Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

access:pre-auth — CVE vulnerabilities tagged 18840

18840 CVE security advisories tagged "access:pre-auth" with AI Chinese analysis, CVSS, references and POCs.

CVE IDTitleCVSSSeverityPublished
CVE-2025-40771 Siemens SIMATIC CP Series 访问控制错误漏洞 — SIMATIC CP 1542SP-1CWE-306 9.8 Critical2025-10-14
CVE-2025-40765 Siemens TeleControl Server Basic 访问控制错误漏洞 — TeleControl Server Basic V3.1CWE-306 9.8 Critical2025-10-14
CVE-2011-20001 Siemens SIMATIC S7-1200 CPU V1 family和Siemens SIMATIC S7-1200 CPU V2 family 输入验证错误漏洞 — SIMATIC S7-1200 CPU V1 family (incl. SIPLUS variants)CWE-20 7.5 High2025-10-14
CVE-2025-46581 ZTE ZXCDN product has a Struts RCE Vulnerability — ZXCDNCWE-94 9.8 Critical2025-10-14
CVE-2025-41707 Phoenix Contact: WebSocket Handler Denial of Service — QUINT4-UPS/24DC/24DC/5/EIPCWE-120 5.3 Medium2025-10-14
CVE-2025-41706 Phoenix Contact: Webserver Denial of Service through Malformed Content-Length — QUINT4-UPS/24DC/24DC/5/EIPCWE-120 5.3 Medium2025-10-14
CVE-2025-41705 Phoenix Contact: WebSocket Message Interception Leaks Webfrontend Credentials — QUINT4-UPS/24DC/24DC/5/EIPCWE-523 6.8 Medium2025-10-14
CVE-2025-41703 Phoenix Contact: UPS Shutdown via Unauthenticated Modbus Command — QUINT4-UPS/24DC/24DC/5/EIPCWE-306 7.5 High2025-10-14
CVE-2025-42937 Directory Traversal vulnerability in SAP Print Service — SAP Print ServiceCWE-35 9.8 Critical2025-10-14
CVE-2025-42902 Memory Corruption vulnerability in SAP Netweaver AS ABAP and ABAP Platform — SAP Netweaver AS ABAP and ABAP PlatformCWE-476 5.3 Medium2025-10-14
CVE-2025-57563 StarNet FastX 安全漏洞 — n/a 7.5AIHighAI2025-10-14
CVE-2025-57618 StarNet FastX 安全漏洞 — n/a 9.8AICriticalAI2025-10-14
CVE-2025-9713 Ivanti Endpoint Manager 路径遍历漏洞 — Endpoint ManagerCWE-22 8.8 High2025-10-13
CVE-2025-59836 Omni is Vulnerable to DoS via Empty Create/Update Resource Requests — omniCWE-703 5.3 Medium2025-10-13
CVE-2025-62364 text-generation-webui allows arbitrary file read via symbolic link upload — text-generation-webuiCWE-59 6.2 Medium2025-10-13
CVE-2025-62170 rAthena map-server use-after-free vulnerability in RODEX — rathenaCWE-416 7.5 High2025-10-13
CVE-2025-10720 WP Private Content Plus <= 3.6.2 - Password Protection Bypass — WP Private Content Plus 8.2AIHighAI2025-10-13
CVE-2025-11672 EBM Technologies|Uniweb/SoliPACS WebServer - Missing Authentication — Uniweb/SoliPACS WebServerCWE-306 5.3 Medium2025-10-13
CVE-2025-11671 EBM Technologies|Uniweb/SoliPACS WebServer - Missing Authentication — Uniweb/SoliPACS WebServerCWE-306 5.3 Medium2025-10-13
CVE-2025-9265 API Authentication Bypass via Header Spoofing vulnerability in Kiloview NDI N30 Products — NDICWE-346 7.5AIHighAI2025-10-13
CVE-2025-11652 UTT 进取 518G formTaskEdit_ap buffer overflow — 进取 518GCWE-120 8.8 High2025-10-13
CVE-2025-61884 Oracle E-Business Suite 安全漏洞 — Oracle Configurator 7.5 High2025-10-12
CVE-2025-10376 Course Redirects for Learndash Plugin <= 0.4 - Cross-Site Request Forgery — Course Redirects for Learndash PluginCWE-352 4.3 Medium2025-10-11
CVE-2025-10375 Web Accessibility By accessiBe <= 2.10 - Cross-Site Request Forgery — Web Accessibility by accessiBeCWE-352 4.3 Medium2025-10-11
CVE-2025-8484 Code Quality Control Tool <= 2.1 - Unauthenticated Information Exposure via Log Files — Code Quality Control ToolCWE-200 5.3 Medium2025-10-11
CVE-2025-8682 Newsup <= 5.0.10 - Missing Authorization to Authenticated (Subscriber+) Plugin Installation — NewsupCWE-862 4.3 Medium2025-10-11
CVE-2025-9626 Page Blocks <= 1.1.0 - Cross-Site Request Forgery — Page BlocksCWE-352 4.3 Medium2025-10-11
CVE-2025-6439 WooCommerce Designer Pro <= 1.9.26 - Unauthenticated Arbitrary File Deletion — WooCommerce Designer ProCWE-22 9.8 Critical2025-10-11
CVE-2025-9621 WidgetPack Comment System <= 1.6.1 - Cross-Site Request Forgery — WidgetPack Comment SystemCWE-352 4.3 Medium2025-10-11
CVE-2025-11167 CM Registration – Tailored tool for seamless login and invitation-based registrations <= 2.5.6 - Open Redirect — CM Registration – Tailored tool for seamless login and invitation-based registrationsCWE-601 4.7 Medium2025-10-11

Vulnerabilities classified as access:pre-auth represent 18840 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.