access:pre-auth 类型相关 19036 条 CVE 漏洞,含 AI 中文分析、CVSS、参考链接与 POC。
“access:pre-auth”标签标识了无需身份验证即可触发的漏洞,涵盖18971个CVE。此类漏洞之所以关键,是因为攻击者无需凭证即可直接利用,极大降低了攻击门槛并扩大了潜在受害面。典型场景包括远程代码执行、未授权数据访问及拒绝服务攻击,常见于配置错误的API接口、默认凭证服务或存在逻辑缺陷的认证前处理模块,对系统安全性构成直接且严重的威胁。
| CVE ID | 标题 | CVSS | 风险等级 | Published |
|---|---|---|---|---|
| CVE-2021-2026 | Oracle E-Business Suite 组件安全漏洞 — Marketing | 8.2 | High | 2021-01-20 |
| CVE-2021-2011 | Oracle MySQL 安全漏洞 — MySQL Server | 5.9 | Medium | 2021-01-20 |
| CVE-2021-2015 | Oracle E-Business Suite 授权问题漏洞 — Workflow | 8.2 | High | 2021-01-20 |
| CVE-2021-2005 | Oracle Fusion Middleware 组件安全漏洞 — Business Intelligence Enterprise Edition | 4.7 | Medium | 2021-01-20 |
| CVE-2021-2007 | Oracle MySQL 安全漏洞 — MySQL Server | 3.7 | Low | 2021-01-20 |
| CVE-2021-1994 | Oracle Fusion Middleware WebLogic Server 安全漏洞 — WebLogic Server | 9.8 | Critical | 2021-01-20 |
| CVE-2020-14756 | Oracle Fusion Middleware 授权问题漏洞 — Utilities Framework | 9.8 | Critical | 2021-01-20 |
| CVE-2020-13133 | Tufin Securechange 跨站脚本漏洞 — n/a | 5.2 | - | 2021-01-20 |
| CVE-2020-27269 | 多款Sooil产品授权问题漏洞 — SOOIL Developments Co., Ltd Diabecare RS, AnyDana-i and AnyDana-ACWE-294 | 8.1 | - | 2021-01-19 |
| CVE-2020-27264 | 多款Sooil产品安全特征问题漏洞 — SOOIL Developments Co., Ltd Diabecare RS, AnyDana-i and AnyDana-ACWE-330 | 8.8 | - | 2021-01-19 |
| CVE-2020-27258 | 多款Sooil产品信息泄露漏洞 — SOOIL Developments Co., Ltd Diabecare RS, AnyDana-i and AnyDana-ACWE-522 | 6.5 | - | 2021-01-19 |
| CVE-2020-27276 | 多款Sooil产品授权问题漏洞 — SOOIL Developments CoLtd DiabecareRS,AnyDana-i,AnyDana-ACWE-290 | 5.7 | - | 2021-01-19 |
| CVE-2020-27272 | 多款Sooil产品访问控制错误漏洞 — SOOIL Developments CoLtd DiabecareRS,AnyDana-i,AnyDana-A | 8.1 | - | 2021-01-19 |
| CVE-2020-27270 | 多款Sooil产品授权问题漏洞 — SOOIL Developments CoLtd DiabecareRS,AnyDana-i,AnyDana-A | 6.5 | - | 2021-01-19 |
| CVE-2021-21242 | Theonedev Onedev 代码问题漏洞 — onedevCWE-74 | 10.0 | Critical | 2021-01-15 |
| CVE-2021-21243 | Theonedev Onedev 代码问题漏洞 — onedevCWE-74 | 10.0 | Critical | 2021-01-15 |
| CVE-2021-21244 | Theonedev Onedev 代码代码注入漏洞 — onedevCWE-74 | 10.0 | Critical | 2021-01-15 |
| CVE-2020-24641 | HPE Aruba Airwave Glass 代码问题漏洞 — Aruba AirWave Glass Software | 7.5 | - | 2021-01-15 |
| CVE-2021-0210 | Juniper Networks Junos OS 信息泄露漏洞 — Junos OS | 6.8 | Medium | 2021-01-15 |
| CVE-2020-29495 | DELL Dell EMC Avamar Server 操作系统命令注入漏洞 — AvamarCWE-22 | 10.0 | Critical | 2021-01-14 |
| CVE-2020-29493 | DELL Dell EMC Avamar Server SQL注入漏洞 — AvamarCWE-89 | 10.0 | Critical | 2021-01-14 |
| CVE-2020-29015 | Fortinet FortiWeb SQL注入漏洞 — Fortinet FortiWeb | 9.8 | - | 2021-01-14 |
| CVE-2020-29016 | Fortinet FortiWeb 缓冲区错误漏洞 — Fortinet FortiWeb | 9.8 | - | 2021-01-14 |
| CVE-2020-29019 | Fortinet FortiWeb 缓冲区错误漏洞 — Fortinet FortiWeb | 7.5 | - | 2021-01-14 |
| CVE-2020-6776 | Bosch PRAESIDEO 和 Bosch PRAESENSA 跨站请求伪造漏洞 — PRAESIDEOCWE-352 | 8.8 | High | 2021-01-14 |
| CVE-2021-1310 | Cisco Webex Meetings 输入验证错误漏洞 — Cisco Webex MeetingsCWE-601 | 4.7 | Medium | 2021-01-13 |
| CVE-2021-1131 | Cisco Video Surveillance 8000 Series IP Cameras 缓冲区错误漏洞 — Cisco Video Surveillance 8000 Series IP CamerasCWE-119 | 6.5 | Medium | 2021-01-13 |
| CVE-2021-1245 | Cisco Finesse 跨站脚本漏洞 — Cisco Unified Customer Voice Portal (CVP)CWE-79 | 6.5 | Medium | 2021-01-13 |
| CVE-2021-1246 | Cisco Finesse 跨站脚本漏洞 — Cisco Unified Customer Voice Portal (CVP)CWE-306 | 6.5 | Medium | 2021-01-13 |
| CVE-2021-1242 | Cisco Webex Teams 安全漏洞 — Cisco Webex TeamsCWE-450 | 4.3 | Medium | 2021-01-13 |
access:pre-auth 是常见的弱点类别,本平台收录该类弱点关联的 19036 条 CVE 漏洞。