Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1110 CNY

100%
Buy Us a Coffee

access:pre-auth — CVE vulnerabilities tagged 19413

19413 CVE security advisories tagged "access:pre-auth" with AI Chinese analysis, CVSS, references and POCs.

The tag "access:pre-auth" identifies vulnerabilities that allow unauthenticated attackers to gain unauthorized access to a system, application, or network resource before legitimate credentials are verified. This classification is critical because it represents the lowest barrier to entry for exploitation, enabling remote code execution, data exfiltration, or full system compromise without prior authentication. Typical scenarios involve flaws in authentication mechanisms, such as broken access controls, insecure direct object references, or logic errors in session management that bypass login requirements. Attackers frequently target these weaknesses via exposed APIs, administrative interfaces, or default configurations. Because no user interaction or valid credentials are needed, pre-authentication flaws are among the most severe and widely exploited security issues, often leading to immediate breach of confidentiality, integrity, and availability across affected infrastructure.

CVE IDTitleCVSSSeverityPublished
CVE-2006-4986 Grayscale BandSite CMS 多个输入验证漏洞 — n/a 7.5 -2006-09-26
CVE-2006-4585 TR Forum SQL注入及认证绕过漏洞 — n/a 8.8 -2006-09-06
CVE-2006-4586 TR Forum SQL注入及认证绕过漏洞 — n/a 8.8 -2006-09-06
CVE-2006-3939 ScriptsCenter ezUpload Pro 多个未授权访问漏洞 — n/a 9.8 -2006-07-31
CVE-2006-3558 Arif Supriyanto auraCMS 跨站脚本攻击(XSS) 漏洞 — n/a 6.1 -2006-07-13
CVE-2006-2370 Microsoft Windows 路由和远程访问服务 缓冲区溢出漏洞 — n/a 9.8 -2006-06-13
CVE-2006-2371 Microsoft Windows RASMAN服务 栈溢出漏洞 — n/a 9.8 -2006-06-13
CVE-2006-1721 Apple Mac OS X多个命令执行及拒绝服务漏洞 — n/a 7.5 -2006-04-11
CVE-2006-1704 SIRE upload.php 文件上传漏洞 — n/a 9.1 -2006-04-11
CVE-2006-1083 PHP-Stats多个输入验证和信息泄露漏洞 — n/a 9.8 -2006-03-09
CVE-2006-1087 PHP-Stats 'admin.php'直接静态代码注入漏洞 — n/a 9.8 -2006-03-09
CVE-2006-0677 CrossFire拒绝服务漏洞 — n/a 7.5 -2006-02-14
CVE-2006-0374 ACT P202S VOIP WIFI Phones多个远程漏洞 — n/a 7.5 -2006-01-22
CVE-2006-0228 GRSecurity Linux服务以高权限执行漏洞 — n/a 7.5 -2006-01-17
CVE-2005-3656 多家厂商mod_auth_pgsql格式串处理漏洞 — n/a 9.8 -2006-01-06
CVE-2005-3802 Belkin无线路由器远程认证绕过漏洞 — n/a 9.8 -2005-11-24
CVE-2005-3715 Senao SI-680H VOIP WIFI电话VxWorks远程调试器访问漏洞 — n/a 9.8 -2005-11-21
CVE-2002-2149 Lucent Access Point IP 服务路由器超长HTTP请求服务拒绝漏洞 — n/a 7.5 -2005-11-16
CVE-2003-1264 Longshine Wireless Access Point设备信息泄露漏洞 — n/a 9.8 -2005-11-16
CVE-2005-2424 Siemens Santis 50无线路由器 拒绝服务漏洞 — n/a 7.5 -2005-08-03
CVE-2000-1228 Phorum admin.php3无需验证修改管理员口令漏洞 — n/a 9.1 -2005-07-14
CVE-2004-2166 Canon ImageRUNNER 5000打印机邮件打印漏洞 — n/a 7.5 -2005-07-10
CVE-2005-2168 PlagueNewsSystem delete.php 绕过认证漏洞 — n/a 7.5 -2005-07-06
CVE-2005-0771 Veritas Backup Exec Server远程访问漏洞 — n/a 7.5 -2005-06-29
CVE-2002-1810 D-Link DWL-900AP+ TFTP服务器任意文件获取漏洞 — n/a 7.5 -2005-06-28
CVE-2001-1484 Alcatel ADSL调制解调器 — n/a 6.5 -2005-06-21
CVE-2005-1709 Blue Coat Reporter License HTML注入漏洞 — n/a 7.5 -2005-05-24
CVE-2004-1088 Apple Mac OS X多个远程和本地安全漏洞 — n/a 3.7 -2005-04-14
CVE-2005-0819 Novell Netware Xsession未授权服务器控制台访问漏洞 — n/a 7.2 -2005-03-20
CVE-2005-0746 Novell iChain Mini FTP Server非授权远程路径泄漏漏洞 — n/a 5.3 -2005-03-13

Vulnerabilities classified as access:pre-auth represent 19413 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.