Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1310 CNY

100%
Buy Us a Coffee

access:pre-auth — CVE vulnerabilities tagged 19430

19430 CVE security advisories tagged "access:pre-auth" with AI Chinese analysis, CVSS, references and POCs.

The tag "access:pre-auth" identifies vulnerabilities that allow unauthenticated attackers to gain unauthorized access to a system, application, or network resource before legitimate credentials are verified. This classification is critical because it represents the lowest barrier to entry for exploitation, enabling remote code execution, data exfiltration, or full system compromise without prior authentication. Typical scenarios involve flaws in authentication mechanisms, such as broken access controls, insecure direct object references, or logic errors in session management that bypass login requirements. Attackers frequently target these weaknesses via exposed APIs, administrative interfaces, or default configurations. Because no user interaction or valid credentials are needed, pre-authentication flaws are among the most severe and widely exploited security issues, often leading to immediate breach of confidentiality, integrity, and availability across affected infrastructure.

CVE IDTitleCVSSSeverityPublished
CVE-2021-46304 Siemens SICAM A8000 CP-8000 安全漏洞 — CP-8000 MASTER MODULE WITH I/O -25/+70°CCWE-284 7.5 -2022-08-10
CVE-2022-20827 Cisco Small Business RV Series Routers Vulnerabilities — Cisco Small Business RV Series Router FirmwareCWE-120 9.0 Critical2022-08-10
CVE-2022-20869 Cisco BroadWorks Application Delivery Platform Software Cross-Site Scripting Vulnerability — Cisco BroadWorksCWE-79 6.1 Medium2022-08-10
CVE-2022-20842 Cisco Small Business RV Series Routers Vulnerabilities — Cisco Small Business RV Series Router FirmwareCWE-120 9.0 Critical2022-08-10
CVE-2022-20841 Cisco Small Business RV Series Routers Vulnerabilities — Cisco Small Business RV Series Router FirmwareCWE-120 9.0 Critical2022-08-10
CVE-2022-31675 VMware vRealize Operations 安全漏洞 — VMware vRealize Operations 7.5 -2022-08-09
CVE-2022-23238 Netapp StorageGRID 安全漏洞 — StorageGRID (formerly StorageGRID Webscale) 6.5 -2022-08-09
CVE-2022-29083 Dell BIOS 授权问题漏洞 — CPG BIOSCWE-287 6.8 Medium2022-08-09
CVE-2022-32245 SAP BusinessObjects Business Intelligence Platform 安全漏洞 — SAP BusinessObjects Business Intelligence Platform (Open Document)CWE-319 8.2 -2022-08-09
CVE-2022-35293 SAP Enable Now Manager 安全漏洞 — SAP Enable Now ManagerCWE-862 9.1 -2022-08-09
CVE-2022-32429 MSNSwitch 授权问题漏洞 — n/a 9.8 -2022-08-09
CVE-2022-36264 Airspan AirSpot 5410 代码问题漏洞 — n/a 9.1 -2022-08-08
CVE-2022-36267 Airspan AirSpot 5410 安全漏洞 — n/a 9.8 -2022-08-08
CVE-2022-35487 Zammad 安全漏洞 — n/a 7.5 -2022-08-08
CVE-2022-2460 WPDating < 7.4.0 - Multiple Unauthenticated SQLi — WPDating 9.8 -2022-08-08
CVE-2022-2675 Unitree Go 1 "Robot Dog" Unauthenticated Remote Power Down — Go 1CWE-285 6.5 -2022-08-05
CVE-2022-2531 GitLab CE/EE 路径遍历漏洞 — GitLab 5.3 Medium2022-08-05
CVE-2022-36296 WordPress ActiveDEMAND plugin <= 0.2.27 - Broken Authentication vulnerability — ActiveDEMANDCWE-287 6.5 Medium2022-08-05
CVE-2022-35216 ITPison OMICARD EDM - Use of Hard-coded Credentials — OMICARD EDMCWE-22 7.5 High2022-08-04
CVE-2022-32965 ITPison OMICARD EDM - Use of Hard-coded Credentials — OMICARD EDMCWE-798 9.8 Critical2022-08-04
CVE-2022-32964 ITPison OMICARD EDM - SQL Injection — OMICARD EDMCWE-89 9.8 Critical2022-08-04
CVE-2022-32963 ITPison OMICARD EDM - Path Traversal-1 — OMICARD EDMCWE-22 7.5 High2022-08-04
CVE-2022-35223 EasyUse MailHunter Ultimate - Deserialization of Untrusted Data — MailHunter UltimateCWE-502 9.8 Critical2022-08-02
CVE-2022-35222 HiCOS Citizen verification component - Stack Buffer Overflow — HiCOS Citizen verification component - Stack Buffer OverflowCWE-787 6.8 Medium2022-08-02
CVE-2022-1950 Youzify < 1.2.0 - Unauthenticated SQLi — Youzify – BuddyPress Community, User Profile, Social Network & Membership Plugin for WordPressCWE-89 9.8 -2022-08-01
CVE-2022-1906 Copyright Proof <= 4.16 - Reflected Cross-Site-Scripting — Copyright ProofCWE-79 6.1 -2022-08-01
CVE-2022-27255 Realtek AP-Router SDK 输入验证错误漏洞 — n/a 9.8 -2022-08-01
CVE-2022-22280 SonicWALL Analytics On-Prem SQL注入漏洞 — SonicWall GMSCWE-89 9.8 -2022-07-29
CVE-2022-1277 SQL Injection in Inavitas Solar Log — Inavitas Solar LogCWE-89 9.4 Critical2022-07-29
CVE-2022-30313 Honeywell Safety Manager 访问控制错误漏洞 — n/a 7.5 -2022-07-28

Vulnerabilities classified as access:pre-auth represent 19430 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.