Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

access:pre-auth — CVE vulnerabilities tagged 18872

18872 CVE security advisories tagged "access:pre-auth" with AI Chinese analysis, CVSS, references and POCs.

CVE IDTitleCVSSSeverityPublished
CVE-2023-6978 WP Job Manager – Company Profiles <= 1.7 - Reflected Cross-Site Scripting — WP Job Manager – Company ProfilesCWE-79 6.1 Medium2024-12-04
CVE-2024-11293 Registration Forms – User Registration Forms, Invitation-Based Registrations, Front-end User Profile, Login Form & Content Restriction Social Sites Login <= 1.7.9 - Authentication Bypass via WordPress.com OAuth provider — Pie Register - Social Sites Login (Add on)CWE-287 8.1 High2024-12-04
CVE-2024-11466 Intro Tour Tutorial DeepPresentation <= 6.5.2 - Reflected Cross-Site Scripting — Intro Tour Tutorial DeepPresentationCWE-79 6.1 Medium2024-12-04
CVE-2024-11807 NPS computy <= 2.8.0 - Reflected Cross-Site Scripting — NPS computyCWE-79 6.1 Medium2024-12-04
CVE-2024-11813 Pulsating Chat Button <= 1.4.1 - Cross-Site Request Forgery to Stored Cross-Site Scripting — Pulsating Chat ButtonCWE-352 6.1 Medium2024-12-04
CVE-2024-10952 Authors List <= 2.0.4 - Unauthenticated Arbitrary Shortcode Execution via update_authors_list_ajax — Authors ListCWE-94 7.3 High2024-12-04
CVE-2024-10832 Posti Shipping <= 3.10.3 - Reflected Cross-Site Scripting — Posti ShippingCWE-79 6.1 Medium2024-12-04
CVE-2024-52546 Lorex 2K Indoor Wi-Fi Security Camera - Null pointer dereference — 2K Indoor Wi-Fi Security CameraCWE-476 5.3 Medium2024-12-03
CVE-2024-52545 Lorex 2K Indoor Wi-Fi Security Camera - Out of bounds heap read — 2K Indoor Wi-Fi Security CameraCWE-125 6.5 Medium2024-12-03
CVE-2024-52544 Lorex 2K Indoor Wi-Fi Security Camera - Stack buffer overflow — 2K Indoor Wi-Fi Security CameraCWE-121 9.8 Critical2024-12-03
CVE-2024-37303 Synapse unauthenticated writes to the media repository allow planting of problematic content — synapseCWE-306 5.3 Medium2024-12-03
CVE-2024-37302 Synapse denial of service through media disk space consumption — synapseCWE-770 7.5 High2024-12-03
CVE-2024-11200 Goodlayers Core <= 2.0.7 - Reflected Cross-Site Scripting via 'font-family' — Goodlayers CoreCWE-79 6.1 Medium2024-12-03
CVE-2024-42422 Dell NetWorker 安全漏洞 — NetWorkerCWE-639 8.3 High2024-12-03
CVE-2024-11326 Campaign Monitor Forms by Optin Cat <= 2.5.7 - Reflected Cross-Site Scripting — Campaign Monitor Forms by Optin CatCWE-79 6.1 Medium2024-12-03
CVE-2024-47476 Dell NetWorker Management Console 安全漏洞 — NetWorker Management ConsoleCWE-347 7.8 High2024-12-03
CVE-2024-11325 AWeber Forms by Optin Cat <= 2.5.7 - Reflected Cross-Site Scripting — AWeber Forms by Optin CatCWE-79 5.2 Medium2024-12-03
CVE-2024-11805 Quick License Manager – WooCommerce Plugin <= 2.4.17 - Reflected Cross-Site Scripting — Quick License Manager – WooCommerce PluginCWE-79 6.1 Medium2024-12-03
CVE-2024-11461 Form Data Collector <= 2.2.3 - Reflected Cross-Site Scripting — Form Data CollectorCWE-79 6.1 Medium2024-12-03
CVE-2024-11707 My auctions allegro <= 3.6.17 - Reflected Cross-Site Scripting — My auctions allegroCWE-79 6.1 Medium2024-12-03
CVE-2024-49581 Access control issue impacting RV backed objects — com.palantir.gotham:external-artifactsCWE-862 6.5 Medium2024-12-02
CVE-2024-5890 HTML Injection in the Assessment plugin — Now PlatformCWE-79 4.3 Medium2024-12-02
CVE-2024-8785 WhatsUp Gold Registry Overwrite Remote Code Execution Vulnerability — WhatsUp GoldCWE-648 9.8 Critical2024-12-02
CVE-2024-46909 WhatsUp Gold WriteDataFile Directory Traversal Remote Code Execution Vulnerability — WhatsUp GoldCWE-22 9.8 Critical2024-12-02
CVE-2024-10490 Authentication bypass flaw in several mapp components — B&R mapp CockpitCWE-288 9.8 -2024-12-02
CVE-2024-11252 Social Sharing Plugin – Sassy Social Share <= 3.3.69 - Reflected Cross-Site Scripting via heateor_mastodon_share Parameter — Social Sharing Plugin – Sassy Social ShareCWE-79 6.1 Medium2024-11-30
CVE-2024-11482 Trellix Enterprise Security Manager 安全漏洞 — Trellix Enterprise Security Manager (ESM)CWE-78 9.8 Critical2024-11-29
CVE-2024-11481 Trellix Enterprise Security Manager 安全漏洞 — Trellix Enterprise Security Manager (ESM)CWE-22 8.2 High2024-11-29
CVE-2024-11980 Billion Electric router - Missing Authentication — M100CWE-306 8.6 High2024-11-29
CVE-2024-53701 FCNT 访问控制错误漏洞 — arrows N F-51CCWE-306 5.7 -2024-11-29

Vulnerabilities classified as access:pre-auth represent 18872 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.