Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

access:pre-auth — CVE vulnerabilities tagged 19252

19252 CVE security advisories tagged "access:pre-auth" with AI Chinese analysis, CVSS, references and POCs.

The tag "access:pre-auth" identifies vulnerabilities that allow unauthenticated attackers to gain unauthorized access to a system, application, or network resource before legitimate credentials are verified. This classification is critical because it represents the lowest barrier to entry for exploitation, enabling remote code execution, data exfiltration, or full system compromise without prior authentication. Typical scenarios involve flaws in authentication mechanisms, such as broken access controls, insecure direct object references, or logic errors in session management that bypass login requirements. Attackers frequently target these weaknesses via exposed APIs, administrative interfaces, or default configurations. Because no user interaction or valid credentials are needed, pre-authentication flaws are among the most severe and widely exploited security issues, often leading to immediate breach of confidentiality, integrity, and availability across affected infrastructure.

CVE IDTitleCVSSSeverityPublished
CVE-2020-26574 Leostream Connection 跨站脚本漏洞 — n/a 6.1 -2020-10-06
CVE-2020-8782 ALEOS LAN-Side RPC Service Remote Code Execution — n/a 7.5 High2020-10-06
CVE-2020-24219 IPTV H.264/H.265 video 路径遍历漏洞 — n/a 9.8 -2020-10-06
CVE-2020-24217 IPTV H.264/H.265 video 访问控制错误漏洞 — n/a 9.8 -2020-10-06
CVE-2020-24216 IPTV/H.264/H.265 video 默认配置问题漏洞 — n/a 7.5 -2020-10-06
CVE-2020-24214 IPTV H.264 H.265 安全漏洞 — n/a 9.1 -2020-10-06
CVE-2020-23832 projectworlds car rental management system 跨站脚本漏洞 — n/a 6.1 -2020-10-06
CVE-2020-15235 Sensitive data exposure in RACTF — coreCWE-200 5.9 Medium2020-10-05
CVE-2020-26061 ClickStudios Passwordstate 授权问题漏洞 — n/a 9.1 -2020-10-05
CVE-2020-15589 ManageEngine Desktop Central 安全漏洞 — n/a 8.1 -2020-10-02
CVE-2020-24698 PowerDNS 资源管理错误漏洞 — n/a 9.8 -2020-10-02
CVE-2020-24697 PowerDNS 安全漏洞 — n/a 7.5 -2020-10-02
CVE-2020-24696 PowerDNS 竞争条件问题漏洞 — n/a 8.1 -2020-10-02
CVE-2020-12127 WAVLINK 信息泄露漏洞 — n/a 7.5 -2020-10-02
CVE-2020-12126 WAVLINK 授权问题漏洞 — n/a 9.8 -2020-10-02
CVE-2020-12125 WAVLINK 安全漏洞 — n/a 9.8 -2020-10-02
CVE-2020-12124 WAVLINK wavlink 操作系统命令注入漏洞 — n/a 9.8 -2020-10-02
CVE-2020-26518 Artica Pandora FMS SQL注入漏洞 — n/a 9.8 -2020-10-02
CVE-2020-9487 Apache NiFi 访问控制错误漏洞 — Apache NiFi 7.5 -2020-10-01
CVE-2020-5785 Teltonika firmware 跨站脚本漏洞 — Teltonika Gateway TRB245 6.1 -2020-10-01
CVE-2020-15533 Zoho ManageEngine Application Manager SQL注入漏洞 — n/a 9.8 -2020-10-01
CVE-2020-15487 Desk SQL注入漏洞 — n/a 9.8 -2020-09-30
CVE-2018-11765 Apache Hadoop 授权问题漏洞 — Apache Hadoop 7.5 -2020-09-30
CVE-2020-12505 WAGO: Vulnerability in web-based authentication in WAGO 750-8XX Version <= FW07 — 750-852CWE-306 8.2 High2020-09-30
CVE-2020-12506 WAGO: Authentication Bypass Vulnerability in WAGO 750-36X and WAGO 750-8XX Versions <= FW03 — 750-362CWE-306 9.1 Critical2020-09-30
CVE-2018-5353 ZOHO ManageEngine ADSelfService Plus 安全漏洞 — n/a 9.8 -2020-09-29
CVE-2018-5354 ANIXIS Password Reset Client 安全漏洞 — n/a 9.8 -2020-09-29
CVE-2020-25763 Seat Reservation System 代码问题漏洞 — n/a 9.8 -2020-09-29
CVE-2020-5930 F5 BIG-IP 安全漏洞 — BIG-IP, BIG-IQ 7.5 -2020-09-25
CVE-2020-15373 Brocade Fabric OS 缓冲区错误漏洞 — Brocade Fabric OS 9.8 -2020-09-25

Vulnerabilities classified as access:pre-auth represent 19252 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.