Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

access:pre-auth — CVE vulnerabilities tagged 18948

18948 CVE security advisories tagged "access:pre-auth" with AI Chinese analysis, CVSS, references and POCs.

CVE IDTitleCVSSSeverityPublished
CVE-2024-21614 Junos OS and Junos OS Evolved: A specific query via DREND causes rpd crash — Junos OSCWE-754 7.5 High2024-01-12
CVE-2024-21613 Junos OS and Junos OS Evolved: A link flap causes patroot memory leak which leads to rpd crash — Junos OSCWE-401 6.5 Medium2024-01-12
CVE-2024-21612 Junos OS Evolved: Specific TCP traffic causes OFP core and restart of RE — Junos OS EvolvedCWE-228 7.5 High2024-01-12
CVE-2024-21611 Junos OS and Junos OS Evolved: In a jflow scenario continuous route churn will cause a memory leak and eventually an rpd crash — Junos OSCWE-401 7.5 High2024-01-12
CVE-2024-21607 Junos OS: MX Series and EX9200 Series: If the "tcp-reset" option used in an IPv6 filter, matched packets are accepted instead of rejected — Junos OSCWE-447 5.3 Medium2024-01-12
CVE-2024-21606 Junos OS: SRX Series: When "tcp-encap" is configured and specific packets are received flowd will crash — Junos OSCWE-415 7.5 High2024-01-12
CVE-2024-21604 Junos OS Evolved: A high rate of specific traffic will cause a complete system outage — Junos OS EvolvedCWE-770 7.5 High2024-01-12
CVE-2024-21602 Junos OS Evolved: ACX7024, ACX7100-32C and ACX7100-48L: Traffic stops when a specific IPv4 UDP packet is received by the RE — Junos OS EvolvedCWE-476 7.5 High2024-01-12
CVE-2024-21601 Junos OS: SRX Series: Due to an error in processing TCP events flowd will crash — Junos OSCWE-362 5.9 Medium2024-01-12
CVE-2024-21600 Junos OS: PTX Series: In an FTI scenario MPLS packets hitting reject next-hop will cause a host path wedge condition — Junos OSCWE-76 6.5 Medium2024-01-12
CVE-2024-21599 Junos OS: MX Series: MPC3E memory leak with PTP configuration — Junos OSCWE-401 6.5 Medium2024-01-12
CVE-2024-21597 Junos OS: MX Series: In an AF scenario traffic can bypass configured lo0 firewall filters — Junos OSCWE-668 5.3 Medium2024-01-12
CVE-2024-21596 Junos OS and Junos OS Evolved: A specific BGP UPDATE message will cause a crash in the backup Routing Engine in NSR-enabled devices — Junos OSCWE-122 5.3 Medium2024-01-12
CVE-2024-21595 Junos OS: EX4100, EX4400, EX4600, QFX5000 Series: A high rate of specific ICMP traffic will cause the PFE to hang — Junos OSCWE-1286 7.5 High2024-01-12
CVE-2024-21591 Junos OS: SRX Series and EX Series: Security Vulnerability in J-web allows a preAuth Remote Code Execution — Junos OSCWE-787 9.8 Critical2024-01-12
CVE-2024-21589 Paragon Active Assurance Control Center: Information disclosure vulnerability — Paragon Active AssuranceCWE-284 7.4 High2024-01-12
CVE-2024-21585 Junos OS and Junos OS Evolved: BGP session flaps on NSR-enabled devices can cause rpd crash — Junos OSCWE-755 5.9 Medium2024-01-12
CVE-2023-36842 Junos OS: jdhcpd will hang on receiving a specific DHCP packet — Junos OSCWE-703 6.5 Medium2024-01-12
CVE-2023-48166 Atos Unify OpenScape 安全漏洞 — n/a 7.5 -2024-01-12
CVE-2023-6242 EventON - WordPress Virtual Event Calendar Plugin Pro <= 4.5.4 & Free <= 2.2.7 - Cross-Site Request Forgery via evo_eventpost_update_meta — EventON – Events CalendarCWE-352 6.5 Medium2024-01-11
CVE-2023-6244 EventON - WordPress Virtual Event Calendar Plugin <= 4.5.4 (Pro) & <= 2.2.8 (Free) - Cross-Site Request Forgery via save_virtual_event_settings — EventON – Events CalendarCWE-352 6.5 Medium2024-01-11
CVE-2023-6582 ElementsKit Lite <= 3.0.3 - Unauthenticated Sensitive Information Exposure — ElementsKit Elementor Addons – Advanced Widgets & Templates Addons for ElementorCWE-284 5.3 Medium2024-01-11
CVE-2023-6875 POST SMTP Mailer – Email log, Delivery Failure Notifications and Best Mail SMTP for WordPress <= 2.8.7 - Authorization Bypass via type connect-app API — Post SMTP – Complete Email Deliverability and SMTP Solution with Email Logs, Alerts, Backup SMTP & Mobile AppCWE-639 9.8 Critical2024-01-11
CVE-2023-4247 GiveWP <= 2.33.3 - Cross-Site Request Forgery to plugin deactivation — GiveWP – Donation Plugin and Fundraising PlatformCWE-352 5.4 Medium2024-01-11
CVE-2023-4246 GiveWP <= 2.33.3 - Cross-Site Request Forgery to plugin installation — GiveWP – Donation Plugin and Fundraising PlatformCWE-352 4.3 Medium2024-01-11
CVE-2023-6751 Hostinger <= 1.9.7 - Missing Authorization to Maintenance Mode Activation — Hostinger ToolsCWE-862 7.3 High2024-01-11
CVE-2023-6638 GTG Product Feed for Shopping <= 1.2.4 - Missing Authorization to Unauthenticated Plugin Settings Update — GG Woo Feed for WooCommerce Shopping Feed on Google and Other ChannelsCWE-862 6.5 Medium2024-01-11
CVE-2023-6737 Enable Media Replace <= 4.1.4 - Reflected Cross-Site Scripting — Enable Media ReplaceCWE-79 4.7 Medium2024-01-11
CVE-2023-7048 My Sticky Bar <= 2.6.6 - Cross-Site Request Forgery to Sensitive Information Exposure — My Sticky Bar – Floating Notification Bar & Sticky Header (formerly myStickymenu)CWE-352 3.1 Low2024-01-11
CVE-2023-6316 MW WP Form <= 5.0.1 - Unauthenticated Arbitrary File Upload — MW WP FormCWE-434 9.8 Critical2024-01-11

Vulnerabilities classified as access:pre-auth represent 18948 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.