Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

access:pre-auth — CVE vulnerabilities tagged 19253

19253 CVE security advisories tagged "access:pre-auth" with AI Chinese analysis, CVSS, references and POCs.

The tag "access:pre-auth" identifies vulnerabilities that allow unauthenticated attackers to gain unauthorized access to a system, application, or network resource before legitimate credentials are verified. This classification is critical because it represents the lowest barrier to entry for exploitation, enabling remote code execution, data exfiltration, or full system compromise without prior authentication. Typical scenarios involve flaws in authentication mechanisms, such as broken access controls, insecure direct object references, or logic errors in session management that bypass login requirements. Attackers frequently target these weaknesses via exposed APIs, administrative interfaces, or default configurations. Because no user interaction or valid credentials are needed, pre-authentication flaws are among the most severe and widely exploited security issues, often leading to immediate breach of confidentiality, integrity, and availability across affected infrastructure.

CVE IDTitleCVSSSeverityPublished
CVE-2013-7106 Icinga Web Interface 缓冲区溢出漏洞 — n/a 8.8 -2014-01-14
CVE-2013-6918 Satechi Travel Router Web接口安全漏洞 — n/a 5.9 -2013-11-30
CVE-2013-3469 Cisco Mobility Services Engine 安全绕过漏洞 — n/a 5.9 -2013-09-04
CVE-2012-5952 IBM WebSphere Message Broker 授权问题漏洞 — n/a 5.3 -2013-02-20
CVE-2012-2243 Mahara 跨站脚本漏洞 — n/a 6.1 -2012-11-24
CVE-2012-2244 Mahara 权限许可和访问控制漏洞 — n/a 7.2 -2012-11-24
CVE-2012-2377 JBoss Enterprise BRMS Platform JGroups Diagnostics Service 信息泄露漏洞 — n/a 4.3 -2012-11-23
CVE-2011-4945 PolicyKit 权限许可和访问控制问题漏洞 — n/a 7.8 -2012-10-01
CVE-2012-4752 ownCloud ‘appconfig.php’权限许可和访问控制漏洞 — n/a 6.5 -2012-09-05
CVE-2012-2670 Collabtive ‘manageuser.php’ 任意代码执行漏洞 — n/a 8.8 -2012-06-17
CVE-2011-4140 Django CSRF机制跨站请求伪造漏洞 — n/a 8.1 -2011-10-19
CVE-2011-1507 Digium Asterisk安全绕过和拒绝服务漏洞 — n/a 7.5 -2011-04-27
CVE-2010-4506 Oracle Passlogix v-GO Self-Service Password Reset和OEM加密问题漏洞 — n/a 6.8 -2011-02-07
CVE-2010-3482 Bouzouste Primitive CMS 'cms_write.php'多个SQL注入漏洞 — n/a 7.2 -2010-09-22
CVE-2010-2448 ZNC 'znc.cpp'空指针引用拒绝服务漏洞 — n/a 6.5 -2010-07-12
CVE-2009-3555 Apache HTTP Server 信任管理问题漏洞 — n/a 5.9 -2009-11-09
CVE-2009-1536 Microsoft .NET Framework请求调度远程拒绝服务漏洞 — n/a 7.5 -2009-08-12
CVE-2008-6760 ViArt Shop 'cart_save.php'信息泄露漏洞 — n/a 5.3 -2009-04-28
CVE-2008-6524 openInvoice 'resetpass.php'身份认证授权绕过漏洞 — n/a 6.5 -2009-03-25
CVE-2009-0964 Xlinesoft PHPRunner 脚本UserView_list.php SQL注入漏洞 — n/a 9.8 -2009-03-19
CVE-2009-0275 ryneezy phosheezy 代码注入漏洞 — n/a 9.8 -2009-01-26
CVE-2009-0251 ryneezy phosheezy 'admin.php'代码注入漏洞 — n/a 9.8 -2009-01-22
CVE-2008-5673 phparanoid 权限许可和访问控制漏洞 — n/a 9.8 -2008-12-18
CVE-2008-5408 Symantec Backup Exec for Windows Servers 数据管理协议缓冲区溢出漏洞 — n/a 8.8 -2008-12-09
CVE-2008-4875 Philips VOIP841 DECT Phone web GET请求目录遍历漏洞 — n/a 8.1 -2008-10-31
CVE-2008-3909 Django Login Form 跨站脚本攻击漏洞 — n/a 8.1 -2008-09-04
CVE-2008-3283 RedHat 目录服务器内存泄露 拒绝服务漏洞 — n/a 7.5 -2008-08-29
CVE-2008-1381 ZoneMinder ZoneMinder多个未明远程代码执行漏洞 — n/a 8.8 -2008-05-01
CVE-2008-1923 asterisk 拒绝服务漏洞 — n/a 5.9 -2008-04-23
CVE-2008-1897 Asterisk IAX2报文放大远程拒绝服务漏洞 — n/a 8.8 -2008-04-23

Vulnerabilities classified as access:pre-auth represent 19253 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.