Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

access:pre-auth — CVE vulnerabilities tagged 19065

19065 CVE security advisories tagged "access:pre-auth" with AI Chinese analysis, CVSS, references and POCs.

The tag "access:pre-auth" identifies vulnerabilities that allow unauthenticated attackers to gain unauthorized access to a system, application, or network resource before legitimate credentials are verified. This classification is critical because it represents the lowest barrier to entry for exploitation, enabling remote code execution, data exfiltration, or full system compromise without prior authentication. Typical scenarios involve flaws in authentication mechanisms, such as broken access controls, insecure direct object references, or logic errors in session management that bypass login requirements. Attackers frequently target these weaknesses via exposed APIs, administrative interfaces, or default configurations. Because no user interaction or valid credentials are needed, pre-authentication flaws are among the most severe and widely exploited security issues, often leading to immediate breach of confidentiality, integrity, and availability across affected infrastructure.

CVE IDTitleCVSSSeverityPublished
CVE-2022-20823 Cisco NX-OS Software OSPFv3 Denial of Service Vulnerability — Cisco NX-OS SoftwareCWE-126 8.6 High2022-08-25
CVE-2022-36633 Teleport 操作系统命令注入漏洞 — n/a 8.8 -2022-08-24
CVE-2022-35242 WordPress THE Leads Management System: 59sec LITE plugin <= 3.4.1 - Unauthenticated plugin settings change vulnerability — THE Leads Management System: 59sec LITE (WordPress plugin)CWE-264 6.5 Medium2022-08-23
CVE-2022-29476 WordPress Notification Bar for WordPress plugin <= 1.1.8 - Unauthenticated Stored Cross-Site Scripting (XSS) vulnerability — Notification Bar for WordPressCWE-79 6.1 Medium2022-08-23
CVE-2022-35203 TRENDnet TV-IP572PI 授权问题漏洞 — n/a 9.1 -2022-08-23
CVE-2021-42627 D-Link DIR-615 安全漏洞 — n/a 8.3 -2022-08-23
CVE-2022-1989 CODESYS Visualization vulnerable to user enumeration — CODESYS VisualizationCWE-204 5.3 Medium2022-08-23
CVE-2022-35733 UNIMO Technology Digital Video Recorder 访问控制错误漏洞 — UNIMO Technology digital video recorders UDR-JA1004/JA1008/JA1016 and UDR-JA1016 9.8 -2022-08-23
CVE-2022-35191 D-Link AC1200 安全漏洞 — n/a 7.5 -2022-08-22
CVE-2022-33932 Dell PowerScale OneFS 安全漏洞 — PowerScale OneFSCWE-419 5.3 Medium2022-08-22
CVE-2022-2594 Advanced Custom Fields 5.0-5.12.2 - Unauthenticated File Upload — Advanced Custom FieldsCWE-434 7.5 -2022-08-22
CVE-2022-2551 Duplicator < 1.4.7 - Unauthenticated Backup Download — Duplicator – WordPress Migration PluginCWE-425 7.5 -2022-08-22
CVE-2022-2544 Ninja Job Board < 1.3.3 - Resume Disclosure via Directory Listing — Ninja Job Board – Ultimate WordPress Job Board PluginCWE-425 7.5 -2022-08-22
CVE-2022-2375 WP Sticky Button < 1.4.1 - Unauthenticated Arbitrary Settings Update to Stored XSS — WP Sticky Button – Click to ChatCWE-79 6.1 -2022-08-22
CVE-2022-2276 WP Edit Menu < 1.5.0 - Unauthenticated Arbitrary Post Deletion — WP Edit MenuCWE-862 4.3 -2022-08-22
CVE-2021-24910 Transposh WordPress Translation < 1.0.8 - Reflected Cross-Site Scripting — Transposh WordPress TranslationCWE-79 6.1 -2022-08-22
CVE-2022-35654 Pegasystem PEGA Platform 跨站脚本漏洞 — Pega InfinityCWE-79 6.1 -2022-08-22
CVE-2022-37133 D-Link DIR-816 安全漏洞 — n/a 7.5 -2022-08-22
CVE-2022-30296 Intel Datacenter Group Event 安全漏洞 — version 7.5 -2022-08-18
CVE-2022-25899 Intel Open AMT Cloud Toolkit 安全漏洞 — Intel(R) 9.8 -2022-08-18
CVE-2022-23182 Intel Data Center Manager 安全漏洞 — Intel(R) Data Center Manager software 8.8 -2022-08-18
CVE-2022-22730 Intel Edge Insights for Industrial 授权问题漏洞 — Intel(R) Edge Insights for Industrial software 9.8 -2022-08-18
CVE-2022-21212 Intel PROSet/Wireless WiFi Software 输入验证错误漏洞 — Intel(R) PROSet/Wireless WiFi products 6.5 -2022-08-18
CVE-2022-21160 Intel PROSet/Wireless WiFi Software 缓冲区错误漏洞 — Intel(R) PROSet/Wireless WiFi products 7.5 -2022-08-18
CVE-2022-21197 Intel PROSet/Wireless WiFi Software 输入验证错误漏洞 — Intel(R) PROSet/Wireless WiFi products 7.5 -2022-08-18
CVE-2022-21139 Intel PROSet/Wireless WiFi Software 加密问题漏洞 — Intel(R) PROSet/Wireless WiFi products 8.8 -2022-08-18
CVE-2022-37422 Payara 路径遍历漏洞 — n/a 7.5 -2022-08-18
CVE-2022-37062 Teledyne FLIR AX8 访问控制错误漏洞 — n/a 7.5 -2022-08-18
CVE-2021-23168 Intel PROSet/Wireless WiFi Software 缓冲区错误漏洞 — Intel(R) PROSet/Wireless WiFi and Killer(TM) WiFi products 6.5 -2022-08-18
CVE-2021-44545 Intel PROSet/Wireless WiFi Software 输入验证错误漏洞 — Intel(R) PROSet/Wireless WiFi and Killer(TM) WiFi products 6.5 -2022-08-18

Vulnerabilities classified as access:pre-auth represent 19065 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.