access:pre-auth 类型相关 21456 条 CVE 漏洞,含 AI 中文分析、CVSS、参考链接与 POC。
“access:pre-auth”标签标识了无需身份验证即可触发的漏洞,涵盖18971个CVE。此类漏洞之所以关键,是因为攻击者无需凭证即可直接利用,极大降低了攻击门槛并扩大了潜在受害面。典型场景包括远程代码执行、未授权数据访问及拒绝服务攻击,常见于配置错误的API接口、默认凭证服务或存在逻辑缺陷的认证前处理模块,对系统安全性构成直接且严重的威胁。
| CVE ID | 标题 | CVSS | 风险等级 | Published |
|---|---|---|---|---|
| CVE-2024-55971 | Logitime WebClock 安全漏洞 — n/a | 9.8 | - | 2025-01-23 |
| CVE-2025-20165 | Cisco BroadWorks 代码问题漏洞 — Cisco BroadWorksCWE-789 | 7.5 | High | 2025-01-22 |
| CVE-2025-20128 | ClamAV 安全漏洞 — Cisco Secure EndpointCWE-122 | 5.3 | Medium | 2025-01-22 |
| CVE-2024-13496 | WordPress plugin GamiPress SQL注入漏洞 — GamiPress – Gamification plugin to reward points, achievements, badges & ranks in WordPressCWE-89 | 7.5 | High | 2025-01-22 |
| CVE-2024-13499 | WordPress plugin GamiPress 代码注入漏洞 — GamiPress – Gamification plugin to reward points, achievements, badges & ranks in WordPressCWE-94 | 7.3 | High | 2025-01-22 |
| CVE-2024-13495 | WordPress plugin GamiPress 代码注入漏洞 — GamiPress – Gamification plugin to reward points, achievements, badges & ranks in WordPressCWE-94 | 7.3 | High | 2025-01-22 |
| CVE-2024-13319 | WordPress plugin Themify Builder 跨站脚本漏洞 — Themify BuilderCWE-79 | 6.1 | Medium | 2025-01-22 |
| CVE-2024-12857 | WordPress plugin AdForest 安全漏洞 — AdForestCWE-288 | 9.8 | Critical | 2025-01-22 |
| CVE-2024-13406 | WordPress plugin XML for Google Merchant Center 跨站脚本漏洞 — XML for Google Merchant CenterCWE-79 | 6.1 | Medium | 2025-01-22 |
| CVE-2024-13426 | WordPress plugin WP-Polls SQL注入漏洞 — WP-PollsCWE-89 | 5.4 | Medium | 2025-01-22 |
| CVE-2024-13091 | WordPress plugin WPBot Pro Wordpress Chatbot 代码问题漏洞 — WPBot Pro Wordpress ChatbotCWE-434 | 9.8 | Critical | 2025-01-21 |
| CVE-2025-21570 | Oracle Health Sciences Applications 安全漏洞 — Oracle Life Sciences Argus Safety | 6.1 | Medium | 2025-01-21 |
| CVE-2025-21565 | Oracle Supply Chain Products Suite 安全漏洞 — Oracle Agile PLM Framework | 7.5 | High | 2025-01-21 |
| CVE-2025-21554 | Oracle Communications Order and Service Management 安全漏洞 — Oracle Communications Order and Service Management | 5.3 | Medium | 2025-01-21 |
| CVE-2025-21549 | Oracle Fusion Middleware 安全漏洞 — Oracle WebLogic Server | 7.5 | High | 2025-01-21 |
| CVE-2025-21550 | Oracle Financial Services Applications 安全漏洞 — Oracle Financial Services Behavior Detection Platform | 6.1 | Medium | 2025-01-21 |
| CVE-2025-21547 | Oracle Hospitality Applications 安全漏洞 — Oracle Hospitality OPERA 5 | 9.1 | Critical | 2025-01-21 |
| CVE-2025-21545 | Oracle PeopleSoft Enterprise PeopleTools 安全漏洞 — PeopleSoft Enterprise PeopleTools | 7.5 | High | 2025-01-21 |
| CVE-2025-21538 | Oracle JD Edwards Products 跨站请求伪造漏洞 — JD Edwards EnterpriseOne Tools | 6.1 | Medium | 2025-01-21 |
| CVE-2025-21535 | Oracle Fusion Middleware 访问控制错误漏洞 — Oracle WebLogic Server | 9.8 | Critical | 2025-01-21 |
| CVE-2025-21527 | Oracle JD Edwards Products 安全漏洞 — JD Edwards EnterpriseOne Tools | 6.1 | Medium | 2025-01-21 |
| CVE-2025-21528 | Oracle Construction and Engineering Suite 安全漏洞 — Primavera P6 Enterprise Project Portfolio Management | 4.3 | Medium | 2025-01-21 |
| CVE-2025-21524 | Oracle JD Edwards Products 安全漏洞 — JD Edwards EnterpriseOne Tools | 9.8 | Critical | 2025-01-21 |
| CVE-2025-21521 | Oracle MySQL Server 安全漏洞 — MySQL Server | 7.5 | High | 2025-01-21 |
| CVE-2025-21512 | Oracle JD Edwards Products 安全漏洞 — JD Edwards EnterpriseOne Tools | 6.1 | Medium | 2025-01-21 |
| CVE-2025-21513 | Oracle JD Edwards Products 安全漏洞 — JD Edwards EnterpriseOne Tools | 6.1 | Medium | 2025-01-21 |
| CVE-2025-21514 | Oracle JD Edwards Products 安全漏洞 — JD Edwards EnterpriseOne Tools | 5.3 | Medium | 2025-01-21 |
| CVE-2025-21510 | Oracle JD Edwards Products 安全漏洞 — JD Edwards EnterpriseOne Tools | 7.5 | High | 2025-01-21 |
| CVE-2025-21511 | Oracle JD Edwards Products 安全漏洞 — JD Edwards EnterpriseOne Tools | 7.5 | High | 2025-01-21 |
| CVE-2025-21502 | Oracle Java SE 安全漏洞 — Oracle Java SE | 4.8 | Medium | 2025-01-21 |
access:pre-auth 是常见的弱点类别,本平台收录该类弱点关联的 21456 条 CVE 漏洞。