access:pre-auth 类型相关 18997 条 CVE 漏洞,含 AI 中文分析、CVSS、参考链接与 POC。
“access:pre-auth”标签标识了无需身份验证即可触发的漏洞,涵盖18971个CVE。此类漏洞之所以关键,是因为攻击者无需凭证即可直接利用,极大降低了攻击门槛并扩大了潜在受害面。典型场景包括远程代码执行、未授权数据访问及拒绝服务攻击,常见于配置错误的API接口、默认凭证服务或存在逻辑缺陷的认证前处理模块,对系统安全性构成直接且严重的威胁。
| CVE ID | 标题 | CVSS | 风险等级 | Published |
|---|---|---|---|---|
| CVE-2023-3519 | Citrix ADC 和 Citrix Gateway 代码注入漏洞 — NetScaler ADCCWE-94 | 9.8 | Critical | 2023-07-19 |
| CVE-2023-22055 | Oracle JD Edwards 安全漏洞 — JD Edwards EnterpriseOne Tools | 6.1 | Medium | 2023-07-18 |
| CVE-2023-22051 | Oracle Java SE 安全漏洞 — GraalVM Enterprise Edition | 3.7 | Low | 2023-07-18 |
| CVE-2023-22049 | Oracle Java SE 安全漏洞 — Java SE JDK and JRE | 3.7 | Low | 2023-07-18 |
| CVE-2023-22047 | Oracle PeopleSoft Enterprise PeopleTools 安全漏洞 — PeopleSoft Enterprise PT PeopleTools | 7.5 | High | 2023-07-18 |
| CVE-2023-22045 | Oracle Java SE 安全漏洞 — Java SE JDK and JRE | 3.7 | Low | 2023-07-18 |
| CVE-2023-22044 | Oracle Java SE 安全漏洞 — Java SE JDK and JRE | 3.7 | Low | 2023-07-18 |
| CVE-2023-22043 | Oracle Java SE 安全漏洞 — Java SE JDK and JRE | 5.9 | Medium | 2023-07-18 |
| CVE-2023-22042 | Oracle E-Business Suite 安全漏洞 — Applications Framework | 6.1 | Medium | 2023-07-18 |
| CVE-2023-22041 | Oracle Java SE 安全漏洞 — Java SE JDK and JRE | 5.1 | Medium | 2023-07-18 |
| CVE-2023-22036 | Oracle Java SE 安全漏洞 — Java SE JDK and JRE | 3.7 | Low | 2023-07-18 |
| CVE-2023-22035 | Oracle E-Business Suite 跨站脚本漏洞 — Scripting | 6.1 | Medium | 2023-07-18 |
| CVE-2023-22018 | Oracle Virtualization 安全漏洞 — VM VirtualBox | 8.1 | High | 2023-07-18 |
| CVE-2023-22014 | Oracle PeopleSoft Enterprise PeopleTools 安全漏洞 — PeopleSoft Enterprise PT PeopleTools | 8.4 | High | 2023-07-18 |
| CVE-2023-22006 | Oracle Java SE 安全漏洞 — Java SE JDK and JRE | 3.1 | Low | 2023-07-18 |
| CVE-2023-21994 | Oracle Fusion Middleware 安全漏洞 — Mobile Security Suite | 6.5 | Medium | 2023-07-18 |
| CVE-2023-22004 | Oracle E-Business Suite 安全漏洞 — E-Business Suite Technology Stack | 4.3 | Medium | 2023-07-18 |
| CVE-2023-21983 | Oracle Application Express 安全漏洞 — Application Express (APEX) | 5.6 | Medium | 2023-07-18 |
| CVE-2023-21949 | Oracle Database Server 安全漏洞 — Advanced Networking Option | 3.7 | Low | 2023-07-18 |
| CVE-2023-35763 | Iagona ScrutisWeb 信任管理问题漏洞 — ScrutisWeb | 5.5 | Medium | 2023-07-18 |
| CVE-2023-33871 | Iagona ScrutisWeb 安全漏洞 — ScrutisWeb | 7.5 | High | 2023-07-18 |
| CVE-2023-38257 | Iagona ScrutisWeb 安全漏洞 — ScrutisWeb | 7.5 | High | 2023-07-18 |
| CVE-2023-35189 | Iagona ScrutisWeb 代码问题漏洞 — ScrutisWebCWE-434 | 10.0 | Critical | 2023-07-18 |
| CVE-2023-3709 | WordPress plugin Royal Elementor Addons 信息泄露漏洞 — Royal Addons for Elementor – Addons and Templates Kit for ElementorCWE-200 | 5.3 | Medium | 2023-07-18 |
| CVE-2023-3708 | WordPress themes DeoThemes 跨站脚本漏洞 — AmelaCWE-79 | 6.1 | Medium | 2023-07-18 |
| CVE-2023-37265 | CasaOS 访问控制错误漏洞 — CasaOS-GatewayCWE-306 | 9.8 | Critical | 2023-07-17 |
| CVE-2023-37266 | CasaOS 授权问题漏洞 — CasaOSCWE-287 | 9.8 | Critical | 2023-07-17 |
| CVE-2023-34141 | Zyxel ATP 操作系统命令注入漏洞 — ATP series firmwareCWE-78 | 8.0 | High | 2023-07-17 |
| CVE-2023-34140 | Zyxel ATP 安全漏洞 — ATP series firmwareCWE-120 | 6.5 | Medium | 2023-07-17 |
| CVE-2023-34139 | Zyxel USG FLEX 操作系统命令注入漏洞 — USG FLEX series firmwareCWE-78 | 8.8 | High | 2023-07-17 |
access:pre-auth 是常见的弱点类别,本平台收录该类弱点关联的 18997 条 CVE 漏洞。