Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1310 CNY

100%
Buy Us a Coffee

access:pre-auth — CVE vulnerabilities tagged 19518

19518 CVE security advisories tagged "access:pre-auth" with AI Chinese analysis, CVSS, references and POCs.

The tag "access:pre-auth" identifies vulnerabilities that allow unauthenticated attackers to gain unauthorized access to a system, application, or network resource before legitimate credentials are verified. This classification is critical because it represents the lowest barrier to entry for exploitation, enabling remote code execution, data exfiltration, or full system compromise without prior authentication. Typical scenarios involve flaws in authentication mechanisms, such as broken access controls, insecure direct object references, or logic errors in session management that bypass login requirements. Attackers frequently target these weaknesses via exposed APIs, administrative interfaces, or default configurations. Because no user interaction or valid credentials are needed, pre-authentication flaws are among the most severe and widely exploited security issues, often leading to immediate breach of confidentiality, integrity, and availability across affected infrastructure.

CVE IDTitleCVSSSeverityPublished
CVE-2022-0867 ARPrice Lite < 3.6.1 - Unauthenticated SQLi — Pricing Table PluginCWE-89 9.8 -2022-05-16
CVE-2021-33009 mySCADA myPRO Unrestricted Upload of File with Dangerous Type — myPROCWE-434 7.5 High2022-05-13
CVE-2021-33005 mySCADA myPRO Path Traversal — myPROCWE-22 7.5 High2022-05-13
CVE-2021-22275 Denial of service vulnerability on Automation Runtime webserver — Automation Runtime webserverCWE-120 8.6 High2022-05-13
CVE-2022-29854 Mitel 6900 Series IP Phone MiNet 安全漏洞 — n/a 6.8 -2022-05-13
CVE-2020-22983 MicroStrategy Web SDK 代码问题漏洞 — n/a 8.1 -2022-05-13
CVE-2020-22985 MicroStrategy Web SDK 跨站脚本漏洞 — n/a 6.1 -2022-05-12
CVE-2020-22986 MicroStrategy Web SDK 跨站脚本漏洞 — n/a 6.1 -2022-05-12
CVE-2020-22987 MicroStrategy Web SDK 跨站脚本漏洞 — n/a 6.1 -2022-05-12
CVE-2020-22984 MicroStrategy Web SDK 跨站脚本漏洞 — n/a 6.1 -2022-05-12
CVE-2022-23166 Sysaid – Sysaid Local File Inclusion (LFI) — Sysaid 6.1 Medium2022-05-12
CVE-2022-0004 Intel Processors 安全特征问题漏洞 — Intel(R) Processors in Intel(R) Boot Guard and Intel(R) TXT 6.8 -2022-05-12
CVE-2021-33082 多款Intel产品安全漏洞 — Intel(R) SSD and Intel(R) Optane(TM) SSD Products 4.6 -2022-05-12
CVE-2021-33074 多款Intel产品安全漏洞 — Intel(R) SSD, Intel(R) SSD DC and Intel(R) Optane(TM) SSD Products 4.6 -2022-05-12
CVE-2021-33080 多款Intel产品安全漏洞 — Intel(R) SSD DC, Intel(R) Optane(TM) SSD and Intel(R) Optane(TM) SSD DC Products 6.8 -2022-05-12
CVE-2021-33077 多款Intel产品安全漏洞 — Intel(R) SSD, Intel(R) Optane(TM) SSD and Intel(R) SSD DC Products 6.8 -2022-05-12
CVE-2021-33130 Intel RealSense ID Solution F450 安全漏洞 — Intel(R) RealSense(TM) ID Solution F450 4.6 -2022-05-12
CVE-2022-29538 RESI Gemini-Net 安全漏洞 — n/a 5.3 -2022-05-12
CVE-2022-29539 RESI Gemini-Net 操作系统命令注入漏洞 — n/a 9.8 -2022-05-12
CVE-2022-29855 Mitel 6900 SIP 安全漏洞 — n/a 6.8 -2022-05-11
CVE-2022-29847 Progress Software WhatsUp Gold 代码问题漏洞 — n/a 9.1 -2022-05-11
CVE-2022-29846 Progress Software WhatsUp Gold 信息泄露漏洞 — n/a 5.3 -2022-05-11
CVE-2021-43081 Fortinet FortiProxy SSL VPN跨站脚本漏洞 — Fortinet FortiProxy 6.1 Medium2022-05-11
CVE-2021-44167 Fortinet FortiClient 安全漏洞 — Fortinet FortiClientLinux 6.8 Medium2022-05-11
CVE-2022-29932 PRIMEUR SPAZIO 安全漏洞 — n/a 7.5 -2022-05-11
CVE-2022-30278 Black Duck Hub 跨站脚本漏洞 — Black Duck HubCWE-79 6.1 -2022-05-10
CVE-2022-1505 RSVPMaker <= 9.2.6 - Unauthenticated SQL Injection — RSVPMakerCWE-89 9.8 Critical2022-05-10
CVE-2022-1442 Metform Elementor Contact Form Builder <= 2.1.3 - Sensitive Information Disclosure — MetForm – Contact Form, Survey, Quiz, & Custom Form Builder for ElementorCWE-862 7.5 High2022-05-10
CVE-2022-1453 RSVPMaker <= 9.2.5 - Unauthenticated SQL Injection — RSVPMakerCWE-89 9.8 Critical2022-05-10
CVE-2022-22774 TIBCO Managed File Transfer Command Center XXE Vulnerability — TIBCO Managed File Transfer Command Center 8.6 High2022-05-10

Vulnerabilities classified as access:pre-auth represent 19518 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.