Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

access:pre-auth — CVE vulnerabilities tagged 19065

19065 CVE security advisories tagged "access:pre-auth" with AI Chinese analysis, CVSS, references and POCs.

The tag "access:pre-auth" identifies vulnerabilities that allow unauthenticated attackers to gain unauthorized access to a system, application, or network resource before legitimate credentials are verified. This classification is critical because it represents the lowest barrier to entry for exploitation, enabling remote code execution, data exfiltration, or full system compromise without prior authentication. Typical scenarios involve flaws in authentication mechanisms, such as broken access controls, insecure direct object references, or logic errors in session management that bypass login requirements. Attackers frequently target these weaknesses via exposed APIs, administrative interfaces, or default configurations. Because no user interaction or valid credentials are needed, pre-authentication flaws are among the most severe and widely exploited security issues, often leading to immediate breach of confidentiality, integrity, and availability across affected infrastructure.

CVE IDTitleCVSSSeverityPublished
CVE-2007-4103 Asterisk IAX2隧道驱动拒绝服务攻击漏洞 — n/a 7.5 -2007-07-31
CVE-2007-3312 Jasmine CMS admin/plugin_manager.php 目录遍历漏洞 — n/a 9.8 -2007-06-21
CVE-2007-2912 Jelsoft vBulletin 未明漏洞 — n/a 5.3 -2007-05-30
CVE-2007-2148 Stephen Craton Chatness 'admin/save.php' 直接静态代码注入漏洞 — n/a 6.8 -2007-04-19
CVE-2007-2082 MyBlog 'settings.php'静态代码注入漏洞 — n/a 7.2 -2007-04-18
CVE-2007-1970 Mozilla Firefox HTTP元素 钓鱼攻击漏洞 — n/a 6.5 -2007-04-11
CVE-2007-1255 Connectix Boards dmin.bbcode.php 未限制文件上传漏洞 — n/a 9.8 -2007-03-03
CVE-2007-0370 phpBP 'index.php' RC3文件上传漏洞 — n/a 7.2 -2007-01-19
CVE-2007-0193 FON La Fonera路由器允许匿名Web访问漏洞 — n/a 7.5 -2007-01-11
CVE-2006-6347 TFT-Gallery‘index.php’无限制文件上载漏洞 — n/a 7.2 -2006-12-07
CVE-2006-5986 Extreme admin/options.php 权限认证和访问控制漏洞 — n/a 6.1 -2006-11-20
CVE-2006-4390 Apple Mac OS CFNetwork 匿名SSL连接漏洞 — n/a 6.5 -2006-10-02
CVE-2006-4986 Grayscale BandSite CMS 多个输入验证漏洞 — n/a 7.5 -2006-09-26
CVE-2006-4585 TR Forum SQL注入及认证绕过漏洞 — n/a 8.8 -2006-09-06
CVE-2006-4586 TR Forum SQL注入及认证绕过漏洞 — n/a 8.8 -2006-09-06
CVE-2006-3939 ScriptsCenter ezUpload Pro 多个未授权访问漏洞 — n/a 9.8 -2006-07-31
CVE-2006-3558 Arif Supriyanto auraCMS 跨站脚本攻击(XSS) 漏洞 — n/a 6.1 -2006-07-13
CVE-2006-2370 Microsoft Windows 路由和远程访问服务 缓冲区溢出漏洞 — n/a 9.8 -2006-06-13
CVE-2006-2371 Microsoft Windows RASMAN服务 栈溢出漏洞 — n/a 9.8 -2006-06-13
CVE-2006-1721 Apple Mac OS X多个命令执行及拒绝服务漏洞 — n/a 7.5 -2006-04-11
CVE-2006-1704 SIRE upload.php 文件上传漏洞 — n/a 9.1 -2006-04-11
CVE-2006-1083 PHP-Stats多个输入验证和信息泄露漏洞 — n/a 9.8 -2006-03-09
CVE-2006-1087 PHP-Stats 'admin.php'直接静态代码注入漏洞 — n/a 9.8 -2006-03-09
CVE-2006-0677 CrossFire拒绝服务漏洞 — n/a 7.5 -2006-02-14
CVE-2006-0374 ACT P202S VOIP WIFI Phones多个远程漏洞 — n/a 7.5 -2006-01-22
CVE-2006-0228 GRSecurity Linux服务以高权限执行漏洞 — n/a 7.5 -2006-01-17
CVE-2005-3656 多家厂商mod_auth_pgsql格式串处理漏洞 — n/a 9.8 -2006-01-06
CVE-2005-3802 Belkin无线路由器远程认证绕过漏洞 — n/a 9.8 -2005-11-24
CVE-2005-3715 Senao SI-680H VOIP WIFI电话VxWorks远程调试器访问漏洞 — n/a 9.8 -2005-11-21
CVE-2002-2149 Lucent Access Point IP 服务路由器超长HTTP请求服务拒绝漏洞 — n/a 7.5 -2005-11-16

Vulnerabilities classified as access:pre-auth represent 19065 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.