Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1110 CNY

100%
Buy Us a Coffee

access:pre-auth — CVE vulnerabilities tagged 19401

19401 CVE security advisories tagged "access:pre-auth" with AI Chinese analysis, CVSS, references and POCs.

The tag "access:pre-auth" identifies vulnerabilities that allow unauthenticated attackers to gain unauthorized access to a system, application, or network resource before legitimate credentials are verified. This classification is critical because it represents the lowest barrier to entry for exploitation, enabling remote code execution, data exfiltration, or full system compromise without prior authentication. Typical scenarios involve flaws in authentication mechanisms, such as broken access controls, insecure direct object references, or logic errors in session management that bypass login requirements. Attackers frequently target these weaknesses via exposed APIs, administrative interfaces, or default configurations. Because no user interaction or valid credentials are needed, pre-authentication flaws are among the most severe and widely exploited security issues, often leading to immediate breach of confidentiality, integrity, and availability across affected infrastructure.

CVE IDTitleCVSSSeverityPublished
CVE-2022-29830 Mitsubishi Electric GX Works3 信任管理问题漏洞 — GX Works3CWE-321 9.1 Critical2022-11-24
CVE-2022-29829 Mitsubishi Electric GX Works3 信任管理问题漏洞 — GX Works3CWE-321 6.8 Medium2022-11-24
CVE-2022-29828 Mitsubishi Electric GX Works3 信任管理问题漏洞 — GX Works3CWE-321 6.8 Medium2022-11-24
CVE-2022-29827 Mitsubishi Electric GX Works3 信任管理问题漏洞 — GX Works3CWE-321 6.8 Medium2022-11-24
CVE-2022-29826 Mitsubishi Electric GX Works3 安全漏洞 — GX Works3CWE-312 6.8 Medium2022-11-24
CVE-2022-29825 Mitsubishi Electric GX Works3 信任管理问题漏洞 — GX Works3CWE-259 5.6 Medium2022-11-24
CVE-2022-25164 Mitsubishi Electric GX Works3 安全漏洞 — GX Works3CWE-312 8.6 High2022-11-24
CVE-2022-40977 PILZ: PASvisu and PMI affected by ZipSlip — PASvisuCWE-22 7.5 High2022-11-24
CVE-2022-40976 PILZ: Multiple products affected by ZipSlip — PAScalCWE-22 5.5 Medium2022-11-24
CVE-2022-37772 Maarch RM 安全漏洞 — n/a 9.8 -2022-11-23
CVE-2022-41875 Remote Code Execution in Optica — opticaCWE-502 10.0 Critical2022-11-23
CVE-2022-45276 Yunjing Digital Technology YJCMS安全漏洞 — n/a 9.8 -2022-11-23
CVE-2020-23584 Optilink Network OP-XT71000N 命令注入漏洞 — n/a 9.8 -2022-11-23
CVE-2020-23586 Optilink Network OP-XT71000N 跨站请求伪造漏洞 — n/a 4.3 -2022-11-23
CVE-2020-23587 Optilink Network OP-XT71000N 跨站请求伪造漏洞 — n/a 5.3 -2022-11-23
CVE-2020-23588 Optilink Network OP-XT71000N 跨站请求伪造漏洞 — n/a 4.3 -2022-11-23
CVE-2020-23589 Optilink Network OP-XT71000N 跨站请求伪造漏洞 — n/a 6.5 -2022-11-23
CVE-2020-23590 Optilink Network OP-XT71000N 跨站请求伪造漏洞 — n/a 8.1 -2022-11-23
CVE-2020-23592 Optilink Network OP-XT71000N 跨站请求伪造漏洞 — n/a 8.8 -2022-11-23
CVE-2020-23593 Optilink Network OP-XT71000N 跨站请求伪造漏洞 — n/a 6.5 -2022-11-23
CVE-2022-37774 Maarch RM 授权问题漏洞 — n/a 5.3 -2022-11-22
CVE-2022-41326 Mitel MiCollab 安全漏洞 — n/a 9.8 -2022-11-22
CVE-2022-43685 CKAN 授权问题漏洞 — n/a 8.8 -2022-11-22
CVE-2022-0421 Five Star Restaurant Reservations < 2.4.12 - Unauthenticated Arbitrary Payment Status Update to Stored XSS — Five Star Restaurant Reservations 6.1 -2022-11-21
CVE-2022-3691 DeepL Pro API Translation < 1.7.5 - API Key Disclosure — DeepL Pro API translation plugin 7.5 -2022-11-21
CVE-2022-38755 Filr Remote unauthenticated user enumeration for versions prior to 4.3.1.1 — Micro Focus Filr 5.3 Medium2022-11-21
CVE-2022-44785 Maggioli SpA Appalti & Contratti SQL注入漏洞 — n/a 9.8 -2022-11-21
CVE-2020-23582 Optilink Network OP-XT71000N 跨站请求伪造漏洞 — n/a 6.5 -2022-11-21
CVE-2022-41618 WordPress Media Library Assistant plugin <= 3.00 - Unauthenticated Error Log Disclosure vulnerability — Media Library Assistant (WordPress plugin)CWE-200 3.7 Low2022-11-18
CVE-2022-24038 Unauthorized modification in Karmasis Informatics Infraskope SIEM+ — Infraskope SIEM+CWE-284 6.5 Medium2022-11-18

Vulnerabilities classified as access:pre-auth represent 19401 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.