Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1325 CNY

100%
Buy Us a Coffee

access:pre-auth — CVE vulnerabilities tagged 20447

20447 CVE security advisories tagged "access:pre-auth" with AI Chinese analysis, CVSS, references and POCs.

The tag "access:pre-auth" identifies vulnerabilities that allow unauthenticated attackers to gain unauthorized access to a system, application, or network resource before legitimate credentials are verified. This classification is critical because it represents the lowest barrier to entry for exploitation, enabling remote code execution, data exfiltration, or full system compromise without prior authentication. Typical scenarios involve flaws in authentication mechanisms, such as broken access controls, insecure direct object references, or logic errors in session management that bypass login requirements. Attackers frequently target these weaknesses via exposed APIs, administrative interfaces, or default configurations. Because no user interaction or valid credentials are needed, pre-authentication flaws are among the most severe and widely exploited security issues, often leading to immediate breach of confidentiality, integrity, and availability across affected infrastructure.

CVE IDTitleCVSSSeverityPublished
CVE-2018-15449 Cisco Video Surveillance Media Server Denial of Service Vulnerability — Cisco Video Surveillance Media Server SoftwareCWE-20 6.5 -2018-11-08
CVE-2018-15446 Cisco Meeting Server Information Disclosure Vulnerability — Cisco Meeting ServerCWE-200 7.5 -2018-11-08
CVE-2018-15381 Cisco Unity Express Arbitrary Command Execution Vulnerability — Cisco Unity ExpressCWE-502 9.8 -2018-11-08
CVE-2018-15393 Cisco Content Security Management Appliance (SMA) Cross-Site Scripting Vulnerability — Cisco Content Security Management Appliance (SMA)CWE-79 6.1 -2018-11-08
CVE-2018-15394 Cisco Stealthwatch Management Console Authentication Bypass Vulnerability — Cisco Stealthwatch EnterpriseCWE-284 9.8 -2018-11-08
CVE-2018-15439 Cisco Small Business Switches Privileged Access Vulnerability — Cisco Small Business 300 Series Managed SwitchesCWE-798 9.8 -2018-11-08
CVE-2018-15443 Cisco Firepower Detection Engine TCP Intrusion Prevention System Rule Bypass Vulnerability — Cisco Firepower Management CenterCWE-400 7.5 -2018-11-08
CVE-2018-19079 Foscam OptiCam i5 访问控制错误漏洞 — n/a 7.5 -2018-11-07
CVE-2018-19080 Foscam OptiCam i5 跨站脚本漏洞 — n/a 6.1 -2018-11-07
CVE-2018-14667 RichFaces Framework 代码注入漏洞 — RichFacesCWE-94 9.8 -2018-11-06
CVE-2018-9208 jQuery Picture Cut 输入验证漏洞 — jQuery Picture Cut 9.8 -2018-11-05
CVE-2018-18950 KindEditor 路径遍历漏洞 — n/a 7.5 -2018-11-05
CVE-2018-17922 CIRCONTROL CirCarLife 日志信息泄露漏洞 — Circontrol CirCarLife all versions prior to 4.3.1CWE-522 9.1 -2018-11-02
CVE-2018-17914 Schneider Electric InduSoft Web Studio和InTouch Edge HMI 安全漏洞 — InduSoft Web Studio, and InTouch Edge HMI (formerly InTouch Machine Edition)CWE-258 9.8 -2018-11-02
CVE-2018-6908 Green Electronics RainMachine Mini-8和Touch HD 12 Web应用程序安全漏洞 — n/a 9.8 -2018-11-01
CVE-2018-15454 Cisco Adaptive Security Appliance Software and Cisco Firepower Threat Defense Software Denial of Service Vulnerability — Cisco Adaptive Security Appliance (ASA) SoftwareCWE-20 8.6 -2018-11-01
CVE-2018-18657 Arcserve Unified Data Protection 信息泄露漏洞 — n/a 7.5 -2018-10-26
CVE-2018-18658 Arcserve Unified Data Protection 信息泄露漏洞 — n/a 7.5 -2018-10-26
CVE-2018-18659 Arcserve Unified Data Protection 安全漏洞 — n/a 9.8 -2018-10-26
CVE-2018-18013 Citrix Xen Mobile 安全漏洞 — n/a 8.8 -2018-10-24
CVE-2018-12901 Mitel ST conferencing组件跨站脚本漏洞 — n/a 6.1 -2018-10-23
CVE-2018-16226 Mitel MiVoice Office 400 web admin组件跨站脚本漏洞 — n/a 6.1 -2018-10-23
CVE-2018-15703 Advantech WebAccess 跨站脚本漏洞 — Advantech WebAccess 6.1 -2018-10-22
CVE-2018-18428 TP-Link TL-SC3130 安全漏洞 — n/a 9.1 -2018-10-19
CVE-2018-0441 Cisco IOS Access Points Software 802.11r Fast Transition Denial of Service Vulnerability — Cisco Aironet Access Point SoftwareCWE-400 7.4 -2018-10-17
CVE-2018-0442 Cisco Wireless LAN Controller Software Control and Provisioning of Wireless Access Points Protocol Information Disclosure Vulnerability — Cisco Wireless LAN Controller (WLC)CWE-200 7.5 -2018-10-17
CVE-2018-0443 Cisco Wireless LAN Controller Software Control and Provisioning of Wireless Access Points Protocol Denial of Service Vulnerability — Cisco Wireless LAN Controller (WLC)CWE-399 7.5 -2018-10-17
CVE-2018-15435 Cisco SocialMiner Cross-Site Scripting Vulnerability — Cisco SocialMinerCWE-79 6.1 -2018-10-17
CVE-2018-15438 Cisco Prime Collaboration Assurance Cross-Site Request Forgery Vulnerability — Cisco Prime Collaboration AssuranceCWE-352 8.8 -2018-10-17
CVE-2018-0378 Cisco NX-OS Software for Nexus 5500, 5600, and 6000 Series Switches Precision Time Protocol Denial of Service Vulnerability — Cisco NX-OS Software for Nexus 6000 SeriesCWE-20 8.6 -2018-10-17

Vulnerabilities classified as access:pre-auth represent 20447 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.