Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1110 CNY

100%
Buy Us a Coffee

access:pre-auth — CVE vulnerabilities tagged 19393

19393 CVE security advisories tagged "access:pre-auth" with AI Chinese analysis, CVSS, references and POCs.

The tag "access:pre-auth" identifies vulnerabilities that allow unauthenticated attackers to gain unauthorized access to a system, application, or network resource before legitimate credentials are verified. This classification is critical because it represents the lowest barrier to entry for exploitation, enabling remote code execution, data exfiltration, or full system compromise without prior authentication. Typical scenarios involve flaws in authentication mechanisms, such as broken access controls, insecure direct object references, or logic errors in session management that bypass login requirements. Attackers frequently target these weaknesses via exposed APIs, administrative interfaces, or default configurations. Because no user interaction or valid credentials are needed, pre-authentication flaws are among the most severe and widely exploited security issues, often leading to immediate breach of confidentiality, integrity, and availability across affected infrastructure.

CVE IDTitleCVSSSeverityPublished
CVE-2022-41217 Cloudflow - Unauthenticated file upload vulnerability — CloudflowCWE-434 9.8 Critical2023-02-22
CVE-2023-22974 OpenEMR 安全漏洞 — n/a 7.5 -2023-02-22
CVE-2023-0942 Japanized For WooCommerce <= 2.5.4 - Reflected Cross-Site Scripting — Japanized for WooCommerceCWE-79 6.1 Medium2023-02-21
CVE-2023-24320 Axcora POS 安全漏洞 — n/a 9.8 -2023-02-21
CVE-2023-23695 Dell EMC Secure Connect Gateway 加密问题漏洞 — Secure Connect Gateway (SCG) 5.0 Appliance - SRSCWE-327 5.9 Medium2023-02-17
CVE-2023-21593 Adobe InDesign SVG file NULL Pointer Dereference Application denial-of-service — InDesignCWE-476 5.5 Medium2023-02-17
CVE-2022-20803 ClamAV Double-free Vulnerability in the OLE2 File Parser — ClamAVCWE-415 8.6 High2023-02-17
CVE-2022-35729 Intel Integrated Baseboard Management Controller 缓冲区错误漏洞 — OpenBMC 7.5 High2023-02-16
CVE-2022-30692 Intel SUR 代码问题漏洞 — Intel(R) SUR software 5.9 Medium2023-02-16
CVE-2022-33964 Intel SUR 输入验证错误漏洞 — Intel(R) SUR software 7.4 High2023-02-16
CVE-2022-29514 Intel SUR 安全漏洞 — Intel(R) SUR software 7.7 High2023-02-16
CVE-2022-25987 Intel(R) oneAPI DPC++/C++ Compiler 安全漏洞 — Intel(R) C++ Compiler Classic 8.3 High2023-02-16
CVE-2022-26843 Intel(R) oneAPI DPC++/C++ Compiler 安全漏洞 — Intel(R) oneAPI DPC++/C++ Compiler 8.3 High2023-02-16
CVE-2022-39952 Fortinet FortiNAC 安全漏洞 — FortiNACCWE-73 9.8 Critical2023-02-16
CVE-2022-41334 Fortinet FortiOS 跨站脚本漏洞 — FortiOSCWE-79 8.6 High2023-02-16
CVE-2022-39948 Fortinet FortiOS 信任管理问题漏洞 — FortiProxyCWE-295 4.4 Medium2023-02-16
CVE-2022-30304 Fortinet FortiWeb 跨站脚本漏洞 — FortiAnalyzerCWE-79 4.2 Medium2023-02-16
CVE-2022-38375 Fortinet FortiNAC 安全漏洞 — FortiNACCWE-285 8.6 Critical2023-02-16
CVE-2021-42756 Fortinet FortiWeb 缓冲区错误漏洞 — FortiWebCWE-121 9.3 Critical2023-02-16
CVE-2021-42761 Fortinet FortiWeb 授权问题漏洞 — FortiWebCWE-384 8.5 Critical2023-02-16
CVE-2023-20085 Cisco Identity Services Engine 跨站脚本漏洞 — Cisco Identity Services Engine SoftwareCWE-79 6.1 Medium2023-02-16
CVE-2023-20053 Cisco Nexus Dashboard 跨站脚本漏洞 — Cisco Nexus DashboardCWE-79 6.1 Medium2023-02-16
CVE-2022-20952 Cisco Secure Web Appliance 输入验证错误漏洞 — Cisco Secure Web ApplianceCWE-20 5.3 Medium2023-02-16
CVE-2023-20052 ClamAV 安全漏洞 — Cisco Secure EndpointCWE-611 5.3 Medium2023-02-16
CVE-2023-20014 Cisco Nexus Dashboard 资源管理错误漏洞 — Cisco Nexus DashboardCWE-399 7.5 High2023-02-16
CVE-2023-20032 ClamAV 缓冲区错误漏洞 — Cisco Secure Web ApplianceCWE-120 9.8 Critical2023-02-16
CVE-2022-27891 Palantir Gotham included an unauthenticated endpoint that listed all active usernames in the platform with an active session. — GothamCWE-200 5.3 Medium2023-02-16
CVE-2022-27892 Palantir Gotham included an endpoint that would log arbitrary sized payloads. — GothamCWE-20 5.3 Medium2023-02-16
CVE-2022-27897 Palantir Gotham included an endpoint that would log arbitrary sized zip files. — GothamCWE-20 5.3 Medium2023-02-16
CVE-2023-25578 Starlite DoS vulnerability when parsing multipart request body — starliteCWE-770 7.5 High2023-02-15

Vulnerabilities classified as access:pre-auth represent 19393 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.