目標達成 すべての支援者に感謝 — 100%達成しました!

目標: 1000 CNY · 調達済み: 1336 CNY

100%

access:pre-auth 标签下的 CVE 漏洞 20836

access:pre-auth 类型相关 20836 条 CVE 漏洞,含 AI 中文分析、CVSS、参考链接与 POC。

“access:pre-auth”标签标识了无需身份验证即可触发的漏洞,涵盖18971个CVE。此类漏洞之所以关键,是因为攻击者无需凭证即可直接利用,极大降低了攻击门槛并扩大了潜在受害面。典型场景包括远程代码执行、未授权数据访问及拒绝服务攻击,常见于配置错误的API接口、默认凭证服务或存在逻辑缺陷的认证前处理模块,对系统安全性构成直接且严重的威胁。

CVE IDタイトルCVSS深刻度公開日
CVE-2019-5426 Ubiquiti Networks EdgeSwitch X 授权问题漏洞 — EdgeMAXCWE-287 7.4 -2019-04-10
CVE-2019-7139 Magento SQL注入漏洞 — Magento Open Source 7.5 -2019-04-10
CVE-2019-8990 TIBCO ActiveMatrix BusinessWorks Fails To Properly Enforce Authentication — TIBCO ActiveMatrix BusinessWorks 8.1 -2019-04-09
CVE-2019-3941 Advantech WebAccess 访问控制错误漏洞 — WebAccess 7.5 -2019-04-09
CVE-2019-3940 Advantech WebAccess 代码问题漏洞 — WebAccessCWE-434 9.8 -2019-04-09
CVE-2019-1798 Clam AntiVirus PE File Out-of-Bounds Read Vulnerability — ClamAVCWE-20 5.5 -2019-04-08
CVE-2019-1788 ClamAV OLE2 File Out-Of-Bounds Write Vulnerability — ClamAVCWE-20 5.5 -2019-04-08
CVE-2019-1787 Clam AntiVirus PDF Denial of Service Vulnerability — ClamAVCWE-20 5.5 -2019-04-08
CVE-2019-1785 Clam AntiVirus RAR Directory Traversal Vulnerability — ClamAVCWE-20 7.8 -2019-04-08
CVE-2019-1786 Clam AntiVirus PDF Out-of-Bounds Read Vulnerability — ClamAVCWE-20 5.5 -2019-04-08
CVE-2018-1885 IBM Business Automation Workflow 信息泄露漏洞 — Business Automation Workflow 7.5 -2019-04-08
CVE-2019-1828 Cisco Small Business RV320 and RV325 Routers Weak Credential Encryption Vulnerability — Cisco Small Business RV Series Router FirmwareCWE-327 8.1 -2019-04-04
CVE-2019-1827 Cisco Small Business RV320 and RV325 Routers Online Help Reflected Cross-Site Scripting Vulnerability — Cisco Small Business RV Series Router FirmwareCWE-79 6.1 -2019-04-04
CVE-2019-10842 bootstrap-sass 代码注入漏洞 — n/a 9.8 -2019-04-04
CVE-2018-18035 OpenEMR 跨站脚本漏洞 — n/a 6.1 -2019-04-02
CVE-2017-6047 Detcon SiteWatch Gateway 信任管理问题漏洞 — Sitewatch GatewayCWE-287 9.8 -2019-04-02
CVE-2017-8023 EMC Networker Remote Code Execution Vulnerability — Networker 9.8 -2019-04-01
CVE-2019-5514 VMware Fusion 输入验证错误漏洞 — VMware Fusion 8.8 -2019-04-01
CVE-2019-3489 Micro Focus Content Manager Web Client组件安全漏洞 — Micro Focus Content Manager 9.1 -2019-04-01
CVE-2019-5891 OverIT Geocall 访问控制错误漏洞 — n/a 9.8 -2019-04-01
CVE-2019-10655 多款Grandstream产品操作系统命令注入漏洞 — n/a 9.8 -2019-03-30
CVE-2018-20378 OpenSynergy Blue SDK 输入验证错误漏洞 — n/a 7.5 -2019-03-29
CVE-2019-3710 DSA-2019-034: Dell EMC Networking OS10 Undocumented Default Cryptographic Key Vulnerability — Dell EMC Networking OS10 8.1 -2019-03-28
CVE-2019-6542 ENTTEC Datagate MK2 访问控制错误漏洞 — Datagate MK2CWE-306 7.5 -2019-03-28
CVE-2017-18365 GitHub 安全漏洞 — n/a 9.8 -2019-03-28
CVE-2019-1759 Cisco IOS XE Software Gigabit Ethernet Management Interface Access Control List Bypass Vulnerability — Cisco IOS XE SoftwareCWE-284 5.3 -2019-03-28
CVE-2019-1760 Cisco IOS XE Software Performance Routing Version 3 Denial of Service Vulnerability — Cisco IOS XE SoftwareCWE-20 5.9 -2019-03-28
CVE-2019-1761 Cisco IOS and IOS XE Software Hot Standby Router Protocol Information Leak Vulnerability — Cisco IOS and IOS XE SoftwareCWE-665 6.5 -2019-03-28
CVE-2019-1757 Cisco IOS and IOS XE Software Smart Call Home Certificate Validation Vulnerability — Cisco IOS and IOS XE SoftwareCWE-295 5.9 -2019-03-28
CVE-2019-1758 Cisco IOS Software Catalyst 6500 Series 802.1x Authentication Bypass Vulnerability — Cisco IOS SoftwareCWE-287 4.3 -2019-03-28

access:pre-auth 是常见的弱点类别,本平台收录该类弱点关联的 20836 条 CVE 漏洞。