Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

access:pre-auth — CVE vulnerabilities tagged 19252

19252 CVE security advisories tagged "access:pre-auth" with AI Chinese analysis, CVSS, references and POCs.

The tag "access:pre-auth" identifies vulnerabilities that allow unauthenticated attackers to gain unauthorized access to a system, application, or network resource before legitimate credentials are verified. This classification is critical because it represents the lowest barrier to entry for exploitation, enabling remote code execution, data exfiltration, or full system compromise without prior authentication. Typical scenarios involve flaws in authentication mechanisms, such as broken access controls, insecure direct object references, or logic errors in session management that bypass login requirements. Attackers frequently target these weaknesses via exposed APIs, administrative interfaces, or default configurations. Because no user interaction or valid credentials are needed, pre-authentication flaws are among the most severe and widely exploited security issues, often leading to immediate breach of confidentiality, integrity, and availability across affected infrastructure.

CVE IDTitleCVSSSeverityPublished
CVE-2023-22102 Oracle MySQL 安全漏洞 — MySQL Connectors 8.3 High2023-10-17
CVE-2023-22093 Oracle E-Business Suite 安全漏洞 — iRecruitment 6.5 Medium2023-10-17
CVE-2023-22089 Oracle Fusion Middleware 安全漏洞 — WebLogic Server 9.8 Critical2023-10-17
CVE-2023-22091 Oracle Java SE 安全漏洞 — GraalVM Enterprise Edition 4.8 Medium2023-10-17
CVE-2023-22086 Oracle Fusion Middleware 安全漏洞 — WebLogic Server 7.5 High2023-10-17
CVE-2023-22083 Oracle Communications 安全漏洞 — Enterprise Communications Broker 4.3 Medium2023-10-17
CVE-2023-22080 Oracle PeopleSoft Enterprise PeopleTools 安全漏洞 — PeopleSoft Enterprise PT PeopleTools 6.1 Medium2023-10-17
CVE-2023-22081 Oracle Java SE 安全漏洞 — Java SE JDK and JRE 5.3 Medium2023-10-17
CVE-2023-22076 Oracle E-Business Suite 安全漏洞 — Applications Framework 6.1 Medium2023-10-17
CVE-2023-22072 Oracle Fusion Middleware 安全漏洞 — WebLogic Server 9.8 Critical2023-10-17
CVE-2023-22073 Oracle Database Server 安全漏洞 — Database - Enterprise Edition 4.3 Medium2023-10-17
CVE-2023-22069 Oracle Fusion Middleware 安全漏洞 — WebLogic Server 9.8 Critical2023-10-17
CVE-2023-22067 Oracle Java SE 安全漏洞 — Java SE JDK and JRE 5.3 Medium2023-10-17
CVE-2023-22029 Oracle Commerce 安全漏洞 — Commerce Guided Search / Oracle Commerce Experience Manager 6.1 Medium2023-10-17
CVE-2023-22025 Oracle Java SE 安全漏洞 — Java SE JDK and JRE 3.7 Low2023-10-17
CVE-2023-22019 Oracle Fusion Middleware 安全漏洞 — HTTP Server 7.5 High2023-10-17
CVE-2023-39902 NXP Semiconductors i.MX 8M 安全漏洞 — n/a 7.0 High2023-10-17
CVE-2023-45131 Unauthenticated access to new private chat messages in Discourse — discourseCWE-200 7.5 High2023-10-16
CVE-2023-5089 Defender Security < 4.1.0 - Protection Bypass (Hidden Login Page) — Defender Security 6.1 -2023-10-16
CVE-2023-4933 WP Job Openings < 3.4.3 - Sensitive Data Exposure via Directory Listing — WP Job Openings 7.5 -2023-10-16
CVE-2023-4666 Form-Maker < 1.15.20 - Unauthenticated Arbitrary File Upload — Form Maker by 10Web 9.8 -2023-10-16
CVE-2023-5561 WordPress < 6.3.2 - Unauthenticated Post Author Email Disclosure — WordPress 5.3 -2023-10-16
CVE-2023-4687 PageLayer < 1.7.7 - Unauthenticated Stored XSS — Page Builder: Pagelayer 5.3 -2023-10-16
CVE-2023-4950 Funnelforms Free < 3.4 Unauthenticated Stored Cross-Site Scripting — Interactive Contact Form and Multi Step Form Builder with Drag & Drop Editor 6.1 -2023-10-16
CVE-2023-4620 Booking Calendar < 9.7.3.1 - Unauthenticated Stored XSS — Booking Calendar 5.4 -2023-10-16
CVE-2023-45852 Viessmann Vitogate 命令注入漏洞 — n/a 9.8 -2023-10-14
CVE-2023-29464 Rockwell Automation FactoryTalk Linx Vulnerable to Denial-of-Service and Information Disclosure — FactoryTalk Linx CWE-20 8.2 High2023-10-13
CVE-2023-4562 Information Disclosure, Information Tampering and Authentication Bypass Vulnerability in MELSEC-F Series main module — MELSEC-F Series FX3U-16MT/ESCWE-287 9.1 Critical2023-10-13
CVE-2023-44204 Junos OS and Junos OS Evolved: The rpd will crash upon receiving a malformed BGP UPDATE message — Junos OSCWE-1286 6.5 Medium2023-10-12
CVE-2023-44199 Junos OS: MX Series: In a PTP scenario a prolonged routing protocol churn can trigger an FPC reboot — Junos OSCWE-754 7.5 High2023-10-12

Vulnerabilities classified as access:pre-auth represent 19252 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.