Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

access:pre-auth — CVE vulnerabilities tagged 19250

19250 CVE security advisories tagged "access:pre-auth" with AI Chinese analysis, CVSS, references and POCs.

The tag "access:pre-auth" identifies vulnerabilities that allow unauthenticated attackers to gain unauthorized access to a system, application, or network resource before legitimate credentials are verified. This classification is critical because it represents the lowest barrier to entry for exploitation, enabling remote code execution, data exfiltration, or full system compromise without prior authentication. Typical scenarios involve flaws in authentication mechanisms, such as broken access controls, insecure direct object references, or logic errors in session management that bypass login requirements. Attackers frequently target these weaknesses via exposed APIs, administrative interfaces, or default configurations. Because no user interaction or valid credentials are needed, pre-authentication flaws are among the most severe and widely exploited security issues, often leading to immediate breach of confidentiality, integrity, and availability across affected infrastructure.

CVE IDTitleCVSSSeverityPublished
CVE-2020-3574 Cisco IP Phone TCP Packet Flood Denial of Service Vulnerability — Cisco IP Phones with Multiplatform FirmwareCWE-371 7.5 High2020-11-06
CVE-2020-3551 Cisco Identity Services Engine Cross-Site Scripting Vulnerability — Cisco Identity Services Engine SoftwareCWE-79 6.1 Medium2020-11-06
CVE-2020-3444 Cisco SD-WAN Software Packet Filtering Bypass Vulnerability — Cisco SD-WAN SolutionCWE-20 7.5 -2020-11-06
CVE-2020-3284 Cisco IOS XR Software Enhanced Preboot eXecution Environment Unsigned Code Execution Vulnerability — Cisco IOS XR SoftwareCWE-284 9.8 -2020-11-06
CVE-2020-26214 LDAP authentication bypass in Alerta — alertaCWE-287 9.1 Critical2020-11-06
CVE-2020-25172 B. Braun OnlineSuite — OnlineSuiteCWE-23 9.8 -2020-11-06
CVE-2020-8580 netapp santricity os controller software 安全漏洞 — E-Series SANtricity OS Controller Software 7.5 -2020-11-06
CVE-2020-5649 Mitsubishi Electric gt14 model 资源管理错误漏洞 — GT14 Model of GOT 1000 series 7.5 -2020-11-06
CVE-2020-5648 Mitsubishi Electric gt14 model 参数注入漏洞 — GT14 Model of GOT 1000 series 9.1 -2020-11-06
CVE-2020-5647 Mitsubishi Electric gt14 model 安全漏洞 — GT14 Model of GOT 1000 series 9.8 -2020-11-06
CVE-2020-5646 Mitsubishi Electric gt14 model 代码问题漏洞 — GT14 Model of GOT 1000 series 7.5 -2020-11-06
CVE-2020-5644 Mitsubishi Electric GT14 Model 注入漏洞 — GT14 Model of GOT 1000 series 9.8 -2020-11-06
CVE-2020-5645 Mitsubishi Electric gt14 model 授权问题漏洞 — GT14 Model of GOT 1000 series 9.8 -2020-11-06
CVE-2020-15952 Immuta 跨站脚本漏洞 — n/a 8.9 -2020-11-05
CVE-2020-7128 Aruba Networks Aruba Airwave 命令注入漏洞 — Aruba Airwave Software 9.8 -2020-11-04
CVE-2020-9368 PrestaShop 路径遍历漏洞 — n/a 7.5 -2020-11-02
CVE-2020-14750 Oracle Fusion Middleware 安全漏洞 — WebLogic Server 9.8 Critical2020-11-01
CVE-2020-5657 多款Mitsubishi Electric产品参数注入漏洞 — MELSEC iQ-R series 6.5 -2020-10-30
CVE-2020-5658 多款Mitsubishi Electric产品资源管理错误漏洞 — MELSEC iQ-R series 7.5 -2020-10-30
CVE-2020-5655 多款Mitsubishi Electric产品代码问题漏洞 — MELSEC iQ-R series 7.5 -2020-10-30
CVE-2020-5656 多款Mitsubishi Electric产品安全漏洞 — MELSEC iQ-R series 9.1 -2020-10-30
CVE-2020-5653 多款Mitsubishi Electric产品安全漏洞 — MELSEC iQ-R series 9.1 -2020-10-30
CVE-2020-5654 多款Mitsubishi Electric产品授权问题漏洞 — MELSEC iQ-R series 7.5 -2020-10-30
CVE-2020-5652 多款Mitsubishi Electric产品资源管理错误漏洞 — MELSEC iQ-R, Q and L series 7.5 -2020-10-30
CVE-2020-27886 Github eonweb SQL注入漏洞 — n/a 9.8 -2020-10-29
CVE-2020-27739 Citadel WebCit 代码问题漏洞 — n/a 9.8 -2020-10-28
CVE-2020-27740 Citadel WebCit 安全漏洞 — n/a 5.3 -2020-10-28
CVE-2020-27978 Shibboleth 资源管理错误漏洞 — n/a 7.5 -2020-10-28
CVE-2020-26879 Ruckus Networks Ruckus vRioT 信任管理问题漏洞 — n/a 9.8 -2020-10-26
CVE-2020-26566 Motion-Project Motion 缓冲区错误漏洞 — n/a 7.5 -2020-10-26

Vulnerabilities classified as access:pre-auth represent 19250 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.