulnerability — FactoryTalk ViewPointCWE-20 7.5AIHighAI2025-10-14

Vulnerabilities classified as access:pre-auth represent 18840 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.