19252 CVE security advisories tagged "access:pre-auth" with AI Chinese analysis, CVSS, references and POCs.
The tag "access:pre-auth" identifies vulnerabilities that allow unauthenticated attackers to gain unauthorized access to a system, application, or network resource before legitimate credentials are verified. This classification is critical because it represents the lowest barrier to entry for exploitation, enabling remote code execution, data exfiltration, or full system compromise without prior authentication. Typical scenarios involve flaws in authentication mechanisms, such as broken access controls, insecure direct object references, or logic errors in session management that bypass login requirements. Attackers frequently target these weaknesses via exposed APIs, administrative interfaces, or default configurations. Because no user interaction or valid credentials are needed, pre-authentication flaws are among the most severe and widely exploited security issues, often leading to immediate breach of confidentiality, integrity, and availability across affected infrastructure.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2020-8746 | 多款Intel产品输入验证错误漏洞 — Intel(R) AMT | 6.5 | - | 2020-11-12 |
| CVE-2020-8755 | Intel CSME和Intel SPS 竞争条件问题漏洞 — Intel(R) CSME, Intel(R) SPS | 6.4 | - | 2020-11-12 |
| CVE-2020-8747 | Intel AMT 缓冲区错误漏洞 — Intel(R) AMT | 9.1 | - | 2020-11-12 |
| CVE-2020-8761 | Intel CSME 加密问题漏洞 — Intel(R) CSME | 4.6 | - | 2020-11-12 |
| CVE-2020-8754 | Intel Active Management Technology 缓冲区错误漏洞 — Intel(R) AMT, Intel(R) ISM | 7.5 | - | 2020-11-12 |
| CVE-2020-8751 | Intel TXE和Intel Converged Security and Management Engine 信息泄露漏洞 — Intel(R) CSME, Intel(R) TXE | 4.6 | - | 2020-11-12 |
| CVE-2020-12355 | Intel TXE 安全漏洞 — Intel(R) TXE | 6.8 | - | 2020-11-12 |
| CVE-2020-8705 | 多款Intel产品安全漏洞 — Intel(R) Boot Guard, Intel(R) CSME, Intel(R) TXE, Intel(R) SPS | 6.8 | - | 2020-11-12 |
| CVE-2020-8745 | Intel TXE 安全漏洞 — Intel(R) CSME, Intel(R) TXE | 6.8 | - | 2020-11-12 |
| CVE-2020-8753 | Intel AMT和Intel ISM 缓冲区错误漏洞 — Intel(R) AMT, Intel(R) ISM versions | 5.3 | - | 2020-11-12 |
| CVE-2020-8752 | Intel AMT 缓冲区错误漏洞 — Intel(R) AMT, Intel(R) ISM versions | 9.8 | - | 2020-11-12 |
| CVE-2020-12312 | Intel Quartus Prime Pro 缓冲区错误漏洞 — Intel(R) Stratix(R) 10 FPGA firmware provided with the Intel(R) Quartus(R) Prime Pro software | 6.8 | - | 2020-11-12 |
| CVE-2020-8737 | Intel Stratix FPGA firmware provided 和 Intel Quartus Prime Pro software 缓冲区错误漏洞 — Intel(R) Stratix(R) 10 FPGA firmware provided with the Intel(R) Quartus(R) Prime Pro software | 6.8 | - | 2020-11-12 |
| CVE-2020-0584 | Intel SSD DC和Intel Optane SSD 缓冲区错误漏洞 — Intel(R) SSD DC P4800X and P4801X Series, Intel(R) Optane(TM) SSD 900P and 905P Series | 6.2 | - | 2020-11-12 |
| CVE-2020-12311 | Intel 多款产品安全漏洞 — Intel(R) Client SSDs and some Intel(R) Data Center SSDs | 4.6 | - | 2020-11-12 |
| CVE-2020-12310 | Intel 多款产品安全漏洞 — Intel(R) Client SSDs and some Intel(R) Data Center SSDs | 4.6 | - | 2020-11-12 |
| CVE-2020-12309 | Intel Client SSDs 和 Intel Data Center SSDs 安全漏洞 — Intel(R) Client SSDs and some Intel(R) Data Center SSDs | 4.6 | - | 2020-11-12 |
| CVE-2020-7472 | SugarCRM 安全漏洞 — n/a | 9.8 | - | 2020-11-12 |
| CVE-2020-27481 | GoodLayers LMS for Wordpress SQL注入漏洞 — n/a | 9.8 | - | 2020-11-12 |
| CVE-2020-26070 | Cisco IOS XR Software for Cisco ASR 9000 Series Aggregation Services Routers Slow Path Forwarding Denial of Service Vulnerability — Cisco IOS XR SoftwareCWE-404 | 8.6 | High | 2020-11-12 |
| CVE-2020-27146 | TIBCO iProcess Workspace Browser CSRF — TIBCO iProcess Workspace (Browser) | 5.0 | Medium | 2020-11-10 |
| CVE-2020-26810 | SAP Commerce Cloud 安全漏洞 — SAP Commerce Cloud (Accelerator Payment Mock) | 7.5 | - | 2020-11-10 |
| CVE-2020-26823 | sap solution manager (java stack) 安全漏洞 — SAP Solution Manager (JAVA stack) | 10.0 | - | 2020-11-10 |
| CVE-2020-26821 | sap solution manager (java stack) 安全漏洞 — SAP Solution Manager (JAVA stack) | 10.0 | - | 2020-11-10 |
| CVE-2020-26824 | sap solution manager (java stack) 安全漏洞 — SAP Solution Manager (JAVA stack) | 10.0 | - | 2020-11-10 |
| CVE-2020-26822 | sap solution manager (java stack) 安全漏洞 — SAP Solution Manager (JAVA stack) | 10.0 | - | 2020-11-10 |
| CVE-2020-26820 | SAP NetWeaver AS JAVA 代码问题漏洞 — SAP NetWeaver AS JAVA | 7.2 | - | 2020-11-10 |
| CVE-2020-26811 | SAP Commerce Cloud 代码问题漏洞 — SAP Commerce Cloud (Accelerator Payment Mock) | 5.3 | - | 2020-11-10 |
| CVE-2020-24384 | A10 Networks ACOS和A10 Networks aGalaxy 安全漏洞 — n/a | 9.8 | - | 2020-11-10 |
| CVE-2020-13927 | Apache Airflow 安全漏洞 — Apache Airflow | 9.8 | - | 2020-11-10 |
Vulnerabilities classified as access:pre-auth represent 19252 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.