Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

access:pre-auth — CVE vulnerabilities tagged 18848

18848 CVE security advisories tagged "access:pre-auth" with AI Chinese analysis, CVSS, references and POCs.

CVE IDTitleCVSSSeverityPublished
CVE-2025-4390 WP Private Content Plus <= 3.6.2 - Unauthenticated Sensitive Information Exposure — WP Private Content PlusCWE-200 5.3 Medium2025-08-12
CVE-2025-42975 Multiple vulnerabilities in SAP NetWeaver Application Server ABAP (BIC Document) — SAP NetWeaver Application Server ABAP (BIC Document)CWE-79 6.1 Medium2025-08-12
CVE-2025-42948 Cross-Site Scripting (XSS) vulnerability in SAP NetWeaver ABAP Platform — SAP NetWeaver ABAP PlatformCWE-79 6.1 Medium2025-08-12
CVE-2025-42942 Cross-Site Scripting (XSS) vulnerability in SAP NetWeaver Application Server for ABAP — SAP NetWeaver Application Server for ABAPCWE-79 6.1 Medium2025-08-12
CVE-2025-54992 OpenKilda XXE in SAML configuration — open-kildaCWE-611 7.5AIHighAI2025-08-11
CVE-2025-54478 Unauthenticated Channel Subscription Edit in Mattermost Confluence Plugin — Mattermost Confluence PluginCWE-306 7.2 High2025-08-11
CVE-2025-49221 Unauthenticated Access to Channel Subscription in Mattermost Confluence Plugin — Mattermost Confluence PluginCWE-862 3.7 Low2025-08-11
CVE-2025-8866 YugabyteDB 安全漏洞 — YugabyteDB AnywhereCWE-200 5.3AIMediumAI2025-08-11
CVE-2012-10038 Auxilium RateMyPet Arbitrary File Upload RCE — RateMyPetCWE-434 9.8AICriticalAI2025-08-11
CVE-2025-8853 2100 Technology|Official Document Management System - Authentication Bypass — Official Document Management SystemCWE-290 9.8 Critical2025-08-11
CVE-2025-54888 @fedify/fedify: Improper Authentication and Incorrect Authorization — fedifyCWE-287 9.8 -2025-08-09
CVE-2025-4796 Eventin <= 4.0.34 - Authenticated (Contributor+) Privilege Escalation via User Email Change/Account Takeover — Eventin – Event Calendar, Event Registration, Tickets & Booking (AI Powered)CWE-639 8.8 High2025-08-08
CVE-2012-10045 XODA 0.4.5 Arbitrary PHP File Upload — XODACWE-434 9.8 -2025-08-08
CVE-2012-10041 WAN Emulator v2.3 Command Execution — WAN EmulatorCWE-78 9.8 -2025-08-08
CVE-2012-10036 Project Pier <= 0.8.8 Arbitrary File Upload RCE — ProjectPierCWE-434 9.8 -2025-08-08
CVE-2012-10044 MobileCartly 1.0 savepage.php Arbitrary File Creation — MobileCartlyCWE-434 9.8 -2025-08-08
CVE-2012-10046 E-Mail Security Virtual Appliance learn-msg.cgi Command Injection — E-Mail Security Virtual ApplianceCWE-78 9.8 -2025-08-08
CVE-2012-10052 EGallery 1.2 Arbitrary PHP File Upload — EGalleryCWE-434 9.8 -2025-08-08
CVE-2012-10050 CuteFlow <= 2.11.2 Arbitrary File Upload RCE — CuteFlowCWE-434 9.8 -2025-08-08
CVE-2010-10013 AjaXplorer < 2.6 checkInstall.php Unauthenticated RCE — AjaXplorerCWE-78 9.8 -2025-08-08
CVE-2025-52913 Mitel MiCollab 安全漏洞 — n/a 9.8 -2025-08-08
CVE-2025-54787 SuiteCRM: Improper Authorization for attachment downloads — SuiteCRMCWE-285 3.7 Low2025-08-07
CVE-2025-34148 Shenzhen Aitemi M300 Wi-Fi Repeater OS Command Injection via WISP SSID — M300 Wi-Fi RepeaterCWE-78 8.8AIHighAI2025-08-07
CVE-2025-34151 Shenzhen Aitemi M300 Wi-Fi Repeater PPPoE Password Command Injection — M300 Wi-Fi RepeaterCWE-78 9.8AICriticalAI2025-08-07
CVE-2025-34152 Shenzhen Aitemi M300 Wi-Fi Repeater OS Command Injection via Time Parameter — M300 Wi-Fi RepeaterCWE-78 9.8AICriticalAI2025-08-07
CVE-2025-7054 Infinite loop triggered by connection ID retirement — quicheCWE-835 6.5AIMediumAI2025-08-07
CVE-2025-47188 Mitel多款产品 安全漏洞 — n/a 9.8AICriticalAI2025-08-07
CVE-2025-54786 SuiteCRM: Legacy iCal service allows unauthenticated access to meeting data — SuiteCRM-CoreCWE-200 5.3 Medium2025-08-06
CVE-2025-38746 Dell SupportAssist OS Recovery 信息泄露漏洞 — SupportAssist OS RecoveryCWE-200 3.5 Low2025-08-06
CVE-2025-20215 Cisco Webex Meeting Client Join Certificate Validation Vulnerability — Cisco Webex MeetingsCWE-295 5.4 Medium2025-08-06

Vulnerabilities classified as access:pre-auth represent 18848 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.