Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

access:pre-auth — CVE vulnerabilities tagged 19284

19284 CVE security advisories tagged "access:pre-auth" with AI Chinese analysis, CVSS, references and POCs.

The tag "access:pre-auth" identifies vulnerabilities that allow unauthenticated attackers to gain unauthorized access to a system, application, or network resource before legitimate credentials are verified. This classification is critical because it represents the lowest barrier to entry for exploitation, enabling remote code execution, data exfiltration, or full system compromise without prior authentication. Typical scenarios involve flaws in authentication mechanisms, such as broken access controls, insecure direct object references, or logic errors in session management that bypass login requirements. Attackers frequently target these weaknesses via exposed APIs, administrative interfaces, or default configurations. Because no user interaction or valid credentials are needed, pre-authentication flaws are among the most severe and widely exploited security issues, often leading to immediate breach of confidentiality, integrity, and availability across affected infrastructure.

CVE IDTitleCVSSSeverityPublished
CVE-2020-14224 HCL Notes 缓冲区错误漏洞 — HCL Notes 9.8 -2020-12-18
CVE-2020-14271 HCL iNotes 跨站脚本漏洞 — HCL iNotes 6.1 -2020-12-18
CVE-2020-4080 HCL Verse 跨站脚本漏洞 — HCL Verse 6.1 -2020-12-18
CVE-2020-20276 uftpd 缓冲区错误漏洞 — n/a 9.8 -2020-12-18
CVE-2020-20277 uftpd 路径遍历漏洞 — n/a 9.8 -2020-12-18
CVE-2020-27640 Mitel Networks Mitel MiVoice 安全漏洞 — n/a 6.5 -2020-12-18
CVE-2020-27639 Mitel Networks Mitel MiVoice 安全漏洞 — n/a 6.5 -2020-12-18
CVE-2020-8466 Trend Micro InterScan Web Security Virtual Appliance 命令注入漏洞 — Trend Micro InterScan Web Security Virtual Appliance 8.1 -2020-12-17
CVE-2020-28931 EPSON EPS TSE Server 跨站请求伪造漏洞 — n/a 8.8 -2020-12-16
CVE-2020-28929 EPSON EPS TSE Server 授权问题漏洞 — n/a 9.8 -2020-12-16
CVE-2020-5359 Dell BSAFE Micro Edition Suite 安全漏洞 — Dell BSAFE Micro Edition SuiteCWE-544 5.8 Medium2020-12-16
CVE-2020-5360 Dell BSAFE Micro Edition Suite 缓冲区错误漏洞 — Dell BSAFE Micro Edition SuiteCWE-127 7.5 High2020-12-16
CVE-2020-27147 TIBCO PartnerExpress REST API — TIBCO PartnerExpress 6.5 Medium2020-12-15
CVE-2019-19287 Siemens XHQ 信息泄露漏洞 — XHQCWE-23 7.5 -2020-12-14
CVE-2020-28861 Openasset 跨站脚本漏洞 — n/a 5.3 -2020-12-14
CVE-2020-16102 Gallagher Group Command Centre 访问控制错误漏洞 — Command CentreCWE-287 7.1 High2020-12-14
CVE-2020-14268 HCL Notes 缓冲区错误漏洞 — HCL Notes 9.8 -2020-12-14
CVE-2020-14244 IBM Domino 缓冲区错误漏洞 — HCL Domino 9.8 -2020-12-14
CVE-2020-29227 Sourcecodester Car Rental Management System 输入验证错误漏洞 — n/a 9.8 -2020-12-14
CVE-2020-29563 Western Digital My Cloud 授权问题漏洞 — n/a 9.8 -2020-12-11
CVE-2020-29574 Sophos Cyberoam OS SQL注入漏洞 — n/a 9.8 -2020-12-11
CVE-2020-29254 Tiki Wiki 跨站请求伪造漏洞 — n/a 8.8 -2020-12-11
CVE-2020-24633 Aruba Networks ArubaOS 安全漏洞 — Aruba 9000 Gateway 9.8 -2020-12-11
CVE-2020-7540 多款Schneider Electric产品访问控制错误漏洞 — Web Server on Modicon M340, Legacy Offers Modicon Quantum and Modicon Premium and associated Communication Modules (see security notification for affected versions)CWE-306 9.8 -2020-12-11
CVE-2020-24444 Blind SSRF in Forms add-on for AEM — Experience ManagerCWE-918 5.8 Medium2020-12-10
CVE-2020-26829 SAP Netweaver 授权问题漏洞 — SAP NetWeaver AS JAVA (P2P Cluster Communication) 10.0 -2020-12-09
CVE-2020-27902 Apple iOS和Apple iPadOS 授权问题漏洞 — iOS and iPadOS 4.6 -2020-12-08
CVE-2020-14207 WordPress plugin SQL注入漏洞 — n/a 5.3 -2020-12-08
CVE-2020-14206 WordPress DiveBook 跨站脚本漏洞 — n/a 6.1 -2020-12-08
CVE-2020-28946 Plum Ik-401 访问控制错误漏洞 — n/a 7.5 -2020-12-08

Vulnerabilities classified as access:pre-auth represent 19284 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.