Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

access:pre-auth — CVE vulnerabilities tagged 19252

19252 CVE security advisories tagged "access:pre-auth" with AI Chinese analysis, CVSS, references and POCs.

The tag "access:pre-auth" identifies vulnerabilities that allow unauthenticated attackers to gain unauthorized access to a system, application, or network resource before legitimate credentials are verified. This classification is critical because it represents the lowest barrier to entry for exploitation, enabling remote code execution, data exfiltration, or full system compromise without prior authentication. Typical scenarios involve flaws in authentication mechanisms, such as broken access controls, insecure direct object references, or logic errors in session management that bypass login requirements. Attackers frequently target these weaknesses via exposed APIs, administrative interfaces, or default configurations. Because no user interaction or valid credentials are needed, pre-authentication flaws are among the most severe and widely exploited security issues, often leading to immediate breach of confidentiality, integrity, and availability across affected infrastructure.

CVE IDTitleCVSSSeverityPublished
CVE-2023-44198 Junos OS: SRX Series and MX Series: SIP ALG doesn't drop specifically malformed retransmitted SIP packets — Junos OSCWE-754 5.8 Medium2023-10-12
CVE-2023-44197 Junos OS and Junos OS Evolved: An rpd crash may occur when BGP is processing newly learned routes — Junos OSCWE-787 7.5 High2023-10-12
CVE-2023-44196 Junos OS Evolved: PTX10003 Series: Packets which are not destined to the router can reach the RE — Junos OS EvolvedCWE-754 6.5 Medium2023-10-12
CVE-2023-44195 Junos OS Evolved: Packets which are not destined to the router can reach the RE — Junos OS EvolvedCWE-923 5.4 Medium2023-10-12
CVE-2023-44194 Junos OS: An unauthenticated attacker with local access to the device can create a backdoor with root privileges — Junos OSCWE-276 8.4 High2023-10-12
CVE-2023-44192 Junos OS: QFX5000 Series: DMA memory leak is observed when specific DHCP packets are transmitted over pseudo-VTEP — Junos OSCWE-20 7.5 High2023-10-12
CVE-2023-44191 Junos OS: QFX5000 Series and EX4000 Series: Denial of Service (DoS) on a large scale VLAN due to PFE hogging — Junos OSCWE-770 7.5 High2023-10-12
CVE-2023-44183 Junos OS: QFX5000 Series, EX4600 Series: In a VxLAN scenario an adjacent attacker within the VxLAN sending genuine packets may cause a DMA memory leak to occur. — Junos OSCWE-20 6.5 Medium2023-10-12
CVE-2023-36843 Junos OS: SRX Series: The PFE will crash on receiving malformed SSL traffic when Sky ATP is enabled — Junos OSCWE-168 7.5 High2023-10-12
CVE-2023-36841 Junos OS: MX Series: Receipt of malformed TCP traffic will cause a Denial of Service — Junos OSCWE-400 7.5 High2023-10-12
CVE-2023-36839 Junos OS and Junos OS Evolved: An l2cpd crash will occur when specific LLDP packets are received — Junos OSCWE-1284 6.5 Medium2023-10-12
CVE-2023-22392 Junos OS: PTX Series and QFX10000 Series: Received flow-routes which aren't installed as the hardware doesn't support them, lead to an FPC heap memory leak — Junos OSCWE-401 6.5 Medium2023-10-12
CVE-2023-27314 Denial of Service Vulnerability in ONTAP 9 — ONTAP 9CWE-400 7.5 High2023-10-12
CVE-2023-5531 Thumbnail Slider With Lightbox <= 1.0 - Cross-Site Request Forgery — Thumbnail Slider With LightboxCWE-352 4.3 Medium2023-10-12
CVE-2023-41261 Plixer Scrutinizer 授权问题漏洞 — n/a 7.5 -2023-10-12
CVE-2023-41262 Scrutinizer NetFlow & sFlow Analyzer SQL注入漏洞 — n/a 9.8 -2023-10-12
CVE-2023-41263 Scrutinizer NetFlow & sFlow Analyzer 日志信息泄露漏洞 — n/a 7.5 -2023-10-12
CVE-2023-45194 Micro Research MR-GM Series 信任管理问题漏洞 — MR-GM2 6.5 -2023-10-11
CVE-2023-4309 Election Services SQL注入漏洞 — Internet Election ServiceCWE-89 10.0 Critical2023-10-10
CVE-2023-42782 Fortinet FortiAnalyzer 数据伪造问题漏洞 — FortiAnalyzerCWE-345 5.0 Medium2023-10-10
CVE-2023-41675 Fortinet FortiOS 和 FortiProxy 资源管理错误漏洞 — FortiOSCWE-416 4.8 Medium2023-10-10
CVE-2023-30806 Sangfor Next-Gen Application Firewall PHPSESSID Command Injection — Net-Gen Application FirewallCWE-78 9.8 Critical2023-10-10
CVE-2023-30805 Sangfor Next-Gen Application Firewall Login Un Param Command Injection — Net-Gen Application FirewallCWE-78 9.8 Critical2023-10-10
CVE-2023-30804 Sangfor Next-Gen Application Firewall Authenticated File Disclosure — Net-Gen Application FirewallCWE-200 4.9 Medium2023-10-10
CVE-2023-30803 Sangfor Next-Gen Application Firewall Authentication Bypass — Net-Gen Application FirewallCWE-290 9.8 Critical2023-10-10
CVE-2023-30802 Sangfor Next-Gen Application Firewall Source Code Disclosure — Net-Gen Application FirewallCWE-540 5.3 Medium2023-10-10
CVE-2023-43625 Siemens Simcenter Amesim 代码注入漏洞 — Simcenter AmesimCWE-94 9.8 Critical2023-10-10
CVE-2023-43623 Siemens Mendix 安全漏洞 — Mendix Forgot Password (Mendix 10 compatible)CWE-203 5.3 Medium2023-10-10
CVE-2023-4469 Profile Extra Fields by BestWebSoft <= 1.2.7 - Missing Authorization to Sensitive Information Exposure — Profile Extra Fields by BestWebSoftCWE-862 5.3 Medium2023-10-06
CVE-2023-32485 Dell SmartFabric Storage Software 输入验证错误漏洞 — Dell SmartFabric Storage SoftwareCWE-20 9.8 Critical2023-10-05

Vulnerabilities classified as access:pre-auth represent 19252 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.