access:pre-auth 标签下的 CVE 漏洞 19065

access:pre-auth 类型相关 19065 条 CVE 漏洞，含 AI 中文分析、CVSS、参考链接与 POC。

“access:pre-auth”标签标识了无需身份验证即可触发的漏洞，涵盖18971个CVE。此类漏洞之所以关键，是因为攻击者无需凭证即可直接利用，极大降低了攻击门槛并扩大了潜在受害面。典型场景包括远程代码执行、未授权数据访问及拒绝服务攻击，常见于配置错误的API接口、默认凭证服务或存在逻辑缺陷的认证前处理模块，对系统安全性构成直接且严重的威胁。

CVE ID	タイトル	CVSS	深刻度	公開日
CVE-2022-2543	Visual Portfolio < 2.18.0 - Unauthenticated CSS Injection — Visual Portfolio, Photo Gallery & Post GridCWE-862	6.1	-	2022-09-05
CVE-2022-2376	Directorist < 7.3.1 - Unauthenticated Email Address Disclosure — Directorist – WordPress Business Directory Plugin with Classified Ads ListingsCWE-862	5.3	-	2022-09-05
CVE-2022-36640	InfluxData InfluxDB 安全漏洞 — n/a	9.8	-	2022-09-02
CVE-2022-36638	Garage Management System 安全漏洞 — n/a	5.3	-	2022-09-02
CVE-2022-29158	Regular Expression Denial of Service (ReDoS) vulnerability in Apache OFBiz — Apache OFBizCWE-1333	7.5	-	2022-09-02
CVE-2022-25370	Unauth Stored XSS vulnerability in the Birt plugin of Apache OFBiz — Apache OFBizCWE-79	5.4	-	2022-09-02
CVE-2022-36604	Canaan Avalon ASIC Miner 访问控制错误漏洞 — n/a	7.5	-	2022-09-01
CVE-2022-36601	JASMINER X4 Server 安全漏洞 — n/a	9.8	-	2022-09-01
CVE-2022-34372	Dell PowerProtect Cyber Recovery 授权问题漏洞 — Cyber RecoveryCWE-288	9.8	Critical	2022-09-01
CVE-2022-36619	D-Link DIR-816 访问控制错误漏洞 — n/a	7.5	-	2022-08-31
CVE-2022-37128	D-Link DIR-816 安全漏洞 — n/a	9.1	-	2022-08-31
CVE-2022-21941	iSTAR Ultra — iSTAR UltraCWE-77	10.0	Critical	2022-08-31
CVE-2022-37122	Carel pCOWeb HVAC BACnet Gateway 路径遍历漏洞 — n/a	7.5	-	2022-08-31
CVE-2022-30317	Honeywell Experion LX 访问控制错误漏洞 — n/a	9.1	-	2022-08-31
CVE-2022-27563	Overload/denial of service affects HCL VersionVault Express — HCL VersionVault ExpressCWE-754	7.5	High	2022-08-30
CVE-2022-31232	Dell SmartFabric Storage Software 操作系统命令注入漏洞 — Smart Fabric Storage SoftwareCWE-78	8.6	High	2022-08-30
CVE-2022-26529	Realtek Linux/Android Bluetooth Mesh SDK - Buffer Overflow — Linux/Android Bluetooth Mesh SDKCWE-120	6.5	Medium	2022-08-30
CVE-2022-38116	Le-yan Co., Ltd. Personnel and Salary Management System - Hard-coded password — Personnel and Salary Management SystemCWE-798	9.8	Critical	2022-08-30
CVE-2022-26528	Realtek Linux/Android Bluetooth Mesh SDK - Buffer Overflow — Linux/Android Bluetooth Mesh SDKCWE-120	6.5	Medium	2022-08-30
CVE-2022-26527	Realtek Linux/Android Bluetooth Mesh SDK - Buffer Overflow — Linux/Android Bluetooth Mesh SDKCWE-120	6.5	Medium	2022-08-30
CVE-2022-25635	Realtek Linux/Android Bluetooth Mesh SDK - Buffer Overflow — Linux/Android Bluetooth Mesh SDKCWE-120	6.5	Medium	2022-08-30
CVE-2022-2373	Simply Schedule Appointments < 1.5.7.7 - Unauthenticated Email Address Disclosure — Simply Schedule Appointments – WordPress Booking PluginCWE-862	5.3	-	2022-08-29
CVE-2022-2034	Sensei LMS < 4.5.0 - Unauthenticated Private Messages Disclosure via Rest API — Sensei LMS	5.3	-	2022-08-29
CVE-2022-22897	PrestaShop Ap Pagebuilder SQL注入漏洞 — n/a	7.5	-	2022-08-29
CVE-2022-36521	cskefu 访问控制错误漏洞 — n/a	7.5	-	2022-08-26
CVE-2022-35192	D-Link AC1200 安全漏洞 — n/a	7.5	-	2022-08-25
CVE-2022-37318	Archer Platform 跨站脚本漏洞 — n/a	7.0	High	2022-08-25
CVE-2022-31499	Nortek Control Linear eMerge E3-Series 操作系统命令注入漏洞 — n/a	9.8	-	2022-08-25
CVE-2021-43329	Mumara Classic SQL注入漏洞 — n/a	9.8	-	2022-08-25
CVE-2022-20824	Cisco FXOS and NX-OS Software Cisco Discovery Protocol Denial of Service and Arbitrary Code Execution Vulnerability — Cisco NX-OS SoftwareCWE-121	8.8	High	2022-08-25

access:pre-auth 是常见的弱点类别，本平台收录该类弱点关联的 19065 条 CVE 漏洞。

目標達成 すべての支援者に感謝 — 100%達成しました！

access:pre-auth 标签下的 CVE 漏洞 19065

目標達成すべての支援者に感謝 — 100%達成しました！