Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

access:pre-auth — CVE vulnerabilities tagged 19263

19263 CVE security advisories tagged "access:pre-auth" with AI Chinese analysis, CVSS, references and POCs.

The tag "access:pre-auth" identifies vulnerabilities that allow unauthenticated attackers to gain unauthorized access to a system, application, or network resource before legitimate credentials are verified. This classification is critical because it represents the lowest barrier to entry for exploitation, enabling remote code execution, data exfiltration, or full system compromise without prior authentication. Typical scenarios involve flaws in authentication mechanisms, such as broken access controls, insecure direct object references, or logic errors in session management that bypass login requirements. Attackers frequently target these weaknesses via exposed APIs, administrative interfaces, or default configurations. Because no user interaction or valid credentials are needed, pre-authentication flaws are among the most severe and widely exploited security issues, often leading to immediate breach of confidentiality, integrity, and availability across affected infrastructure.

CVE IDTitleCVSSSeverityPublished
CVE-2023-32626 Logitec LAN 安全漏洞 — LAN-W300N/RS 9.8 -2023-08-18
CVE-2023-39415 Proself 授权问题漏洞 — Proself Enterprise/Standard Edition 9.1 -2023-08-18
CVE-2023-4040 WordPress plugin Stripe Payment Plugin for WooCommerce 安全漏洞 — Stripe Payment Plugin for WooCommerce 5.3 Medium2023-08-18
CVE-2023-36846 Junos OS: SRX Series: A vulnerability in J-Web allows an unauthenticated attacker to upload arbitrary files — Junos OSCWE-306 5.3 Medium2023-08-17
CVE-2023-36845 Junos OS: EX and SRX Series: A PHP vulnerability in J-Web allows an unauthenticated to control an important environment variable — Junos OSCWE-473 9.8 Critical2023-08-17
CVE-2023-36844 Junos OS: EX Series: A PHP vulnerability in J-Web allows an unauthenticated attacker to control important environment variables — Junos OSCWE-473 5.3 Medium2023-08-17
CVE-2023-36847 Junos OS: EX Series: A vulnerability in J-Web allows an unauthenticated attacker to upload arbitrary files — Junos OSCWE-306 5.3 Medium2023-08-17
CVE-2023-2917 Rockwell Automation ThinManager Thinserver Software Vulnerable to Input Validation Vulnerability — ThinManager ThinServerCWE-20 9.8 Critical2023-08-17
CVE-2023-2915 Rockwell Automation ThinManager Thinserver Software Vulnerable to Input Validation Vulnerability — ThinManager ThinServerCWE-20 7.5 High2023-08-17
CVE-2023-35009 IBM Cognos Analytics information disclosure — Cognos AnalyticsCWE-209 5.3 Medium2023-08-16
CVE-2023-20197 ClamAV 安全漏洞 — Cisco Secure EndpointCWE-835 7.5 High2023-08-16
CVE-2023-20232 Cisco Unified Contact Center Express 输入验证错误漏洞 — Cisco Unified Contact Center ExpressCWE-20 5.3 Medium2023-08-16
CVE-2023-20222 Cisco Evolved Programmable Network Manager 跨站脚本漏洞 — Cisco Prime InfrastructureCWE-80 4.8 Medium2023-08-16
CVE-2023-20221 Cisco IP Phone 跨站请求伪造漏洞 — Cisco IP Phones with Multiplatform FirmwareCWE-352 6.5 Medium2023-08-16
CVE-2023-20237 Cisco Intersight 命令注入漏洞 — Cisco Intersight Virtual ApplianceCWE-284 4.3 Medium2023-08-16
CVE-2023-20242 Cisco Unified Communications Manager 跨站脚本漏洞 — Cisco Unified Communications ManagerCWE-79 4.8 Medium2023-08-16
CVE-2023-20228 Cisco Integrated Management Controller 跨站脚本漏洞 — Cisco Identity Services Engine SoftwareCWE-80 6.1 Medium2023-08-16
CVE-2023-40349 Jenkins Plugin Gogs 安全漏洞 — Jenkins Gogs Plugin 7.5 -2023-08-16
CVE-2023-40348 Jenkins Plugin Gogs 安全漏洞 — Jenkins Gogs Plugin 5.3 -2023-08-16
CVE-2023-4308 User Submitted Posts <= 20230809 - Unauthenticated Stored Cross-Site Scripting via 'user-submitted-content' — User Submitted Posts – Enable Users to Submit Posts from the Front EndCWE-79 7.2 High2023-08-15
CVE-2022-32876 Apple macOS Ventura 安全漏洞 — macOS 6.2 -2023-08-14
CVE-2023-3435 User Activity Log < 1.6.5 - Unauthenticated SQLi — User Activity Log 9.8 -2023-08-14
CVE-2023-28768 Zyxel XGS2220-30 安全漏洞 — XGS2220-30 firmwareCWE-755 6.5 Medium2023-08-14
CVE-2023-3266 CyberPower PowerPanel Business Edition 安全漏洞 — PowerPanel EnterpriseCWE-358 9.8 Critical2023-08-14
CVE-2023-3265 Cyber Power Systems CyberPower PowerPanel Enterprise 安全漏洞 — PowerPanel EnterpriseCWE-150 9.8 Critical2023-08-14
CVE-2023-32748 Mitel MiVoice Connect 安全漏洞 — n/a 8.8 -2023-08-14
CVE-2023-40293 Harman Infotainment 命令注入漏洞 — n/a 9.8 -2023-08-14
CVE-2023-3452 Canto <= 3.0.4 - Unauthenticated Remote File Inclusion — CantoCWE-98 9.8 Critical2023-08-12
CVE-2022-29887 Intel Manageability Commander 跨站脚本漏洞 — Intel(R) Manageability Commander software 8.1 High2023-08-11
CVE-2023-27515 Intel Driver and Support Assistant 跨站脚本漏洞 — Intel(R) DSA software 8.1 High2023-08-11

Vulnerabilities classified as access:pre-auth represent 19263 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.