Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1110 CNY

100%
Buy Us a Coffee

access:pre-auth — CVE vulnerabilities tagged 19401

19401 CVE security advisories tagged "access:pre-auth" with AI Chinese analysis, CVSS, references and POCs.

The tag "access:pre-auth" identifies vulnerabilities that allow unauthenticated attackers to gain unauthorized access to a system, application, or network resource before legitimate credentials are verified. This classification is critical because it represents the lowest barrier to entry for exploitation, enabling remote code execution, data exfiltration, or full system compromise without prior authentication. Typical scenarios involve flaws in authentication mechanisms, such as broken access controls, insecure direct object references, or logic errors in session management that bypass login requirements. Attackers frequently target these weaknesses via exposed APIs, administrative interfaces, or default configurations. Because no user interaction or valid credentials are needed, pre-authentication flaws are among the most severe and widely exploited security issues, often leading to immediate breach of confidentiality, integrity, and availability across affected infrastructure.

CVE IDTitleCVSSSeverityPublished
CVE-2022-26845 多款Intel产品授权问题漏洞 — Intel(R) AMT 8.7 High2022-11-11
CVE-2022-20940 Cisco Firepower Threat Defense 安全漏洞 — Cisco Firepower Threat Defense SoftwareCWE-203 5.3 Medium2022-11-10
CVE-2022-20941 Cisco Firepower Management Center 安全特征问题漏洞 — Cisco Firepower Management CenterCWE-334 5.3 Medium2022-11-10
CVE-2022-20943 多款Cisco产品安全漏洞 — Cisco Firepower Threat Defense SoftwareCWE-244 5.8 Medium2022-11-10
CVE-2022-20922 多款Cisco产品安全漏洞 — Cisco Firepower Threat Defense SoftwareCWE-244 5.8 Medium2022-11-10
CVE-2022-20928 Cisco Adaptive Security Appliance(ASA)Software和Cisco Firepower Threat Defense(FTD)Software 安全漏洞 — Cisco Adaptive Security Appliance (ASA) SoftwareCWE-863 5.8 Medium2022-11-10
CVE-2022-20950 Cisco Firepower Threat Defense 代码问题漏洞 — Cisco Firepower Threat Defense SoftwareCWE-770 5.8 Medium2022-11-10
CVE-2022-20826 Cisco Firepower Threat Defense 安全漏洞 — Cisco Adaptive Security Appliance (ASA) SoftwareCWE-501 6.4 Medium2022-11-10
CVE-2022-20854 Cisco Firepower Management Center和Firepower Threat Defense 资源管理错误漏洞 — Cisco Firepower Management CenterCWE-400 7.5 High2022-11-10
CVE-2022-20918 Cisco Firepower Management Center 授权问题漏洞 — Cisco Firepower Management CenterCWE-284 7.5 High2022-11-10
CVE-2022-20947 Cisco Adaptive Security Appliance Software和Firepower Threat Defense(FTD)Software 缓冲区错误漏洞 — Cisco Adaptive Security Appliance (ASA) SoftwareCWE-119 8.6 High2022-11-10
CVE-2022-20946 Cisco Firepower Threat Defense 缓冲区错误漏洞 — Cisco Firepower Threat Defense SoftwareCWE-122 8.6 High2022-11-10
CVE-2022-39037 FLOWRING Agentflow BPM - Path Traversal — Agentflow BPMCWE-22 7.5 High2022-11-10
CVE-2022-39036 FLOWRING Agentflow BPM - Arbitrary File Upload — Agentflow BPMCWE-434 9.8 Critical2022-11-10
CVE-2022-38122 POWERCOM CO., LTD. UPSMON PRO - Cleartext Transmission of Sensitive Information — UPSMON PROCWE-319 7.5 High2022-11-10
CVE-2022-38119 POWERCOM CO., LTD. UPSMON PRO - Broken Authentication — UPSMON PROCWE-287 9.8 Critical2022-11-10
CVE-2022-41876 ezplatform-graphql GraphQL queries can expose password hashes — ezplatform-graphqlCWE-200 7.5 High2022-11-10
CVE-2021-34568 WAGO I/O-Check Service prone to Allocation of Resources Without Limits or Throttling — 750-81xx/xxx-xxxFWCWE-770 7.5 High2022-11-09
CVE-2021-34567 WAGO I/O-Check Service prone to Out-of-bounds Read — 750-81xx/xxx-xxxFWCWE-125 8.2 High2022-11-09
CVE-2021-34566 WAGO I/O-Check Service prone to Memory Overflow — 750-81xx/xxx-xxxFWCWE-120 9.1 Critical2022-11-09
CVE-2022-39307 Grafana subject to Exposure of Sensitive Information resulting in User enumeration via forget password — grafanaCWE-200 6.7 Medium2022-11-09
CVE-2022-39892 Samsung Pass 授权问题漏洞 — Samsung PassCWE-287 3.6 Low2022-11-09
CVE-2022-31199 Netwrix Auditor 代码问题漏洞 — n/a 9.8 -2022-11-08
CVE-2022-33321 Mitsubishi Electric consumer electronics products 安全漏洞 — PHOTOVOLTAIC COLOR MONITOR ECO-GUIDE PV-DR006L-SET-MCWE-319 9.1 -2022-11-08
CVE-2022-33322 Mitsubishi Electric consumer electronics products 跨站脚本漏洞 — Air Conditioning MSZ-FD40/56/63/71/8022SCWE-79 6.1 -2022-11-08
CVE-2022-34822 NEC Expresscluster X 路径遍历漏洞 — CLUSTERPRO X 9.8 -2022-11-08
CVE-2022-34823 NEC Expresscluster X 安全漏洞 — CLUSTERPRO X 9.8 -2022-11-08
CVE-2022-34824 NEC Expresscluster X 安全漏洞 — CLUSTERPRO X 9.8 -2022-11-08
CVE-2022-34825 NEC Expresscluster X 代码问题漏洞 — CLUSTERPRO X 8.8 -2022-11-08
CVE-2022-39328 Grafana vulnerable to race condition allowing privilege escalation — grafanaCWE-362 9.8 Critical2022-11-08

Vulnerabilities classified as access:pre-auth represent 19401 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.