Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

access:pre-auth — CVE vulnerabilities tagged 18948

18948 CVE security advisories tagged "access:pre-auth" with AI Chinese analysis, CVSS, references and POCs.

CVE IDTitleCVSSSeverityPublished
CVE-2024-0250 Analytics Insights for Google Analytics 4 < 6.3 - Open Redirect — Analytics Insights for Google Analytics 4 (AIWP) 6.1 -2024-02-12
CVE-2024-0421 MapPress Maps for WordPress < 2.88.16 - Unauthenticated Arbitrary Private/Draft Post Disclosure — MapPress Maps for WordPress 5.3 -2024-02-12
CVE-2023-50292 Apache Solr: Solr Schema Designer blindly "trusts" all configsets, possibly leading to RCE by unauthenticated users — Apache SolrCWE-732 9.8 -2024-02-09
CVE-2024-0842 Backuply - Backup, Restore, Migrate and Clone <= 1.2.6 - Denial of Service — Backuply – Backup, Restore, Migrate and CloneCWE-400 7.5 High2024-02-09
CVE-2024-1122 Event Manager, Events Calendar, Events Tickets for WooCommerce – Eventin <= 3.3.50 - Missing Authorization to Unauthenticated Events Export — Eventin – Event Calendar, Event Registration, Tickets & Booking (AI Powered)CWE-862 5.3 Medium2024-02-09
CVE-2023-43609 Emerson Rosemount GC370XA, GC700XA, GC1500XA Improper Authorization — Rosemount GC370XACWE-863 6.9 Medium2024-02-09
CVE-2023-46687 Emerson Rosemount GC370XA, GC700XA, GC1500XA Command Injection — Rosemount GC370XACWE-77 9.8 Critical2024-02-09
CVE-2023-51761 Emerson Rosemount GC370XA, GC700XA, GC1500XA Improper Authentication — Rosemount GC370XACWE-863 8.3 High2024-02-09
CVE-2024-0965 Simple Page Access Restriction <= 1.0.21 - Improper Access Control to Sensitive Information Exposure via REST API — Simple Page Access RestrictionCWE-284 5.3 Medium2024-02-08
CVE-2024-1207 Booking Calendar <= 9.9 - Unauthenticated SQL Injection — Booking CalendarCWE-89 9.8 Critical2024-02-08
CVE-2024-0511 Royal Elementor Addons and Templates <= 1.3.87 - Cross-Site Request Forgery via wpr_update_form_action_meta — Royal Addons for Elementor – Addons and Templates Kit for ElementorCWE-352 4.3 Medium2024-02-08
CVE-2023-40262 Atos Unify OpenScape 跨站脚本漏洞 — n/a 6.1 -2024-02-08
CVE-2024-23756 Plone 安全漏洞 — n/a 9.1 -2024-02-08
CVE-2023-6536 Kernel: null pointer dereference in __nvmet_req_complete — Red Hat Enterprise Linux 8CWE-476 6.5 Medium2024-02-07
CVE-2023-6356 Kernel: null pointer dereference in nvmet_tcp_build_iovec — Red Hat Enterprise Linux 8CWE-476 6.5 Medium2024-02-07
CVE-2023-6535 Kernel: null pointer dereference in nvmet_tcp_execute_request — Red Hat Enterprise Linux 8CWE-476 6.5 Medium2024-02-07
CVE-2024-20290 Cisco Secure Endpoint 缓冲区错误漏洞 — Cisco Secure EndpointCWE-126 7.5 High2024-02-07
CVE-2024-20255 Cisco Expressway Series 跨站请求伪造漏洞 — Cisco TelePresence Video Communication Server (VCS) ExpresswayCWE-352 8.2 High2024-02-07
CVE-2024-20254 Cisco Expressway Series 跨站请求伪造漏洞 — Cisco TelePresence Video Communication Server (VCS) ExpresswayCWE-352 9.6 Critical2024-02-07
CVE-2024-20252 Cisco Expressway Series 跨站请求伪造漏洞 — Cisco TelePresence Video Communication Server (VCS) ExpresswayCWE-352 9.6 Critical2024-02-07
CVE-2024-24811 Products.SQLAlchemyDA vulnerable to unauthenticated arbitrary SQL query execution — Products.SQLAlchemyDACWE-89 9.8 Critical2024-02-07
CVE-2024-1109 Podlove Podcast Publisher <= 4.0.11 - Missing Authorization to Unauthenticated Data Export — Podlove Podcast PublisherCWE-862 5.3 Medium2024-02-07
CVE-2024-1110 Podlove Podcast Publisher <= 4.0.11 - Missing Authorization to Settings Import — Podlove Podcast PublisherCWE-862 5.3 Medium2024-02-07
CVE-2024-1079 Quiz Maker <= 6.5.2.4 - Missing Authorization to Unauthenticated Quiz Data Retrieval — Quiz MakerCWE-862 5.3 Medium2024-02-07
CVE-2024-1037 All-In-One Security (AIOS) – Security and Firewall <= 5.2.5 - Reflected Cross-Site Scripting — All-In-One Security (AIOS) – Security and FirewallCWE-79 6.1 Medium2024-02-07
CVE-2024-23304 Cybozu KUNAI 安全漏洞 — Cybozu KUNAI for Android 7.5 -2024-02-06
CVE-2023-46359 eCharge Hardy Barth eCharge Ladestation 安全漏洞 — n/a 9.8 -2024-02-06
CVE-2023-6557 The Events Calendar <= 6.2.8.2 - Unauthenticated Sensitive Information Exposure — The Events CalendarCWE-862 5.3 Medium2024-02-05
CVE-2024-0701 UserPro <= 5.1.6 - Disabled Membership Registration Bypass — UserPro - Community and User Profile WordPress PluginCWE-602 5.3 Medium2024-02-05
CVE-2024-0969 ARMember <= 4.0.24 - Improper Access Control to Sensitive Information Exposure via REST API — ARMember – Membership Plugin, Content Restriction, Member Levels, User Profile & User signupCWE-284 5.3 Medium2024-02-05

Vulnerabilities classified as access:pre-auth represent 18948 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.