Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

access:pre-auth — CVE vulnerabilities tagged 19252

19252 CVE security advisories tagged "access:pre-auth" with AI Chinese analysis, CVSS, references and POCs.

The tag "access:pre-auth" identifies vulnerabilities that allow unauthenticated attackers to gain unauthorized access to a system, application, or network resource before legitimate credentials are verified. This classification is critical because it represents the lowest barrier to entry for exploitation, enabling remote code execution, data exfiltration, or full system compromise without prior authentication. Typical scenarios involve flaws in authentication mechanisms, such as broken access controls, insecure direct object references, or logic errors in session management that bypass login requirements. Attackers frequently target these weaknesses via exposed APIs, administrative interfaces, or default configurations. Because no user interaction or valid credentials are needed, pre-authentication flaws are among the most severe and widely exploited security issues, often leading to immediate breach of confidentiality, integrity, and availability across affected infrastructure.

CVE IDTitleCVSSSeverityPublished
CVE-2016-1421 Cisco IP 8800 缓冲区错误漏洞 — Cisco IP PhonesCWE-119 9.1 -2016-06-10
CVE-2015-1772 Apache Hive HiveServer2接口授权问题漏洞 — n/a 9.1 -2015-12-21
CVE-2015-8214 Siemens多款产品 权限许可和访问控制问题漏洞 — n/a 9.1 -2015-11-27
CVE-2014-3612 Apache ActiveMQ 授权问题漏洞 — n/a 8.1 -2015-08-24
CVE-2010-5308 GE Healthcare Optima MR360 信任管理漏洞 — n/a 6.8 -2015-08-04
CVE-2014-1901 多款Y-Cam产品拒绝服务漏洞 — n/a 9.8 -2015-05-14
CVE-2015-3143 Haxx cURL和libcurl 安全漏洞 — n/a 8.2 -2015-04-24
CVE-2015-0225 Apache Cassandra 操作系统命令注入漏洞 — n/a 9.8 -2015-04-03
CVE-2014-9043 OwnCloud user_ldap应用程序权限许可和访问控制漏洞 — n/a 9.8 -2015-02-04
CVE-2014-7807 Apache CloudStack 授权问题漏洞 — n/a 9.8 -2014-12-10
CVE-2014-0488 APT 输入验证错误漏洞 — n/a 8.8 -2014-11-03
CVE-2014-6387 MantisBT 身份验证绕过漏洞 — n/a 9.8 -2014-10-22
CVE-2014-8088 Zend Framework 身份验证绕过漏洞 — n/a 9.8 -2014-10-22
CVE-2014-8763 DokuWiki 身份验证绕过漏洞 — n/a 8.1 -2014-10-22
CVE-2014-0074 Apache Shiro‘login.jsp’ 授权问题漏洞 — n/a 8.1 -2014-10-06
CVE-2014-4668 Cherokee 授权问题漏洞 — n/a 8.1 -2014-07-02
CVE-2013-3514 OpenX 目录遍历漏洞 — n/a 7.5 -2014-05-14
CVE-2014-0778 Progea Movicon SCADA Exposure of Sensitive Information to an Unauthorized Actor — MoviconCWE-200 5.3 -2014-04-19
CVE-2014-2744 Prosody和Lightwitch Metronome 输入验证漏洞 — n/a 5.9 -2014-04-11
CVE-2013-2945 b2evolution SQL注入漏洞 — n/a 8.8 -2014-04-02
CVE-2014-2034 Sonatype Nexus 安全漏洞 — n/a 9.8 -2014-04-01
CVE-2013-2559 Symphony CMS ‘sort’参数SQL注入漏洞 — n/a 8.8 -2014-03-27
CVE-2013-1408 WordPress Wysija Newsletters插件多个SQL注入漏洞 — n/a 9.8 -2014-03-24
CVE-2013-3727 Kasseler CMS ‘groups’参数SQL注入漏洞 — n/a 8.8 -2014-03-13
CVE-2012-6290 ImageCMS ‘q’参数SQL注入漏洞 — n/a 8.8 -2014-03-11
CVE-2014-1888 WordPress BuddyPress 跨站脚本漏洞 — n/a 5.4 -2014-02-28
CVE-2014-0626 EMC RSA BSAFE JSAFE和JSSE API 加密问题漏洞 — n/a 5.9 -2014-02-18
CVE-2013-3365 Trendnet TEW-812DRU 操作系统命令注入漏洞 — n/a 8.8 -2014-02-04
CVE-2014-1204 Tableau Server SQL注入漏洞 — n/a 7.5 -2014-01-31
CVE-2013-7106 Icinga Web Interface 缓冲区溢出漏洞 — n/a 8.8 -2014-01-14

Vulnerabilities classified as access:pre-auth represent 19252 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.