Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

access:pre-auth — CVE vulnerabilities tagged 18893

18893 CVE security advisories tagged "access:pre-auth" with AI Chinese analysis, CVSS, references and POCs.

CVE IDTitleCVSSSeverityPublished
CVE-2024-6828 Redux Framework 4.4.12 - 4.4.17 - Unauthenticated JSON File Upload to Stored Cross-Site Scripting — Redux FrameworkCWE-434 7.2 High2024-07-23
CVE-2024-6911 Unauthenticated Local File Inclusion — ProcessPlusCWE-552 7.5AIHighAI2024-07-22
CVE-2024-40634 Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint — argo-cdCWE-400 7.5 High2024-07-22
CVE-2024-39601 Siemens CPCI85 Central Processing和SICORE Base system 访问控制错误漏洞 — CPCI85 Central Processing/CommunicationCWE-306 6.5 Medium2024-07-22
CVE-2024-34329 Entrust Datacard XPS Card Printer Driver 安全漏洞 — n/a 7.8AIHighAI2024-07-22
CVE-2024-39250 EfroTech Timetrax 安全漏洞 — n/a 9.8AICriticalAI2024-07-22
CVE-2024-6636 WooCommerce - Social Login <= 2.7.3 - Missing Authorization to Unauthenticated Privilege Escalation — WooCommerce - Social LoginCWE-862 9.8 Critical2024-07-20
CVE-2024-6635 WooCommerce - Social Login <= 2.7.3 - Unauthenticated Authentication Bypass — WooCommerce - Social LoginCWE-288 7.3 High2024-07-20
CVE-2024-6637 WooCommerce - Social Login <= 2.7.3 - Unauthenticated Privilege Escalation via One-Time Password — WooCommerce - Social LoginCWE-305 7.3 High2024-07-20
CVE-2024-6560 Addonify – Quick View For WooCommerce <= 1.2.16 - Unauthenticated Full Path Dislcosure — Addonify – Quick View For WooCommerceCWE-200 5.3 Medium2024-07-20
CVE-2024-5804 Conditional Fields for Contact Form 7 <= 2.4.13 - Cross-Site Request Forgery to Plugin Setting Reset — Conditional Fields for Contact Form 7CWE-352 4.3 Medium2024-07-20
CVE-2024-40348 Bazarr 安全漏洞 — n/a 7.5 -2024-07-20
CVE-2024-6205 PayPlus Payment Gateway < 6.6.9 - Unauthenticated SQLi — PayPlus Payment Gateway 9.8 -2024-07-19
CVE-2024-6455 ElementsKit Elementor addons <= 3.2.0 - Unauthenticated Information Exposure via ekit_widgetarea_content Function — ElementsKit Elementor Addons – Advanced Widgets & Templates Addons for ElementorCWE-200 5.3 Medium2024-07-18
CVE-2024-40764 SonicWALL SonicOS IPSec VPN 安全漏洞 — SonicOSCWE-122 9.1AICriticalAI2024-07-18
CVE-2024-6164 Filter & Grids < 2.8.33 - Unauthenticated LFI — Filter & Grids 9.8AICriticalAI2024-07-18
CVE-2024-20396 Cisco Webex 安全漏洞 — Cisco Webex TeamsCWE-200 5.3 Medium2024-07-17
CVE-2024-20395 Cisco Webex 安全漏洞 — Cisco Webex TeamsCWE-523 6.4 Medium2024-07-17
CVE-2024-20400 Cisco Expressway Series 安全漏洞 — Cisco TelePresence Video Communication Server (VCS) ExpresswayCWE-601 4.7 Medium2024-07-17
CVE-2024-20323 Cisco Intelligent Node 安全漏洞 — Cisco Intelligent Node ManagerCWE-321 7.5 High2024-07-17
CVE-2024-20419 Cisco Smart Software Manager On-Prem 安全漏洞 — Cisco Smart Software Manager On-PremCWE-620 10.0 Critical2024-07-17
CVE-2024-20401 Cisco Secure Email 安全漏洞 — Cisco Secure EmailCWE-36 9.8 Critical2024-07-17
CVE-2024-23470 SolarWinds Access Rights Manager (ARM) UserScriptHumster Exposed Dangerous Method Remote Command Execution Vulnerability — Access Rights ManagerCWE-287 9.6 Critical2024-07-17
CVE-2024-23467 SolarWinds Access Rights Manager Directory Traversal Remote Code Execution Vulnerability — Access Rights ManagerCWE-22 9.6 Critical2024-07-17
CVE-2024-23466 SolarWinds Access Rights Manager Directory Traversal Remote Code Execution Vulnerability — Access Rights ManagerCWE-22 9.6 Critical2024-07-17
CVE-2024-23465 SolarWinds Access Rights Manager (ARM) ChangeHumster Exposed Dangerous Method Authentication Bypass Vulnerability — Access Rights ManagerCWE-287 8.3 High2024-07-17
CVE-2024-23469 SolarWinds Access Rights Manager Exposed Dangerous Method Remote Code Execution Vulnerability — Access Rights ManagerCWE-20 9.6 Critical2024-07-17
CVE-2024-23475 SolarWinds Access Rights Manager Directory Traversal and Information Disclosure Vulnerability — Access Rights ManagerCWE-22 9.6 Critical2024-07-17
CVE-2024-28993 SolarWinds Access Rights Manager Directory Traversal and Information Disclosure Vulnerability — Access Rights ManagerCWE-22 7.6 High2024-07-17
CVE-2024-28992 SolarWinds Access Rights Manager Directory Traversal and Information Disclosure Vulnerability — Access Rights ManagerCWE-287 7.6 High2024-07-17

Vulnerabilities classified as access:pre-auth represent 18893 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.