Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

access:pre-auth — CVE vulnerabilities tagged 18843

18843 CVE security advisories tagged "access:pre-auth" with AI Chinese analysis, CVSS, references and POCs.

CVE IDTitleCVSSSeverityPublished
CVE-2025-42926 Missing Authentication check in SAP NetWeaver Application Server Java — SAP NetWeaver Application Server JavaCWE-306 5.3 Medium2025-09-09
CVE-2025-42920 Cross-Site Scripting (XSS) vulnerability in SAP Supplier Relationship Management — SAP Supplier Relationship ManagementCWE-79 6.1 Medium2025-09-09
CVE-2025-57633 FTP-Flask-python 安全漏洞 — n/a 9.8AICriticalAI2025-09-09
CVE-2025-10103 code-projects Online Event Judging System home.php sql injection — Online Event Judging SystemCWE-89 7.3 High2025-09-08
CVE-2025-9113 Doccure Core <= 1.5.3 - Unauthenticated Arbitrary File Upload — Doccure CoreCWE-434 9.8 Critical2025-09-08
CVE-2025-9114 Doccure <= 1.5.0 - Unauthenticated Arbitrary User Password Change — DoccureCWE-639 9.8 Critical2025-09-08
CVE-2025-5993 Path Traversal in ITCube CRM — ITCube CRMCWE-22 7.5AIHighAI2025-09-08
CVE-2025-41708 Cleartext Transmission of Sensitive Data via Insecure HTTP Web Interface — CC612CWE-319 7.4 High2025-09-08
CVE-2025-8085 Ditty < 3.1.58 - Unauthenticated SSRF — Ditty 5.3AIMediumAI2025-09-08
CVE-2025-58443 FOG's authentication bypass leads to full SQL DB dump — fogprojectCWE-306 9.8AICriticalAI2025-09-06
CVE-2025-7045 Cloud SAML SSO <= 1.0.19 - Missing Authorization to Unauthenticated Identity Provider Deletion via delete_config Action — Cloud SAML SSO – Single Sign On LoginCWE-306 6.5 Medium2025-09-06
CVE-2025-7040 Cloud SAML SSO <= 1.0.19 - Missing Authorization to Unauthenticated Settings Modification via set_organization_settings Action — Cloud SAML SSO – Single Sign On LoginCWE-862 8.2 High2025-09-06
CVE-2025-8359 AdForest <= 6.0.9 - Authentication Bypass to Admin — AdForestCWE-288 9.8 Critical2025-09-06
CVE-2025-10003 UsersWP – Front-end login form, User Registration, User Profile & Members Directory plugin for WP <= 1.2.44 - Authenticated (Subscriber+) SQL Injection — UsersWP – Front-end login form, User Registration, User Profile & Members Directory plugin for WPCWE-89 6.5 Medium2025-09-06
CVE-2025-7368 Rehub <= 19.9.7 - Unauthenticated Password Protected Post Disclosure — REHub - Price Comparison, Multi Vendor Marketplace Wordpress ThemeCWE-200 5.3 Medium2025-09-06
CVE-2025-7366 Rehub <= 19.9.7 - Unauthenticated Arbitrary Shortcode Execution via re_filterpost — REHub - Price Comparison, Multi Vendor Marketplace Wordpress ThemeCWE-94 7.3 High2025-09-06
CVE-2025-58366 Onyxia private helm repository credentials are leaked through unauthenticated API — onyxiaCWE-522 9.1AICriticalAI2025-09-05
CVE-2025-41408 LY Yahoo! Shopping App 安全漏洞 — "Yahoo! Shopping" App for AndroidCWE-939 6.1AIMediumAI2025-09-05
CVE-2025-55037 TkEasyGUI 操作系统命令注入漏洞 — TkEasyGUICWE-78 9.8AICriticalAI2025-09-05
CVE-2025-9990 WordPress Helpdesk Integration <= 5.8.10 - Unauthenticated Local File Inclusion — WordPress Helpdesk IntegrationCWE-98 8.1 High2025-09-05
CVE-2024-43184 IBM Jazz Foundation cross-site scripting — Jazz FoundationCWE-79 6.1 Medium2025-09-04
CVE-2025-7385 SQL Injection in GOV CMS — GOV CMSCWE-89 9.8AICriticalAI2025-09-04
CVE-2025-9616 PopAd <= 1.0.4 - Cross-Site Request Forgery to Settings Update — PopAdCWE-352 5.3 Medium2025-09-04
CVE-2025-8268 Ai Engine <= 2.9.5 - Missing Authorization to Unauthenticated Uploaded Files Disclosure And Deletion — AI Engine – The Chatbot, AI Framework & MCP for WordPressCWE-862 6.5 Medium2025-09-03
CVE-2025-20291 Cisco Webex Meetings 输入验证错误漏洞 — Cisco Webex MeetingsCWE-601 4.3 Medium2025-09-03
CVE-2025-20335 Cisco Desk Phone 9800 Series, IP Phone 7800 and 8800 Series, and Video Phone 8875 with SIP Firmware Information Arbitrary File Write Vulnerability — Cisco Session Initiation Protocol (SIP) SoftwareCWE-284 5.3 Medium2025-09-03
CVE-2025-20336 Cisco Desk Phone 9800 Series, IP Phone 7800 and 8800 Series, and Video Phone 8875 with SIP Firmware Information Disclosure Vulnerability — Cisco Session Initiation Protocol (SIP) SoftwareCWE-200 5.3 Medium2025-09-03
CVE-2025-20330 Cisco Unified Communications Manager IM and Presence Cross-Site Scripting Vulnerability — Cisco Unified Communications Manager IM and Presence ServiceCWE-79 6.1 Medium2025-09-03
CVE-2025-20326 Cisco Unified Communications Manager Cross-Site Request Forgery Vulnerability — Cisco Unified Communications ManagerCWE-352 4.3 Medium2025-09-03
CVE-2025-55944 Slink 安全漏洞 — n/a 6.1AIMediumAI2025-09-03

Vulnerabilities classified as access:pre-auth represent 18843 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.