Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

access:pre-auth — CVE vulnerabilities tagged 19263

19263 CVE security advisories tagged "access:pre-auth" with AI Chinese analysis, CVSS, references and POCs.

The tag "access:pre-auth" identifies vulnerabilities that allow unauthenticated attackers to gain unauthorized access to a system, application, or network resource before legitimate credentials are verified. This classification is critical because it represents the lowest barrier to entry for exploitation, enabling remote code execution, data exfiltration, or full system compromise without prior authentication. Typical scenarios involve flaws in authentication mechanisms, such as broken access controls, insecure direct object references, or logic errors in session management that bypass login requirements. Attackers frequently target these weaknesses via exposed APIs, administrative interfaces, or default configurations. Because no user interaction or valid credentials are needed, pre-authentication flaws are among the most severe and widely exploited security issues, often leading to immediate breach of confidentiality, integrity, and availability across affected infrastructure.

CVE IDTitleCVSSSeverityPublished
CVE-2020-35370 Raysync 代码注入漏洞 — n/a 8.8 -2020-12-23
CVE-2020-35665 铁威马 TerraMaster TOS 操作系统命令注入漏洞 — n/a 9.8 -2020-12-23
CVE-2020-24675 Weak Authentication in Symphony Plus — ABB Ability™ Symphony® Plus OperationsCWE-287 9.8 Critical2020-12-22
CVE-2020-27338 Treck TCP/IP 缓冲区错误漏洞 — n/a 5.9 Medium2020-12-22
CVE-2020-27337 Treck TCP/IP 缓冲区错误漏洞 — n/a 7.3 High2020-12-22
CVE-2020-27336 Treck TCP/IP 缓冲区错误漏洞 — n/a 3.7 Low2020-12-22
CVE-2020-14270 Hcl Technologies Domino 安全漏洞 — HCL Domino 5.3 -2020-12-22
CVE-2020-24579 D-link DSL-2888A 授权问题漏洞 — n/a 8.1 -2020-12-22
CVE-2020-14225 Hcl Technologies Inotes 安全漏洞 — HCL iNotes 6.5 -2020-12-21
CVE-2020-14224 HCL Notes 缓冲区错误漏洞 — HCL Notes 9.8 -2020-12-18
CVE-2020-14271 HCL iNotes 跨站脚本漏洞 — HCL iNotes 6.1 -2020-12-18
CVE-2020-4080 HCL Verse 跨站脚本漏洞 — HCL Verse 6.1 -2020-12-18
CVE-2020-20276 uftpd 缓冲区错误漏洞 — n/a 9.8 -2020-12-18
CVE-2020-20277 uftpd 路径遍历漏洞 — n/a 9.8 -2020-12-18
CVE-2020-27640 Mitel Networks Mitel MiVoice 安全漏洞 — n/a 6.5 -2020-12-18
CVE-2020-27639 Mitel Networks Mitel MiVoice 安全漏洞 — n/a 6.5 -2020-12-18
CVE-2020-8466 Trend Micro InterScan Web Security Virtual Appliance 命令注入漏洞 — Trend Micro InterScan Web Security Virtual Appliance 8.1 -2020-12-17
CVE-2020-28931 EPSON EPS TSE Server 跨站请求伪造漏洞 — n/a 8.8 -2020-12-16
CVE-2020-28929 EPSON EPS TSE Server 授权问题漏洞 — n/a 9.8 -2020-12-16
CVE-2020-5359 Dell BSAFE Micro Edition Suite 安全漏洞 — Dell BSAFE Micro Edition SuiteCWE-544 5.8 Medium2020-12-16
CVE-2020-5360 Dell BSAFE Micro Edition Suite 缓冲区错误漏洞 — Dell BSAFE Micro Edition SuiteCWE-127 7.5 High2020-12-16
CVE-2020-27147 TIBCO PartnerExpress REST API — TIBCO PartnerExpress 6.5 Medium2020-12-15
CVE-2019-19287 Siemens XHQ 信息泄露漏洞 — XHQCWE-23 7.5 -2020-12-14
CVE-2020-28861 Openasset 跨站脚本漏洞 — n/a 5.3 -2020-12-14
CVE-2020-16102 Gallagher Group Command Centre 访问控制错误漏洞 — Command CentreCWE-287 7.1 High2020-12-14
CVE-2020-14268 HCL Notes 缓冲区错误漏洞 — HCL Notes 9.8 -2020-12-14
CVE-2020-14244 IBM Domino 缓冲区错误漏洞 — HCL Domino 9.8 -2020-12-14
CVE-2020-29227 Sourcecodester Car Rental Management System 输入验证错误漏洞 — n/a 9.8 -2020-12-14
CVE-2020-29563 Western Digital My Cloud 授权问题漏洞 — n/a 9.8 -2020-12-11
CVE-2020-29574 Sophos Cyberoam OS SQL注入漏洞 — n/a 9.8 -2020-12-11

Vulnerabilities classified as access:pre-auth represent 19263 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.