Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

access:pre-auth — CVE vulnerabilities tagged 18887

18887 CVE security advisories tagged "access:pre-auth" with AI Chinese analysis, CVSS, references and POCs.

CVE IDTitleCVSSSeverityPublished
CVE-2024-47503 Junos OS: SRX4600 and SRX5000 Series: Sequence of specific PIM packets causes a flowd crash — Junos OSCWE-754 6.5 Medium2024-10-11
CVE-2024-47502 Junos OS Evolved: TCP session state is not always cleared on the Routing Engine leading to DoS — Junos OS EvolvedCWE-770 7.5 High2024-10-11
CVE-2024-47499 Junos OS and Junos OS Evolved: In a BMP scenario receipt of a malformed AS PATH attribute can cause an RPD crash — Junos OSCWE-754 7.5 High2024-10-11
CVE-2024-47498 Junos OS Evolved: QFX5000 Series: Configured MAC learning and move limits are not in effect — Junos OS Evolved 6.5 Medium2024-10-11
CVE-2024-47497 Junos OS: SRX Series, QFX Series, MX Series and EX Series: Receiving specific HTTPS traffic causes resource exhaustion — Junos OSCWE-400 7.5 High2024-10-11
CVE-2024-47493 Junos OS: MX Series: Trio-based FPCs: Continuous physical Interface flaps causes local FPC to crash — Junos OSCWE-401 6.5 Medium2024-10-11
CVE-2024-47491 Junos OS and Junos OS Evolved: Receipt of a specific malformed BGP path attribute leads to an RPD crash — Junos OSCWE-755 5.9 Medium2024-10-11
CVE-2024-47490 Junos OS Evolved: ACX 7000 Series: Receipt of specific transit MPLS packets causes resources to be exhausted — Junos OS EvolvedCWE-923 8.2 High2024-10-11
CVE-2024-47489 Junos OS Evolved: ACX Series: Receipt of specific transit protocol packets is incorrectly processed by the RE — Junos OS EvolvedCWE-755 5.8 Medium2024-10-11
CVE-2024-39563 Junos Space: Remote Command Execution (RCE) vulnerability in web application — Junos SpaceCWE-77 7.3 High2024-10-11
CVE-2024-39547 Junos OS and Junos OS Evolved: cRPD: Receipt of crafted TCP traffic can trigger high CPU utilization — Junos OSCWE-755 7.5 High2024-10-11
CVE-2024-39534 Junos OS Evolved: Connections to the network and broadcast address accepted — Junos OS EvolvedCWE-697 5.4 Medium2024-10-11
CVE-2024-45317 SonicWALL SMA1000 代码问题漏洞 — SMA1000CWE-918 7.5AIHighAI2024-10-11
CVE-2024-9211 FULL – Cliente <= 3.1.22 - Reflected Cross-Site Scripting — FULL – ClienteCWE-79 6.1 Medium2024-10-11
CVE-2024-9610 Language Switcher <= 3.7.13 - Reflected Cross-Site Scripting — Language SwitcherCWE-79 6.1 Medium2024-10-11
CVE-2024-9232 Download Plugins and Themes in ZIP from Dashboard <= 1.9.1 - Reflected Cross-Site Scripting — Download Plugins and Themes in ZIP from DashboardCWE-79 6.1 Medium2024-10-11
CVE-2024-9234 GutenKit <= 2.1.0 - Unauthenticated Arbitrary File Upload — GutenKit – Page Builder Blocks, Patterns, and Templates for Gutenberg Block EditorCWE-862 9.8 Critical2024-10-11
CVE-2024-9707 Hunk Companion <= 1.8.4 - Missing Authorization to Unauthenticated Arbitrary Plugin Installation/Activation — Hunk CompanionCWE-862 9.8 Critical2024-10-11
CVE-2024-9436 PublishPress Revisions: Duplicate Posts, Submit, Approve and Schedule Content Changes <= 3.5.14 - Reflected Cross-Site Scripting — PublishPress Revisions: Duplicate Posts, Submit, Approve and Schedule Content ChangesCWE-79 6.1 Medium2024-10-11
CVE-2024-9221 Tainacan <= 0.21.10 - Reflected Cross-Site Scripting — TainacanCWE-79 6.1 Medium2024-10-11
CVE-2024-9616 BlockMeister – Block Pattern Builder <= 3.1.10 - Reflected Cross-Site Scripting — BlockMeister – Block Pattern BuilderCWE-79 6.1 Medium2024-10-11
CVE-2024-9346 Embed videos and respect privacy <= 1.2 - Reflected Cross-Site Scripting — Embed videos and respect privacyCWE-79 6.1 Medium2024-10-11
CVE-2024-9611 Increase upload file size & Maximum Execution Time limit <= 2.0 - Reflected Cross-Site Scripting — Increase upload file size & Maximum Execution Time limitCWE-79 6.1 Medium2024-10-11
CVE-2024-9586 Linkz.ai <= 1.1.8 - Missing Authorization to Unauthenticated Plugin Settings Update — Linkz.ai – Automatic link previews on hoverCWE-862 6.5 Medium2024-10-11
CVE-2024-9822 Pedalo Connector <= 2.0.5 - Authentication Bypass to Administrator — Pedalo ConnectorCWE-288 9.8 Critical2024-10-11
CVE-2024-42640 angular-base64-upload 安全漏洞 — n/a 9.8AICriticalAI2024-10-11
CVE-2024-44729 MiroTalk 安全漏洞 — n/a 6.5AIMediumAI2024-10-11
CVE-2024-9596 Inclusion of Sensitive Information in Source Code in GitLab — GitLabCWE-540 3.7 Low2024-10-10
CVE-2024-9796 WP-Advanced-Search < 3.3.9.2 - Unauthenticated SQL Injection — WP-Advanced-Search 9.8AICriticalAI2024-10-10
CVE-2024-9156 TI WooCommerce Wishlist <= 2.8.2 - Unauthenticated SQL Injection via lang parameters — TI WooCommerce Wishlist 7.5AIHighAI2024-10-10

Vulnerabilities classified as access:pre-auth represent 18887 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.