Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1336 CNY

100%

access:pre-auth — CVE vulnerabilities tagged 21435

21435 CVE security advisories tagged "access:pre-auth" with AI Chinese analysis, CVSS, references and POCs.

The tag "access:pre-auth" identifies vulnerabilities that allow unauthenticated attackers to gain unauthorized access to a system, application, or network resource before legitimate credentials are verified. This classification is critical because it represents the lowest barrier to entry for exploitation, enabling remote code execution, data exfiltration, or full system compromise without prior authentication. Typical scenarios involve flaws in authentication mechanisms, such as broken access controls, insecure direct object references, or logic errors in session management that bypass login requirements. Attackers frequently target these weaknesses via exposed APIs, administrative interfaces, or default configurations. Because no user interaction or valid credentials are needed, pre-authentication flaws are among the most severe and widely exploited security issues, often leading to immediate breach of confidentiality, integrity, and availability across affected infrastructure.

CVE IDTitleCVSSSeverityPublished
CVE-2024-57680 D-Link DIR-816 安全漏洞 — n/a 7.5 -2025-01-16
CVE-2024-57681 D-Link DIR-816 安全漏洞 — n/a 5.3 -2025-01-16
CVE-2024-57682 D-Link DIR-816 安全漏洞 — n/a 7.5 -2025-01-16
CVE-2024-57683 D-Link DIR-816 安全漏洞 — n/a 5.3 -2025-01-16
CVE-2024-57684 D-Link DIR-816 安全漏洞 — n/a 5.3 -2025-01-16
CVE-2025-0215 UpdraftPlus - Backup/Restore <= 1.24.12 - Reflected Cross-Site Scripting — UpdraftPlus: WP Backup & Migration PluginCWE-79 6.1 Medium2025-01-15
CVE-2024-8603 B&R Automation Runtime 加密问题漏洞 — Automation RuntimeCWE-327 7.5 High2025-01-15
CVE-2024-11322 CyberPower PowerPanel Business Unauthenticated Restart DoS — PowerPanel BusinessCWE-287 7.5 High2025-01-15
CVE-2024-12403 Image Gallery – Responsive Photo Gallery <= 1.0.5 - Reflected Cross-Site Scripting — Awesome Responsive Photo Gallery – Image & Video Lightbox GalleryCWE-79 6.1 Medium2025-01-15
CVE-2024-12423 Contact Form 7 Redirect & Thank You Page <= 1.0.7 - Reflected Cross-Site Scripting — Business Essentials for Contact Form 7CWE-79 6.1 Medium2025-01-15
CVE-2024-9636 Post Grid and Gutenberg Blocks 2.2.85 - 2.3.3 - Unauthenticated Privilege Escalation — Post Grid and Gutenberg Blocks – ComboBlocksCWE-269 9.8 Critical2025-01-15
CVE-2024-4227 gSOAP: Vulnerable to specially crafted unencrypted SDC messages — gSOAPCWE-834 7.5 High2025-01-15
CVE-2024-13334 Car Demon <= 1.8.1 - Reflected Cross-Site Scripting — Car DemonCWE-79 6.1 Medium2025-01-15
CVE-2024-57727 SimpleHelp 安全漏洞 — n/a 7.5 -2025-01-15
CVE-2025-22964 DDSN Interactive cm3 Acora CMS 安全漏洞 — n/a 9.1 -2025-01-15
CVE-2024-48858 Vulnerabilities in TIFF and PCX Image Codecs Impact QNX Software Development Platform — QNX Software Development Platform (SDP)CWE-1287 7.5 High2025-01-14
CVE-2024-48857 Vulnerabilities in TIFF and PCX Image Codecs Impact QNX Software Development Platform — QNX Software Development Platform (SDP)CWE-476 7.5 High2025-01-14
CVE-2024-48856 Vulnerabilities in TIFF and PCX Image Codecs Impact QNX Software Development Platform — QNX Software Development Platform (SDP)CWE-787 9.8 Critical2025-01-14
CVE-2024-49375 Remote Code Execution via Remote Model Loading in Rasa — rasa-pro-security-advisoriesCWE-94 9.1 Critical2025-01-14
CVE-2024-48855 Vulnerabilities in TIFF and PCX Image Codecs Impact QNX Software Development Platform — QNX Software Development Platform (SDP)CWE-125 5.3 Medium2025-01-14
CVE-2024-48854 Vulnerabilities in TIFF and PCX Image Codecs Impact QNX Software Development Platform — QNX Software Development Platform (SDP)CWE-193 5.3 Medium2025-01-14
CVE-2024-13163 Ivanti EPM 代码问题漏洞 — Endpoint ManagerCWE-502 7.8 High2025-01-14
CVE-2024-13165 Ivanti EPM 缓冲区错误漏洞 — Endpoint ManagerCWE-787 7.5 High2025-01-14
CVE-2024-13166 Ivanti EPM 缓冲区错误漏洞 — Endpoint ManagerCWE-787 7.5 High2025-01-14
CVE-2024-13167 Ivanti EPM 缓冲区错误漏洞 — Endpoint ManagerCWE-787 7.5 High2025-01-14
CVE-2024-13168 Ivanti EPM 缓冲区错误漏洞 — Endpoint ManagerCWE-787 7.5 High2025-01-14
CVE-2024-13170 Ivanti EPM 缓冲区错误漏洞 — Endpoint ManagerCWE-787 7.5 High2025-01-14
CVE-2024-13171 Ivanti EPM 代码问题漏洞 — Endpoint ManagerCWE-434 7.8 High2025-01-14
CVE-2024-13172 Ivanti EPM 数据伪造问题漏洞 — Endpoint ManagerCWE-347 7.8 High2025-01-14
CVE-2024-13159 Ivanti EPM 安全漏洞 — Endpoint ManagerCWE-36 9.8 Critical2025-01-14

Vulnerabilities classified as access:pre-auth represent 21435 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.