Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1310 CNY

100%
Buy Us a Coffee

access:pre-auth — CVE vulnerabilities tagged 19432

19432 CVE security advisories tagged "access:pre-auth" with AI Chinese analysis, CVSS, references and POCs.

The tag "access:pre-auth" identifies vulnerabilities that allow unauthenticated attackers to gain unauthorized access to a system, application, or network resource before legitimate credentials are verified. This classification is critical because it represents the lowest barrier to entry for exploitation, enabling remote code execution, data exfiltration, or full system compromise without prior authentication. Typical scenarios involve flaws in authentication mechanisms, such as broken access controls, insecure direct object references, or logic errors in session management that bypass login requirements. Attackers frequently target these weaknesses via exposed APIs, administrative interfaces, or default configurations. Because no user interaction or valid credentials are needed, pre-authentication flaws are among the most severe and widely exploited security issues, often leading to immediate breach of confidentiality, integrity, and availability across affected infrastructure.

CVE IDTitleCVSSSeverityPublished
CVE-2022-1277 SQL Injection in Inavitas Solar Log — Inavitas Solar LogCWE-89 9.4 Critical2022-07-29
CVE-2022-30313 Honeywell Safety Manager 访问控制错误漏洞 — n/a 7.5 -2022-07-28
CVE-2022-30314 Honeywell Safety Manager 信任管理问题漏洞 — n/a 6.1 -2022-07-28
CVE-2022-30315 Honeywell Safety Manager 数据伪造问题漏洞 — n/a 6.8 -2022-07-28
CVE-2022-30316 Honeywell Safety Manager 数据伪造问题漏洞 — n/a 6.8 -2022-07-28
CVE-2022-27509 Unauthenticated redirection to a malicious website — Citrix Application Delivery Management (Citrix ADC) and Citrix Gateway 6.1 -2022-07-28
CVE-2022-36986 Veritas NetBackup 安全漏洞 — n/a 8.6 High2022-07-28
CVE-2022-36950 Veritas NetBackup 安全漏洞 — n/a 9.8 Critical2022-07-27
CVE-2022-36951 Veritas NetBackup 安全漏洞 — n/a 9.8 Critical2022-07-27
CVE-2022-36953 Veritas NetBackup 安全漏洞 — n/a 4.3 Medium2022-07-27
CVE-2021-38417 VISAM VBASE Editor Improper Access Control — VBASE Pro-RT/ Server-RT (Web Remote) 7.4 High2022-07-27
CVE-2022-36884 Jenkins Git Plugin 访问控制错误漏洞 — Jenkins Git Plugin 5.3 -2022-07-27
CVE-2022-36883 Jenkins Git Plugin 安全漏洞 — Jenkins Git Plugin 7.5 -2022-07-27
CVE-2022-36129 HashiCorp Vault 访问控制错误漏洞 — n/a 9.1 -2022-07-26
CVE-2022-29958 JTEKT TOYOPUC Products 数据伪造问题漏洞 — n/a 9.8 -2022-07-26
CVE-2022-33977 untangle 安全漏洞 — untangle 7.5 -2022-07-26
CVE-2022-31471 untangle 代码问题漏洞 — untangle 7.5 -2022-07-26
CVE-2022-30706 Twinkle Toes Software Booked 输入验证错误漏洞 — Booked 6.1 -2022-07-26
CVE-2022-34906 FileWave 信任管理问题漏洞 — n/a 9.1 -2022-07-25
CVE-2022-34907 FileWave 信任管理问题漏洞 — n/a 9.8 -2022-07-25
CVE-2022-33965 WordPress WP Visitor Statistics plugin <= 5.7 - Multiple Unauthenticated SQL Injection (SQLi) vulnerabilities — WP Visitor Statistics (WordPress plugin)CWE-89 9.3 Critical2022-07-25
CVE-2022-2240 Request a Quote <= 2.3.7 - CSV Injection — Request a QuoteCWE-1236 8.8 -2022-07-25
CVE-2022-0594 Shareaholic < 9.7.6 - Information Disclosure — Professional Social Sharing Buttons, Icons & Related Posts – ShareaholicCWE-863 5.3 -2022-07-25
CVE-2022-36444 Atos Unify OpenScape 安全漏洞 — n/a 8.6 High2022-07-25
CVE-2022-33901 WordPress MultiSafepay plugin for WooCommerce plugin <= 4.13.1 - Unauthenticated Arbitrary File Read vulnerability — MultiSafepay plugin for WooCommerce (WordPress plugin) 5.3 Medium2022-07-22
CVE-2021-36200 Metasys ADS/ADX/OAS with MUI — Metasys ADS/ADX/OAS serverCWE-306 5.3 Medium2022-07-22
CVE-2022-34487 WordPress Shortcode Addons plugin <= 3.0.2 - Unauthenticated Arbitrary Option Update vulnerability — Shortcode Addons (WordPress plugin)CWE-264 9.8 Critical2022-07-21
CVE-2022-33198 WordPress Accordions plugin <= 2.0.2 - Unauthenticated WordPress Options Change vulnerability — Accordions (WordPress plugin)CWE-264 9.8 Critical2022-07-21
CVE-2022-30628 Supersmart.me – Walk Through access to business information without authentication — Supersmart.me – Walk Through 4.8 Medium2022-07-21
CVE-2022-20916 Cisco IoT Control Center Cross-Site Scripting Vulnerability — Cisco IoT Control CenterCWE-80 6.1 Medium2022-07-21

Vulnerabilities classified as access:pre-auth represent 19432 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.