Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

access:pre-auth — CVE vulnerabilities tagged 18839

18839 CVE security advisories tagged "access:pre-auth" with AI Chinese analysis, CVSS, references and POCs.

CVE IDTitleCVSSSeverityPublished
CVE-2025-14733 WatchGuard Firebox iked Out of Bounds Write Vulnerability — Fireware OSCWE-787 9.8 -2025-12-19
CVE-2025-66909 turms 安全漏洞 — n/a 7.5AIHighAI2025-12-19
CVE-2025-68387 Kibana Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') — KibanaCWE-79 6.1 Medium2025-12-18
CVE-2025-13427 Authentication Bypass in Dialogflow CX Messenger — Dialogflow CX MessengerCWE-287 9.1AICriticalAI2025-12-18
CVE-2025-68382 Packetbeat Out-of-bounds Read — PacketbeatCWE-125 6.5 Medium2025-12-18
CVE-2025-68381 Packetbeat Improper Bounds Check — PacketbeatCWE-787 6.5 Medium2025-12-18
CVE-2025-68388 Elastic Packetbeat 安全漏洞 — PacketbeatCWE-770 5.3 Medium2025-12-18
CVE-2023-53941 EasyPHP Webserver 14.1 Remote Code Execution — EasyPHP WebserverCWE-78 9.8 Critical2025-12-18
CVE-2025-14739 Uninitialized Pointer Vulnerability in TP-Link WR940N and WR941ND — WR940N and WR941NDCWE-824 8.4AIHighAI2025-12-18
CVE-2025-14738 Configuration Disclosure Vulnerability in TP-Link WA850RE — WA850RECWE-287 7.5AIHighAI2025-12-18
CVE-2025-14823 Certificate Signing Extension Returns Encrypted Values — ScreenConnectCWE-201 5.3 Medium2025-12-18
CVE-2025-65007 Missing Authentication for Critical Function in WODESYS WD-R608U router — WD-R608UCWE-306 9.8AICriticalAI2025-12-18
CVE-2025-40893 HTML injection in Asset List in Guardian/CMC before 25.5.0 — GuardianCWE-79 6.1 Medium2025-12-18
CVE-2025-40891 HTML injection in in Time Machine functionality in Guardian/CMC before 25.5.0 — GuardianCWE-79 4.7 Medium2025-12-18
CVE-2025-14437 Hummingbird <= 3.18.0 - Unauthenticated Sensitive Information Exposure via Log File — Hummingbird Performance – Cache & Page Speed Optimization for Core Web Vitals | Critical CSS | Minify CSS | Defer CSS Javascript | CDNCWE-532 7.5 High2025-12-18
CVE-2025-64373 WordPress Traveler theme < 3.2.6 - Local File Inclusion vulnerability — TravelerCWE-98 8.1 High2025-12-18
CVE-2025-47372 Buffer Copy Without Checking Size of Input in Boot — SnapdragonCWE-120 9.0 Critical2025-12-18
CVE-2025-63387 dify 安全漏洞 — n/a 7.5AIHighAI2025-12-18
CVE-2025-63388 dify 安全漏洞 — n/a 7.4AIHighAI2025-12-18
CVE-2025-63390 AnythingLLM 安全漏洞 — n/a 5.3AIMediumAI2025-12-18
CVE-2025-63391 Open WebUI 安全漏洞 — n/a 5.3AIMediumAI2025-12-18
CVE-2025-63950 twittodon 安全漏洞 — n/a 7.5AIHighAI2025-12-18
CVE-2025-63951 RPi-Jukebox-RFID 安全漏洞 — n/a 9.8AICriticalAI2025-12-18
CVE-2025-65562 free5GC 安全漏洞 — n/a 7.5AIHighAI2025-12-18
CVE-2023-53930 ProjectSend r1605 Insecure Direct Object Reference File Download Vulnerability — projectSendCWE-639 7.5 High2025-12-17
CVE-2023-53922 TinyWebGallery v2.5 Remote Code Execution via Unrestricted File Upload — TinyWebGalleryCWE-434 9.8 Critical2025-12-17
CVE-2023-53923 UliCMS 2023.1 Privilege Escalation via Unauthenticated Admin Account Creation — UlicmsCWE-862 9.8 Critical2025-12-17
CVE-2023-53914 UliCMS 2023.1 Authentication Bypass via Mass Assignment Vulnerability — UlicmsCWE-639 9.8 Critical2025-12-17
CVE-2025-68434 opensourcepos has Cross-Site Request Forgery vulnerability that leads to Unauthorized Administrator Creation — opensourceposCWE-352 8.8 High2025-12-17
CVE-2025-43428 Apple多款产品 安全漏洞 — iOS and iPadOS 5.3AIMediumAI2025-12-17

Vulnerabilities classified as access:pre-auth represent 18839 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.