目标达成 感谢每一位支持者 — 我们达成了 100% 目标!

目标: 1000 元 · 已筹: 1000

100.0%
请我们喝杯咖啡

access:pre-auth 标签下的 CVE 漏洞 19043

access:pre-auth 类型相关 19043 条 CVE 漏洞,含 AI 中文分析、CVSS、参考链接与 POC。

“access:pre-auth”标签标识了无需身份验证即可触发的漏洞,涵盖18971个CVE。此类漏洞之所以关键,是因为攻击者无需凭证即可直接利用,极大降低了攻击门槛并扩大了潜在受害面。典型场景包括远程代码执行、未授权数据访问及拒绝服务攻击,常见于配置错误的API接口、默认凭证服务或存在逻辑缺陷的认证前处理模块,对系统安全性构成直接且严重的威胁。

CVE ID标题CVSS风险等级Published
CVE-2022-41776 Delta Electronics InfraSuite Device Master 访问控制错误漏洞 — InfraSuite Device MasterCWE-306 7.5 High2022-10-31
CVE-2022-41688 Delta Electronics InfraSuite Device Master 访问控制错误漏洞 — InfraSuite Device MasterCWE-306 9.8 Critical2022-10-31
CVE-2022-40202 Delta Electronics InfraSuite Device Master 访问控制错误漏洞 — InfraSuite Device MasterCWE-306 9.8 Critical2022-10-31
CVE-2022-40742 Softnext Technologies Mail SQR Expert 路径遍历漏洞 — Mail SQR Expert 6.5 Medium2022-10-31
CVE-2022-40741 Softnext Technologies Mail SQR Expert 操作系统命令注入漏洞 — Mail SQR ExpertCWE-78 9.8 Critical2022-10-31
CVE-2022-39025 e-Excellence U-Office Force 跨站脚本漏洞 — U-Office ForceCWE-79 6.1 Medium2022-10-31
CVE-2022-39024 e-Excellence U-Office Force 跨站脚本漏洞 — U-Office ForceCWE-79 6.1 Medium2022-10-31
CVE-2022-39021 e-Excellence U-Office Force 输入验证错误漏洞 — U-Office ForceCWE-601 6.1 Medium2022-10-31
CVE-2021-40661 METTLER TOLEDO IND780 路径遍历漏洞 — n/a 7.5 -2022-10-31
CVE-2022-3254 WordPress plugin WordPress Classifieds Plugin SQL注入漏洞 — WordPress Classifieds Plugin – Ad Directory & Listings by AWP ClassifiedsCWE-89 9.8 -2022-10-31
CVE-2022-3360 WordPress plugin LearnPress 代码问题漏洞 — LearnPress – WordPress LMS PluginCWE-502 8.1 -2022-10-31
CVE-2022-3402 WordPress plugin Log HTTP Requests 跨站脚本漏洞 — Log HTTP RequestsCWE-79 6.1 Medium2022-10-28
CVE-2022-2864 WordPress plugin demon image annotation 跨站请求伪造漏洞 — demon image annotation 8.8 High2022-10-28
CVE-2022-37913 Aruba Networks EdgeConnect Enterprise Orchestrator 授权问题漏洞 — Aruba EdgeConnect Enterprise Orchestrator (on-premises), Aruba EdgeConnect Enterprise Orchestrator-as-a-Service, Aruba EdgeConnect Enterprise Orchestrator-SP and Aruba EdgeConnect Enterprise Orchestrator Global Enterprise Tenant Orchestrators 9.8 -2022-10-28
CVE-2022-37914 Aruba Networks EdgeConnect Enterprise Orchestrator 授权问题漏洞 — Aruba EdgeConnect Enterprise Orchestrator (on-premises), Aruba EdgeConnect Enterprise Orchestrator-as-a-Service, Aruba EdgeConnect Enterprise Orchestrator-SP and Aruba EdgeConnect Enterprise Orchestrator Global Enterprise Tenant Orchestrators 9.8 -2022-10-28
CVE-2022-37915 Aruba Networks EdgeConnect Enterprise Orchestrator 安全漏洞 — Aruba EdgeConnect Enterprise Orchestrator (on-premises) 9.8 -2022-10-28
CVE-2022-38744 Rockwell Automation FactoryTalk Alarm and Events Server 授权问题漏洞 — FactoryTalk Alarm and Events ServerCWE-287 7.5 High2022-10-27
CVE-2021-45476 YORDAM University Library Automation System 跨站脚本漏洞 — Yordam Library Information Document Automation ProgramCWE-79 4.7 Medium2022-10-27
CVE-2021-45475 YORDAM University Library Automation System 信息泄露漏洞 — Yordam Library Information Document Automation ProgramCWE-200 5.3 Medium2022-10-27
CVE-2022-43364 IP-COM EW9 安全漏洞 — n/a 7.5 -2022-10-27
CVE-2022-43366 IP-COM EW9 信息泄露漏洞 — n/a 7.5 -2022-10-27
CVE-2022-40703 AliveCor KardiaMobile 授权问题漏洞 — Kardia AppCWE-302 5.2 Medium2022-10-26
CVE-2022-20933 Cisco Meraki MX Series Security Appliances 安全漏洞 — Cisco Meraki MX FirmwareCWE-234 8.6 High2022-10-26
CVE-2022-38197 Esri ArcGIS Server 输入验证错误漏洞 — ArcGIS ServerCWE-601 6.1 Medium2022-10-25
CVE-2022-38198 Esri ArcGIS Server 跨站脚本漏洞 — ArcGIS ServerCWE-79 6.1 Medium2022-10-25
CVE-2022-38199 Esri ArcGIS Server 安全漏洞 — ArcGIS ServerCWE-494 6.1 Medium2022-10-25
CVE-2022-36452 Mitel MiCollab 代码问题漏洞 — n/a 9.8 -2022-10-25
CVE-2022-41711 Badaso 代码问题漏洞 — Badaso 9.8 -2022-10-25
CVE-2022-34439 Dell PowerScale OneFS 安全漏洞 — PowerScale OneFSCWE-770 5.3 Medium2022-10-21
CVE-2022-26870 Dell EMC PowerStore 授权问题漏洞 — PowerStoreCWE-288 7.0 High2022-10-21

access:pre-auth 是常见的弱点类别,本平台收录该类弱点关联的 19043 条 CVE 漏洞。