Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

access:pre-auth — CVE vulnerabilities tagged 19253

19253 CVE security advisories tagged "access:pre-auth" with AI Chinese analysis, CVSS, references and POCs.

The tag "access:pre-auth" identifies vulnerabilities that allow unauthenticated attackers to gain unauthorized access to a system, application, or network resource before legitimate credentials are verified. This classification is critical because it represents the lowest barrier to entry for exploitation, enabling remote code execution, data exfiltration, or full system compromise without prior authentication. Typical scenarios involve flaws in authentication mechanisms, such as broken access controls, insecure direct object references, or logic errors in session management that bypass login requirements. Attackers frequently target these weaknesses via exposed APIs, administrative interfaces, or default configurations. Because no user interaction or valid credentials are needed, pre-authentication flaws are among the most severe and widely exploited security issues, often leading to immediate breach of confidentiality, integrity, and availability across affected infrastructure.

CVE IDTitleCVSSSeverityPublished
CVE-2017-15682 Crafter CMS 跨站脚本漏洞 — n/a 6.1 -2020-11-27
CVE-2017-15683 Crafter CMS 授权问题漏洞 — n/a 8.6 -2020-11-27
CVE-2017-15684 Crafter CMS Crafter Studio 路径遍历漏洞 — n/a 7.5 -2020-11-27
CVE-2017-15685 Crafter CMS 信息泄露漏洞 — n/a 8.6 -2020-11-27
CVE-2020-25014 Zyxel UTM 和 Zyxel Gateway VPN series 缓冲区错误漏洞 — n/a 9.8 -2020-11-27
CVE-2020-29138 Sagemcom F@ST3486 NET 授权问题漏洞 — n/a 5.3 -2020-11-27
CVE-2020-27251 Rockwell Automation FactoryTalk Linx 缓冲区错误漏洞 — FactoryTalk LinxCWE-122 9.8 -2020-11-26
CVE-2020-27255 Rockwell Automation FactoryTalk Linx 信息泄露漏洞 — FactoryTalk LinxCWE-122 7.5 -2020-11-26
CVE-2020-27253 Rockwell Automation FactoryTalk Linx 输入验证错误漏洞 — FactoryTalk LinxCWE-20 7.5 -2020-11-26
CVE-2020-26238 Critical vulnerability found in cron-utils — cron-utilsCWE-74 7.9 High2020-11-24
CVE-2020-28334 Barco wePresent WiPG-1600W 信任管理问题漏洞 — n/a 9.8 -2020-11-24
CVE-2020-28994 Luckypal Karenderia SQL注入漏洞 — n/a 9.1 -2020-11-24
CVE-2019-20925 Denial of service via malformed network packet — MongoDB ServerCWE-839 7.5 High2020-11-24
CVE-2020-6939 Tableau Software Server 授权问题漏洞 — Tableau Server 9.8 -2020-11-23
CVE-2020-12352 Linux kernel 信息泄露漏洞 — BlueZ 6.5 -2020-11-23
CVE-2020-12351 Linux kernel 输入验证错误漏洞 — BlueZ 8.8 -2020-11-23
CVE-2019-14587 EDK2 安全漏洞 — Extensible Firmware Interface Development Kit (EDK II) 6.5 -2020-11-23
CVE-2019-14559 EDK2 资源管理错误漏洞 — Extensible Firmware Interface Development Kit (EDK II) 7.5 -2020-11-23
CVE-2020-7925 Denial of Service when processing malformed Role names — MongoDB ServerCWE-475 7.5 High2020-11-23
CVE-2020-14230 HCL Technologies Domino 输入验证错误漏洞 — HCL Domino 7.5 -2020-11-21
CVE-2020-14258 HCL Software HCL Notes 输入验证错误漏洞 — HCL Notes 7.5 -2020-11-21
CVE-2020-25189 Paradox IP150 缓冲区错误漏洞 — IP150CWE-121 9.8 -2020-11-21
CVE-2020-5797 TP-Link Archer C9 后置链接漏洞 — TP-Link Archer C9 A1 6.1 -2020-11-21
CVE-2020-28845 Netskope 注入漏洞 — n/a 7.8 -2020-11-20
CVE-2020-5668 Mitsubishi Electric MELSEC iQ-R series 资源管理错误漏洞 — MELSEC iQ-R 7.5 -2020-11-20
CVE-2020-9049 victor Web Client and C•CURE Web Client JSON Web Token (JWT) Vulnerability — victor Web Client version 5.6 and priorCWE-285 7.1 High2020-11-19
CVE-2020-28574 Trend Micro Worry-Free Business Security 路径遍历漏洞 — Trend Micro Worry-Free Business Security 9.1 -2020-11-18
CVE-2020-28578 Trend Micro InterScan Web Security Virtual Appliance 缓冲区错误漏洞 — Trend Micro InterScan Web Security Virtual Appliance 9.8 -2020-11-18
CVE-2020-3586 Cisco DNA Spaces Connector Command Injection Vulnerability — Cisco DNA Spaces ConnectorCWE-78 9.4 Critical2020-11-18
CVE-2020-3531 Cisco IoT Field Network Director Unauthenticated REST API Vulnerability — Cisco IoT Field Network Director (IoT-FND)CWE-306 9.8 -2020-11-18

Vulnerabilities classified as access:pre-auth represent 19253 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.