Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

access:pre-auth — CVE vulnerabilities tagged 19065

19065 CVE security advisories tagged "access:pre-auth" with AI Chinese analysis, CVSS, references and POCs.

The tag "access:pre-auth" identifies vulnerabilities that allow unauthenticated attackers to gain unauthorized access to a system, application, or network resource before legitimate credentials are verified. This classification is critical because it represents the lowest barrier to entry for exploitation, enabling remote code execution, data exfiltration, or full system compromise without prior authentication. Typical scenarios involve flaws in authentication mechanisms, such as broken access controls, insecure direct object references, or logic errors in session management that bypass login requirements. Attackers frequently target these weaknesses via exposed APIs, administrative interfaces, or default configurations. Because no user interaction or valid credentials are needed, pre-authentication flaws are among the most severe and widely exploited security issues, often leading to immediate breach of confidentiality, integrity, and availability across affected infrastructure.

CVE IDTitleCVSSSeverityPublished
CVE-2012-4752 ownCloud ‘appconfig.php’权限许可和访问控制漏洞 — n/a 6.5 -2012-09-05
CVE-2012-2670 Collabtive ‘manageuser.php’ 任意代码执行漏洞 — n/a 8.8 -2012-06-17
CVE-2011-4140 Django CSRF机制跨站请求伪造漏洞 — n/a 8.1 -2011-10-19
CVE-2011-1507 Digium Asterisk安全绕过和拒绝服务漏洞 — n/a 7.5 -2011-04-27
CVE-2010-4506 Oracle Passlogix v-GO Self-Service Password Reset和OEM加密问题漏洞 — n/a 6.8 -2011-02-07
CVE-2010-3482 Bouzouste Primitive CMS 'cms_write.php'多个SQL注入漏洞 — n/a 7.2 -2010-09-22
CVE-2010-2448 ZNC 'znc.cpp'空指针引用拒绝服务漏洞 — n/a 6.5 -2010-07-12
CVE-2009-3555 Apache HTTP Server 信任管理问题漏洞 — n/a 5.9 -2009-11-09
CVE-2009-1536 Microsoft .NET Framework请求调度远程拒绝服务漏洞 — n/a 7.5 -2009-08-12
CVE-2008-6760 ViArt Shop 'cart_save.php'信息泄露漏洞 — n/a 5.3 -2009-04-28
CVE-2008-6524 openInvoice 'resetpass.php'身份认证授权绕过漏洞 — n/a 6.5 -2009-03-25
CVE-2009-0964 Xlinesoft PHPRunner 脚本UserView_list.php SQL注入漏洞 — n/a 9.8 -2009-03-19
CVE-2009-0275 ryneezy phosheezy 代码注入漏洞 — n/a 9.8 -2009-01-26
CVE-2009-0251 ryneezy phosheezy 'admin.php'代码注入漏洞 — n/a 9.8 -2009-01-22
CVE-2008-5673 phparanoid 权限许可和访问控制漏洞 — n/a 9.8 -2008-12-18
CVE-2008-5408 Symantec Backup Exec for Windows Servers 数据管理协议缓冲区溢出漏洞 — n/a 8.8 -2008-12-09
CVE-2008-4875 Philips VOIP841 DECT Phone web GET请求目录遍历漏洞 — n/a 8.1 -2008-10-31
CVE-2008-3909 Django Login Form 跨站脚本攻击漏洞 — n/a 8.1 -2008-09-04
CVE-2008-3283 RedHat 目录服务器内存泄露 拒绝服务漏洞 — n/a 7.5 -2008-08-29
CVE-2008-1381 ZoneMinder ZoneMinder多个未明远程代码执行漏洞 — n/a 8.8 -2008-05-01
CVE-2008-1923 asterisk 拒绝服务漏洞 — n/a 5.9 -2008-04-23
CVE-2008-1897 Asterisk IAX2报文放大远程拒绝服务漏洞 — n/a 8.8 -2008-04-23
CVE-2008-1813 Oracle 2008年4月更新修复多个安全漏洞 — n/a 9.8 -2008-04-16
CVE-2008-0210 RETIRED: UebiMiau 'error.php'访问控制绕过漏洞 — n/a 9.8 -2008-01-10
CVE-2007-5914 Jean Jean Charles JBC Explorer post.php 直接静态代码注入漏洞 — n/a 9.8 -2007-11-10
CVE-2007-5772 Flatnuke3 文件管理模块 未授权访问漏洞 — n/a 9.8 -2007-11-01
CVE-2003-1434 login_ldap模块未授权访问漏洞 — n/a 9.1 -2007-10-23
CVE-2007-5508 Oracle CTX_DOC软件包多个SQL注入漏洞 — n/a 8.8 -2007-10-17
CVE-2007-5231 Zomplog 'admin/upload_files.php' 不限制文件上传漏洞 — n/a 7.2 -2007-10-05
CVE-2007-4430 Cisco IOS "show ip bgp regexp"命令远程拒绝服务漏洞 — n/a 7.5 -2007-08-20

Vulnerabilities classified as access:pre-auth represent 19065 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.