Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

access:pre-auth — CVE vulnerabilities tagged 18892

18892 CVE security advisories tagged "access:pre-auth" with AI Chinese analysis, CVSS, references and POCs.

CVE IDTitleCVSSSeverityPublished
CVE-2024-33698 Siemens SIMATIC 安全漏洞 — Opcenter QualityCWE-122 9.8 Critical2024-09-10
CVE-2023-49069 Siemens Mendix 安全漏洞 — Mendix Runtime V10CWE-204 5.3 Medium2024-09-10
CVE-2023-2919 Tutor LMS <= 2.7.4 - Cross-Site Request Forgery via 'addon_enable_disable' — Tutor LMS – eLearning and online course solutionCWE-352 4.3 Medium2024-09-10
CVE-2024-39581 Dell InsightIQ 安全漏洞 — PowerScale InsightIQCWE-552 7.3 High2024-09-10
CVE-2024-39583 Dell InsightIQ 加密问题漏洞 — PowerScale InsightIQCWE-327 8.1 High2024-09-10
CVE-2024-7734 Phoenix Contact: Multiple mGuard devices are vulnerable to a drain of open file descriptors. — FL MGUARD 2102CWE-770 5.3 Medium2024-09-10
CVE-2024-6596 Endress+Hauser: Multiple products are vulnerable to code injection — Echo Curve ViewerCWE-94 9.8 Critical2024-09-10
CVE-2024-42427 Dell ThinOS 安全漏洞 — Wyse Proprietary OS (Modern ThinOS)CWE-77 7.6 High2024-09-10
CVE-2024-45504 Trend Micro InterScan WebManager 安全漏洞 — InterSafe WebFilter 8.8AIHighAI2024-09-10
CVE-2024-45279 Cross-Site Scripting (XSS) vulnerability in SAP NetWeaver Application Server for ABAP (CRM Blueprint Application Builder Panel) — SAP NetWeaver Application Server for ABAP (CRM Blueprint Application Builder Panel)CWE-79 6.1 Medium2024-09-10
CVE-2024-44120 Cross-Site Scripting (XSS) vulnerability in SAP NetWeaver Enterprise Portal — SAP NetWeaver Enterprise PortalCWE-79 4.7 Medium2024-09-10
CVE-2024-8478 Affiliate Super Assistent <= 1.5.3 - Unauthenticated Arbitrary Shortcode Execution — Affiliate Super AssistentCWE-94 7.3 High2024-09-10
CVE-2024-6342 Zyxel NAS542和NAS326 操作系统命令注入漏洞 — NAS326 firmwareCWE-78 9.8 Critical2024-09-10
CVE-2024-44667 Haichangxing HCX H822 安全漏洞 — n/a 9.8AICriticalAI2024-09-10
CVE-2024-6796 Vulnerability in Baxter Connex Health Portal — Connex Health PortalCWE-284 8.2 High2024-09-09
CVE-2024-6795 Vulnerability in Baxter Connex Health Portal — Connex Health PortalCWE-89 10.0 Critical2024-09-09
CVE-2024-8584 LEARNING DIGITAL Orca HCM - Missing Authentication — Orca HCMCWE-306 9.8 Critical2024-09-09
CVE-2024-6928 Opti Marketing <= 2.0.9 - Unauthenticated SQLi — Opti Marketing 9.8AICriticalAI2024-09-08
CVE-2024-6924 TrueBooker < 1.0.3 - Multiple Unauthenticated SQLi — TrueBooker 9.8AICriticalAI2024-09-08
CVE-2024-40711 Veeam Backup & Replication 安全漏洞 — Backup and Recovery 9.8AICriticalAI2024-09-07
CVE-2024-6010 Cost Calculator Builder PRO <= 3.2.1 - Unauthenticated Price Manipulation — Cost Calculator Builder PROCWE-472 5.3 Medium2024-09-07
CVE-2024-1596 Ninja Forms File Uploads <= 3.3.16 - Unauthenticated Stored Cross-Site Scripting via File Upload — Ninja Forms - File UploadsCWE-79 7.2 High2024-09-07
CVE-2024-8517 SPIP Bigup Multipart File Upload OS Command Injection — SPIPCWE-73 9.8 Critical2024-09-06
CVE-2024-7493 WPCOM Member <= 1.5.2.1 - Unauthenticated Privilege Escalation via User Meta — WPCOM MemberCWE-269 9.8 Critical2024-09-06
CVE-2024-8292 WP-Recall – Registration, Profile, Commerce & More <= 16.26.8 - Insecure Direct Object Reference to Unauthenticated Arbitrary Password Update — WP-Recall – Registration, Profile, Commerce & MoreCWE-639 9.8 Critical2024-09-06
CVE-2024-7415 Remember Me Controls <= 2.0.1 - Unauthenticated Full Path Disclosure — Remember Me ControlsCWE-200 5.3 Medium2024-09-06
CVE-2024-7381 Geo Controller <= 8.6.9 - Missing Authorization to Unauthenticated Shortcode Execution — Geo ControllerCWE-862 5.3 Medium2024-09-05
CVE-2024-5957 Trellix IPS Manager 安全漏洞 — Intrusion Prevention System (IPS) ManagerCWE-305 6.3 Medium2024-09-05
CVE-2024-5956 Trellix IPS Manager 安全漏洞 — Intrusion Prevention System (IPS) ManagerCWE-305 6.5 Medium2024-09-05
CVE-2024-6332 Booking for Appointments and Events Calendar – Amelia Premium <= 7.7 and Lite <= 1.2.4 - Missing Authorization to Sensitive Information Exposure — Booking for Appointments and Events Calendar – AmeliaCWE-862 6.5 Medium2024-09-05

Vulnerabilities classified as access:pre-auth represent 18892 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.