Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

access:pre-auth — CVE vulnerabilities tagged 18885

18885 CVE security advisories tagged "access:pre-auth" with AI Chinese analysis, CVSS, references and POCs.

CVE IDTitleCVSSSeverityPublished
CVE-2024-42427 Dell ThinOS 安全漏洞 — Wyse Proprietary OS (Modern ThinOS)CWE-77 7.6 High2024-09-10
CVE-2024-45504 Trend Micro InterScan WebManager 安全漏洞 — InterSafe WebFilter 8.8AIHighAI2024-09-10
CVE-2024-45279 Cross-Site Scripting (XSS) vulnerability in SAP NetWeaver Application Server for ABAP (CRM Blueprint Application Builder Panel) — SAP NetWeaver Application Server for ABAP (CRM Blueprint Application Builder Panel)CWE-79 6.1 Medium2024-09-10
CVE-2024-44120 Cross-Site Scripting (XSS) vulnerability in SAP NetWeaver Enterprise Portal — SAP NetWeaver Enterprise PortalCWE-79 4.7 Medium2024-09-10
CVE-2024-8478 Affiliate Super Assistent <= 1.5.3 - Unauthenticated Arbitrary Shortcode Execution — Affiliate Super AssistentCWE-94 7.3 High2024-09-10
CVE-2024-6342 Zyxel NAS542和NAS326 操作系统命令注入漏洞 — NAS326 firmwareCWE-78 9.8 Critical2024-09-10
CVE-2024-44667 Haichangxing HCX H822 安全漏洞 — n/a 9.8AICriticalAI2024-09-10
CVE-2024-6796 Vulnerability in Baxter Connex Health Portal — Connex Health PortalCWE-284 8.2 High2024-09-09
CVE-2024-6795 Vulnerability in Baxter Connex Health Portal — Connex Health PortalCWE-89 10.0 Critical2024-09-09
CVE-2024-8584 LEARNING DIGITAL Orca HCM - Missing Authentication — Orca HCMCWE-306 9.8 Critical2024-09-09
CVE-2024-6928 Opti Marketing <= 2.0.9 - Unauthenticated SQLi — Opti Marketing 9.8AICriticalAI2024-09-08
CVE-2024-6924 TrueBooker < 1.0.3 - Multiple Unauthenticated SQLi — TrueBooker 9.8AICriticalAI2024-09-08
CVE-2024-40711 Veeam Backup & Replication 安全漏洞 — Backup and Recovery 9.8AICriticalAI2024-09-07
CVE-2024-6010 Cost Calculator Builder PRO <= 3.2.1 - Unauthenticated Price Manipulation — Cost Calculator Builder PROCWE-472 5.3 Medium2024-09-07
CVE-2024-1596 Ninja Forms File Uploads <= 3.3.16 - Unauthenticated Stored Cross-Site Scripting via File Upload — Ninja Forms - File UploadsCWE-79 7.2 High2024-09-07
CVE-2024-8517 SPIP Bigup Multipart File Upload OS Command Injection — SPIPCWE-73 9.8 Critical2024-09-06
CVE-2024-7493 WPCOM Member <= 1.5.2.1 - Unauthenticated Privilege Escalation via User Meta — WPCOM MemberCWE-269 9.8 Critical2024-09-06
CVE-2024-8292 WP-Recall – Registration, Profile, Commerce & More <= 16.26.8 - Insecure Direct Object Reference to Unauthenticated Arbitrary Password Update — WP-Recall – Registration, Profile, Commerce & MoreCWE-639 9.8 Critical2024-09-06
CVE-2024-7415 Remember Me Controls <= 2.0.1 - Unauthenticated Full Path Disclosure — Remember Me ControlsCWE-200 5.3 Medium2024-09-06
CVE-2024-7381 Geo Controller <= 8.6.9 - Missing Authorization to Unauthenticated Shortcode Execution — Geo ControllerCWE-862 5.3 Medium2024-09-05
CVE-2024-5957 Trellix IPS Manager 安全漏洞 — Intrusion Prevention System (IPS) ManagerCWE-305 6.3 Medium2024-09-05
CVE-2024-5956 Trellix IPS Manager 安全漏洞 — Intrusion Prevention System (IPS) ManagerCWE-305 6.5 Medium2024-09-05
CVE-2024-6332 Booking for Appointments and Events Calendar – Amelia Premium <= 7.7 and Lite <= 1.2.4 - Missing Authorization to Sensitive Information Exposure — Booking for Appointments and Events Calendar – AmeliaCWE-862 6.5 Medium2024-09-05
CVE-2024-6835 Ivory Search – WordPress Search Plugin <= 5.5.6 - Information Exposure via AJAX Search Form — Ivory Search – WordPress Search PluginCWE-200 5.3 Medium2024-09-05
CVE-2024-6846 SmartSearchWP <= 2.4.4 - Unauthenticated Log Purge — Chatbot with ChatGPT WordPress 5.3AIMediumAI2024-09-05
CVE-2024-7627 Bit File Manager 6.0 - 6.5.5 - Unauthenticated Remote Code Execution via Race Condition — Bit File Manager – 100% Free & Open Source File Manager and Code Editor for WordPressCWE-94 8.1 High2024-09-05
CVE-2024-20505 ClamAV Memory Handling DoS — ClamAV 4.0 Medium2024-09-04
CVE-2024-20440 Cisco Smart Licensing Utility 安全漏洞 — Cisco Smart License UtilityCWE-532 7.5 High2024-09-04
CVE-2024-20439 Cisco Smart Licensing Utility 安全漏洞 — Cisco Smart License UtilityCWE-912 9.8 Critical2024-09-04
CVE-2024-45052 Fides Webserver Authentication Timing-Based Username Enumeration Vulnerability — fidesCWE-208 5.3 Medium2024-09-04

Vulnerabilities classified as access:pre-auth represent 18885 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.