access:pre-auth 类型相关 21462 条 CVE 漏洞,含 AI 中文分析、CVSS、参考链接与 POC。
“access:pre-auth”标签标识了无需身份验证即可触发的漏洞,涵盖18971个CVE。此类漏洞之所以关键,是因为攻击者无需凭证即可直接利用,极大降低了攻击门槛并扩大了潜在受害面。典型场景包括远程代码执行、未授权数据访问及拒绝服务攻击,常见于配置错误的API接口、默认凭证服务或存在逻辑缺陷的认证前处理模块,对系统安全性构成直接且严重的威胁。
| CVE ID | 标题 | CVSS | 风险等级 | Published |
|---|---|---|---|---|
| CVE-2024-49581 | Palantir Foundry 安全漏洞 — com.palantir.gotham:external-artifactsCWE-862 | 6.5 | Medium | 2024-12-02 |
| CVE-2024-5890 | ServiceNow Now Platform 安全漏洞 — Now PlatformCWE-79 | 4.3 | Medium | 2024-12-02 |
| CVE-2024-8785 | Progress Software WhatsUp Gold 安全漏洞 — WhatsUp GoldCWE-648 | 9.8 | Critical | 2024-12-02 |
| CVE-2024-46909 | Progress Software WhatsUp Gold 安全漏洞 — WhatsUp GoldCWE-22 | 9.8 | Critical | 2024-12-02 |
| CVE-2024-10490 | B&R Industrial Automation mapp 安全漏洞 — B&R mapp CockpitCWE-288 | 9.8 | - | 2024-12-02 |
| CVE-2024-11252 | WordPress plugin Sassy Social Share 跨站脚本漏洞 — Social Sharing Plugin – Sassy Social ShareCWE-79 | 6.1 | Medium | 2024-11-30 |
| CVE-2024-11482 | Trellix Enterprise Security Manager 安全漏洞 — Trellix Enterprise Security Manager (ESM)CWE-78 | 9.8 | Critical | 2024-11-29 |
| CVE-2024-11481 | Trellix Enterprise Security Manager 安全漏洞 — Trellix Enterprise Security Manager (ESM)CWE-22 | 8.2 | High | 2024-11-29 |
| CVE-2024-11980 | Billion Electric多款产品 安全漏洞 — M100CWE-306 | 8.6 | High | 2024-11-29 |
| CVE-2024-53701 | FCNT 访问控制错误漏洞 — arrows N F-51CCWE-306 | 5.7 | - | 2024-11-29 |
| CVE-2024-11979 | Interinfo DreamMaker 安全漏洞 — DreamMaker | 9.8 | Critical | 2024-11-29 |
| CVE-2024-11978 | Interinfo DreamMaker 安全漏洞 — DreamMakerCWE-36 | 7.5 | High | 2024-11-29 |
| CVE-2024-11103 | WordPress plugin Contest Gallery 授权问题漏洞 — Contest Gallery – Upload & Vote Photos, Media, Sell with PayPal & StripeCWE-640 | 9.8 | Critical | 2024-11-28 |
| CVE-2024-11599 | Mattermost 安全漏洞 — MattermostCWE-754 | 8.2 | High | 2024-11-28 |
| CVE-2024-11684 | WordPress plugin Kudos Donations 跨站脚本漏洞 — Kudos Donations: Easy Donations with Mollie | One-off & Recurring | PDF Invoices | Buttons & FormsCWE-79 | 6.1 | Medium | 2024-11-28 |
| CVE-2024-11458 | WordPress plugin FAQ Builder AYS 跨站脚本漏洞 — FAQ Builder AYSCWE-79 | 6.1 | Medium | 2024-11-28 |
| CVE-2024-11685 | WordPress plugin Kudos Donations 跨站脚本漏洞 — Kudos Donations: Easy Donations with Mollie | One-off & Recurring | PDF Invoices | Buttons & FormsCWE-79 | 6.1 | Medium | 2024-11-28 |
| CVE-2024-11366 | WordPress plugin SEO Landing Page Generator 跨站脚本漏洞 — SEO Landing Page GeneratorCWE-79 | 6.1 | Medium | 2024-11-28 |
| CVE-2024-11925 | WordPress plugin JobSearch 安全漏洞 — JobSearch WP Job BoardCWE-288 | 9.8 | Critical | 2024-11-28 |
| CVE-2024-10521 | WordPress plugin WordPress Contact Forms by Cimatti 跨站请求伪造漏洞 — Contact Forms by CimattiCWE-352 | 4.3 | Medium | 2024-11-27 |
| CVE-2024-10580 | WordPress plugin Hustle – Email Marketing, Lead Generation, Optins, Popups 安全漏洞 — Hustle – Email Marketing, Lead Generation, Optins, PopupsCWE-862 | 5.3 | Medium | 2024-11-27 |
| CVE-2024-11219 | WordPress plugin Otter Blocks 路径遍历漏洞 — Otter Blocks – Gutenberg Blocks, Page Builder for Gutenberg Editor & FSECWE-22 | 5.3 | Medium | 2024-11-27 |
| CVE-2024-11083 | WordPress plugin ProfilePress 信息泄露漏洞 — Paid Membership Plugin, Ecommerce, User Registration Form, Login Form, User Profile & Restrict Content – ProfilePressCWE-200 | 5.3 | Medium | 2024-11-27 |
| CVE-2024-46054 | OpenVidReview 安全漏洞 — n/a | 9.1AI | CriticalAI | 2024-11-27 |
| CVE-2024-53673 | Hewlett Packard Enterprise Insight Remote Support 安全漏洞 — Insight Remote SupportCWE-502 | 8.1 | High | 2024-11-26 |
| CVE-2024-49035 | Microsoft Partner Center 安全漏洞 — Microsoft Partner CenterCWE-269 | 8.7 | High | 2024-11-26 |
| CVE-2024-10240 | GitLab Enterprise Edition 安全漏洞 — GitLabCWE-497 | 5.3 | Medium | 2024-11-26 |
| CVE-2024-11145 | Valor Apps Easy Folder Listing Pro 安全漏洞 — Easy Folder Listing ProCWE-502 | 9.8 | Critical | 2024-11-26 |
| CVE-2024-10878 | WordPress plugin Sugar Calendar 跨站脚本漏洞 — Sugar Calendar – Events Calendar, Event Tickets, and Events Management PlatformCWE-79 | 6.1 | Medium | 2024-11-26 |
| CVE-2024-52336 | tuned 安全漏洞 CWE-269 | 7.8 | High | 2024-11-26 |
access:pre-auth 是常见的弱点类别,本平台收录该类弱点关联的 21462 条 CVE 漏洞。