Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

access:pre-auth — CVE vulnerabilities tagged 19284

19284 CVE security advisories tagged "access:pre-auth" with AI Chinese analysis, CVSS, references and POCs.

The tag "access:pre-auth" identifies vulnerabilities that allow unauthenticated attackers to gain unauthorized access to a system, application, or network resource before legitimate credentials are verified. This classification is critical because it represents the lowest barrier to entry for exploitation, enabling remote code execution, data exfiltration, or full system compromise without prior authentication. Typical scenarios involve flaws in authentication mechanisms, such as broken access controls, insecure direct object references, or logic errors in session management that bypass login requirements. Attackers frequently target these weaknesses via exposed APIs, administrative interfaces, or default configurations. Because no user interaction or valid credentials are needed, pre-authentication flaws are among the most severe and widely exploited security issues, often leading to immediate breach of confidentiality, integrity, and availability across affected infrastructure.

CVE IDTitleCVSSSeverityPublished
CVE-2023-35009 IBM Cognos Analytics information disclosure — Cognos AnalyticsCWE-209 5.3 Medium2023-08-16
CVE-2023-20197 ClamAV 安全漏洞 — Cisco Secure EndpointCWE-835 7.5 High2023-08-16
CVE-2023-20232 Cisco Unified Contact Center Express 输入验证错误漏洞 — Cisco Unified Contact Center ExpressCWE-20 5.3 Medium2023-08-16
CVE-2023-20222 Cisco Evolved Programmable Network Manager 跨站脚本漏洞 — Cisco Prime InfrastructureCWE-80 4.8 Medium2023-08-16
CVE-2023-20221 Cisco IP Phone 跨站请求伪造漏洞 — Cisco IP Phones with Multiplatform FirmwareCWE-352 6.5 Medium2023-08-16
CVE-2023-20237 Cisco Intersight 命令注入漏洞 — Cisco Intersight Virtual ApplianceCWE-284 4.3 Medium2023-08-16
CVE-2023-20242 Cisco Unified Communications Manager 跨站脚本漏洞 — Cisco Unified Communications ManagerCWE-79 4.8 Medium2023-08-16
CVE-2023-20228 Cisco Integrated Management Controller 跨站脚本漏洞 — Cisco Identity Services Engine SoftwareCWE-80 6.1 Medium2023-08-16
CVE-2023-40349 Jenkins Plugin Gogs 安全漏洞 — Jenkins Gogs Plugin 7.5 -2023-08-16
CVE-2023-40348 Jenkins Plugin Gogs 安全漏洞 — Jenkins Gogs Plugin 5.3 -2023-08-16
CVE-2023-4308 User Submitted Posts <= 20230809 - Unauthenticated Stored Cross-Site Scripting via 'user-submitted-content' — User Submitted Posts – Enable Users to Submit Posts from the Front EndCWE-79 7.2 High2023-08-15
CVE-2022-32876 Apple macOS Ventura 安全漏洞 — macOS 6.2 -2023-08-14
CVE-2023-3435 User Activity Log < 1.6.5 - Unauthenticated SQLi — User Activity Log 9.8 -2023-08-14
CVE-2023-28768 Zyxel XGS2220-30 安全漏洞 — XGS2220-30 firmwareCWE-755 6.5 Medium2023-08-14
CVE-2023-3266 CyberPower PowerPanel Business Edition 安全漏洞 — PowerPanel EnterpriseCWE-358 9.8 Critical2023-08-14
CVE-2023-3265 Cyber Power Systems CyberPower PowerPanel Enterprise 安全漏洞 — PowerPanel EnterpriseCWE-150 9.8 Critical2023-08-14
CVE-2023-32748 Mitel MiVoice Connect 安全漏洞 — n/a 8.8 -2023-08-14
CVE-2023-40293 Harman Infotainment 命令注入漏洞 — n/a 9.8 -2023-08-14
CVE-2023-3452 Canto <= 3.0.4 - Unauthenticated Remote File Inclusion — CantoCWE-98 9.8 Critical2023-08-12
CVE-2022-29887 Intel Manageability Commander 跨站脚本漏洞 — Intel(R) Manageability Commander software 8.1 High2023-08-11
CVE-2023-27515 Intel Driver and Support Assistant 跨站脚本漏洞 — Intel(R) DSA software 8.1 High2023-08-11
CVE-2023-28380 Intel AI Hackathon 代码问题漏洞 — Intel(R) AI Hackathon software 8.8 High2023-08-11
CVE-2023-25775 Intel Ethernet Controllers 安全漏洞 — Intel(R) Ethernet Controller RDMA driver for linux 5.6 Medium2023-08-11
CVE-2022-36392 Intel AMT SDK 安全漏洞 — Intel(R) AMT and Intel(R) Standard Manageability in Intel (R) CSME 8.6 High2023-08-11
CVE-2022-36351 Intel PROSet/Wireless WiFi Software 安全漏洞 — Intel(R) PROSet/Wireless WiFi and Killer(TM) WiFi software 4.3 Medium2023-08-11
CVE-2023-32563 Ivanti Avalanche 路径遍历漏洞 — Avalanche 9.8 -2023-08-10
CVE-2023-39959 Existence of calendars and address books can be checked by unauthenticated users — security-advisoriesCWE-284 3.5 Low2023-08-10
CVE-2023-38210 Other | Uncontrolled Resource Consumption (CWE-400) — XMP ToolkitCWE-400 5.5 Medium2023-08-10
CVE-2023-38245 Adobe Acrobat Reader DC ActiveX Control (AxAcroPDFLib.AxAcroPDF) src NTLMv2 SSO Hash Theft Vulnerability — Acrobat ReaderCWE-200 5.5 Medium2023-08-10
CVE-2023-4276 Absolute Privacy <= 2.1 - Cross-Site Request Forgery to User Email/Password Change — Absolute PrivacyCWE-352 8.8 High2023-08-10

Vulnerabilities classified as access:pre-auth represent 19284 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.