Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1110 CNY

100%
Buy Us a Coffee

access:pre-auth — CVE vulnerabilities tagged 19393

19393 CVE security advisories tagged "access:pre-auth" with AI Chinese analysis, CVSS, references and POCs.

The tag "access:pre-auth" identifies vulnerabilities that allow unauthenticated attackers to gain unauthorized access to a system, application, or network resource before legitimate credentials are verified. This classification is critical because it represents the lowest barrier to entry for exploitation, enabling remote code execution, data exfiltration, or full system compromise without prior authentication. Typical scenarios involve flaws in authentication mechanisms, such as broken access controls, insecure direct object references, or logic errors in session management that bypass login requirements. Attackers frequently target these weaknesses via exposed APIs, administrative interfaces, or default configurations. Because no user interaction or valid credentials are needed, pre-authentication flaws are among the most severe and widely exploited security issues, often leading to immediate breach of confidentiality, integrity, and availability across affected infrastructure.

CVE IDTitleCVSSSeverityPublished
CVE-2021-33925 cms-corephp SQL注入漏洞 — n/a 9.8 -2023-02-15
CVE-2022-22564 Dell EMC Unity 加密问题漏洞 — UnityCWE-327 5.9 Medium2023-02-14
CVE-2023-25614 SAP NetWeaver AS 跨站脚本漏洞 — NetWeaver AS ABAP (BSP Framework)CWE-79 6.1 Medium2023-02-14
CVE-2023-24522 SAP NetWeaver AS 跨站脚本漏洞 — NetWeaver AS ABAP (BSP Framework)CWE-79 6.1 Medium2023-02-14
CVE-2023-24521 SAP NetWeaver AS 跨站脚本漏洞 — NetWeaver AS ABAP (BSP Framework)CWE-79 6.1 Medium2023-02-14
CVE-2023-23860 SAP NetWeaver AS 输入验证错误漏洞 — NetWeaver AS for ABAP and ABAP PlatformCWE-601 6.1 Medium2023-02-14
CVE-2023-23859 SAP NetWeaver AS 跨站脚本漏洞 — NetWeaver AS for ABAP and ABAP PlatformCWE-79 6.1 Medium2023-02-14
CVE-2023-23858 SAP NetWeaver AS 跨站脚本漏洞 — SAP NetWeaver AS for ABAP and ABAP PlatformCWE-79 6.1 Medium2023-02-14
CVE-2023-23853 SAP NetWeaver Application Server 输入验证错误漏洞 — NetWeaver Application Server for ABAP and ABAP PlatformCWE-601 6.1 Medium2023-02-14
CVE-2023-22375 Wired/Wireless LAN Pan/Tilt Network Camera CS-WMV02G 跨站请求伪造漏洞 — Wired/Wireless LAN Pan/Tilt Network Camera CS-WMV02G 8.8 -2023-02-14
CVE-2023-22376 Wired/Wireless LAN Pan/Tilt Network Camera CS-WMV02G 跨站脚本漏洞 — Wired/Wireless LAN Pan/Tilt Network Camera CS-WMV02G 6.1 -2023-02-14
CVE-2023-0655 SonicWall Email 安全漏洞 — SonicWall Email SecurityCWE-209 5.3 -2023-02-14
CVE-2022-3891 WP FullCalendar < 1.5 - Unauthenticated Arbitrary Post Access — WP FullCalendar 5.3 -2023-02-13
CVE-2023-0159 Extensive VC Addons for WPBakery page builder < 1.9.1 - Unauthenticated RCE — Extensive VC Addons for WPBakery page builder 7.5 -2023-02-13
CVE-2022-4445 FL3R FeelBox <= 8.1 - Unauthenticated SQLi — FL3R FeelBox 9.8 -2023-02-13
CVE-2022-45724 COMFAST CF-WR6110N 授权问题漏洞 — n/a 6.3 -2023-02-13
CVE-2022-48323 Sunlogin Sunflower Simplified 路径遍历漏洞 — n/a 9.8 -2023-02-13
CVE-2023-22367 Ichiran 信任管理问题漏洞 — Ichiran App for iOS and Ichiran App for Android 5.9 -2023-02-13
CVE-2023-22854 Mitel MiContact Center Business 安全漏洞 — n/a 7.5 -2023-02-13
CVE-2023-25717 Ruckus Wireless SmartZone 代码注入漏洞 — n/a 9.8 -2023-02-13
CVE-2023-25561 Login fail open on JAAS misconfiguration in DataHub — datahubCWE-755 5.7 Medium2023-02-10
CVE-2022-46675 Dell Wyse Management Suite 安全漏洞 — Wyse Management SuiteCWE-209 5.3 Medium2023-02-10
CVE-2022-34448 Dell PowerPath Management Appliance 跨站请求伪造漏洞 — PowerPath Management ApplianceCWE-352 8.8 High2023-02-10
CVE-2022-34444 Dell PowerScale OneFS 加密问题漏洞 — PowerScale OneFSCWE-327 5.9 Medium2023-02-10
CVE-2022-34389 Dell SupportAssist for Home PCs 安全漏洞 — SupportAssist CWE-307 3.7 Low2023-02-10
CVE-2022-24410 Dell BIOS 安全漏洞 — CPG BIOSCWE-200 6.8 Medium2023-02-10
CVE-2022-45699 APsystems Energy Communication Unit 操作系统命令注入漏洞 — n/a 9.8 -2023-02-10
CVE-2022-3568 ImageMagick Engine <= 1.7.5 - Cross-Site Request Forgery to PHAR Deserialization — ImageMagick EngineCWE-502 8.8 High2023-02-09
CVE-2023-24688 mojoPortal 安全漏洞 — n/a 5.3 -2023-02-09
CVE-2023-0726 Wicked Folders <= 2.18.16 - Cross-Site Request Forgery via ajax_edit_folder — Wicked Folders – Folder Organizer for Pages, Posts, and Custom Post TypesCWE-352 5.4 Medium2023-02-08

Vulnerabilities classified as access:pre-auth represent 19393 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.