Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1110 CNY

100%
Buy Us a Coffee

access:pre-auth — CVE vulnerabilities tagged 19401

19401 CVE security advisories tagged "access:pre-auth" with AI Chinese analysis, CVSS, references and POCs.

The tag "access:pre-auth" identifies vulnerabilities that allow unauthenticated attackers to gain unauthorized access to a system, application, or network resource before legitimate credentials are verified. This classification is critical because it represents the lowest barrier to entry for exploitation, enabling remote code execution, data exfiltration, or full system compromise without prior authentication. Typical scenarios involve flaws in authentication mechanisms, such as broken access controls, insecure direct object references, or logic errors in session management that bypass login requirements. Attackers frequently target these weaknesses via exposed APIs, administrative interfaces, or default configurations. Because no user interaction or valid credentials are needed, pre-authentication flaws are among the most severe and widely exploited security issues, often leading to immediate breach of confidentiality, integrity, and availability across affected infrastructure.

CVE IDTitleCVSSSeverityPublished
CVE-2023-21825 Oracle E-Business Suite 安全漏洞 — iSupplier Portal 5.3 Medium2023-01-17
CVE-2022-3091 RONDS EPM 信息泄露漏洞 — Equipment Predictive Maintenance SolutionCWE-200 7.5 High2023-01-17
CVE-2022-45439 Zyxel AX7501-B0 安全漏洞 — AX7501-B0 firmwareCWE-312 6.5 Medium2023-01-17
CVE-2023-0122 Linux kernel 代码问题漏洞 — KernelCWE-476 7.5 -2023-01-17
CVE-2023-22278 Digital Arts m-FILTER 安全漏洞 — m-FILTER Ver.5 Series and Ver.4 Series 5.3 -2023-01-17
CVE-2023-22279 MAHO-PBX NetDevancer series 操作系统命令注入漏洞 — MAHO-PBX NetDevancer series 9.8 -2023-01-17
CVE-2023-22286 MAHO-PBX NetDevancer series 跨站请求伪造漏洞 — MAHO-PBX NetDevancer series 8.1 -2023-01-17
CVE-2023-22296 MAHO-PBX NetDevancer series 跨站脚本漏洞 — MAHO-PBX NetDevancer series 6.1 -2023-01-17
CVE-2023-22298 pgAdmin 输入验证错误漏洞 — pgAdmin 4 6.1 -2023-01-17
CVE-2023-22357 Omron CP1L-EL20DR-D 安全漏洞 — CP1L-EL20DR-D 9.8 -2023-01-17
CVE-2022-4447 Fontsy <= 1.8.6 - Multiple Unauthenticated SQLi — Fontsy 9.8 -2023-01-16
CVE-2022-4320 WordPress Events Calendar Plugin < 1.4.5 - Multiple Reflected XSS — WordPress Events Calendar Plugin 6.1 -2023-01-16
CVE-2022-4101 Images Optimize and Upload CF7 <= 2.1.4 - Unauthenticated Arbitrary File Deletion — Images Optimize and Upload CF7 9.1 -2023-01-16
CVE-2022-3904 MonsterInsights < 8.9.1 - Stored Cross-Site Scripting via Google Analytics — MonsterInsights 6.1 -2023-01-16
CVE-2022-45438 Apache Superset: Dashboard metadata information leak — Apache SupersetCWE-668 5.3 -2023-01-16
CVE-2023-23590 Mercedes-Benz XENTRY Retail Data Storage 安全漏洞 — n/a 7.5 -2023-01-15
CVE-2023-0294 Mediamatic – Media Library Folders <= 2.8.1 - Cross-Site Request Forgery — Mediamatic – Media Library FoldersCWE-352 8.8 High2023-01-13
CVE-2022-42275 NVIDIA BMC 访问控制错误漏洞 — NVIDIA DGX serversCWE-288 7.7 High2023-01-13
CVE-2022-4616 Delta Electronics DX-3021 命令注入漏洞 — 4G Router DX-3021CWE-77 7.2 High2023-01-12
CVE-2023-22600 InHand Networks InRouter302 安全漏洞 — InRouter 302CWE-284 10.0 Critical2023-01-12
CVE-2023-22391 Junos OS: ACX2K Series: Receipt of a high rate of specific traffic will lead to a Denial of Service (DoS) — Junos OSCWE-755 7.5 High2023-01-12
CVE-2023-22395 Junos OS: In an MPLS scenario the processing of specific packets to the device causes a buffer leak and ultimately a loss of connectivity — Junos OSCWE-401 6.5 Medium2023-01-12
CVE-2023-22396 Junos OS: Receipt of crafted TCP packets destined to the device results in MBUF leak leading to a Denial of Service (DoS) — Junos OSCWE-400 7.5 High2023-01-12
CVE-2023-22400 Junos OS Evolved: A specific SNMP GET operation and a specific CLI commands cause resources to leak and eventually the evo-pfemand process will crash — Junos OS EvolvedCWE-400 7.5 High2023-01-12
CVE-2023-22401 Junos OS and Junos OS Evolved: PTX10008, PTX10016: When a specific SNMP MIB is queried the FPC will crash — Junos OSCWE-129 7.5 High2023-01-12
CVE-2023-22402 Junos OS Evolved: The kernel might restart in a BGP scenario where "bgp auto-discovery" is enabled and such a neighbor flaps — Junos OS EvolvedCWE-416 5.9 Medium2023-01-12
CVE-2023-22403 Junos OS: QFX10K Series: An ICCP flap will be observed due to excessive specific traffic — Junos OSCWE-770 7.5 High2023-01-12
CVE-2023-22405 Junos OS: QFX5k Series, EX46xx Series: MAC limiting feature stops working after PFE restart or device reboot — Junos OSCWE-1250 6.5 Medium2023-01-12
CVE-2023-22406 Junos OS and Junos OS Evolved: A memory leak which will ultimately lead to an rpd crash will be observed when a peer interface flaps continuously in a Segment Routing scenario using OSPF — Junos OSCWE-401 6.5 Medium2023-01-12
CVE-2023-22407 Junos OS and Junos OS Evolved: An RPD crash can happen due to an MPLS TE tunnel configuration change on a directly connected router — Junos OSCWE-459 6.5 Medium2023-01-12

Vulnerabilities classified as access:pre-auth represent 19401 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.