Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1110 CNY

100%
Buy Us a Coffee

access:pre-auth — CVE vulnerabilities tagged 19401

19401 CVE security advisories tagged "access:pre-auth" with AI Chinese analysis, CVSS, references and POCs.

The tag "access:pre-auth" identifies vulnerabilities that allow unauthenticated attackers to gain unauthorized access to a system, application, or network resource before legitimate credentials are verified. This classification is critical because it represents the lowest barrier to entry for exploitation, enabling remote code execution, data exfiltration, or full system compromise without prior authentication. Typical scenarios involve flaws in authentication mechanisms, such as broken access controls, insecure direct object references, or logic errors in session management that bypass login requirements. Attackers frequently target these weaknesses via exposed APIs, administrative interfaces, or default configurations. Because no user interaction or valid credentials are needed, pre-authentication flaws are among the most severe and widely exploited security issues, often leading to immediate breach of confidentiality, integrity, and availability across affected infrastructure.

CVE IDTitleCVSSSeverityPublished
CVE-2022-22201 SRX5000 Series with SPC3, SRX4000 Series, and vSRX: When PowerMode IPsec is configured, the PFE will crash upon receipt of a malformed ESP packet — Junos OSCWE-1285 7.5 High2022-10-18
CVE-2022-22192 Junos OS Evolved: PTX Series: An attacker can cause a kernel panic by sending a malformed TCP packet to the device — Junos OS Evolved 7.5 High2022-10-18
CVE-2022-21587 Oracle E-Business Suite 访问控制错误漏洞 — Web Applications Desktop Integrator 9.8 Critical2022-10-18
CVE-2022-21593 Oracle HTTP Server 安全漏洞 — HTTP Server 7.1 High2022-10-18
CVE-2022-21597 Oracle GraalVM 安全漏洞 — GraalVM Enterprise Edition 5.3 Medium2022-10-18
CVE-2022-21598 Oracle Siebel CRM 安全漏洞 — Siebel Core - DB Deployment and Configuration 7.5 High2022-10-18
CVE-2022-21601 Oracle Communications Billing and Revenue Management 安全漏洞 — Communications Billing and Revenue Management 6.5 Medium2022-10-18
CVE-2022-21602 Oracle PeopleSoft Enterprise PeopleTools 安全漏洞 — PeopleSoft Enterprise PT PeopleTools 5.3 Medium2022-10-18
CVE-2022-21606 Oracle Database Server 跨站脚本漏洞 — Services for Microsoft Transaction Server 6.1 Medium2022-10-18
CVE-2022-21613 Oracle Fusion Middleware 安全漏洞 — Enterprise Data Quality 8.8 High2022-10-18
CVE-2022-21614 Oracle Fusion Middleware 安全漏洞 — Enterprise Data Quality 7.5 High2022-10-18
CVE-2022-21615 Oracle Fusion Middleware 安全漏洞 — Enterprise Data Quality 7.4 High2022-10-18
CVE-2022-21618 Oracle Java SE和Oracle GraalVM 安全漏洞 — Java SE JDK and JRE 5.3 Medium2022-10-18
CVE-2022-21619 Oracle Java SE 安全漏洞 — Java SE JDK and JRE 3.7 Low2022-10-18
CVE-2022-21622 Oracle Fusion Middleware 安全漏洞 — SOA Suite 7.5 High2022-10-18
CVE-2022-21623 Oracle Enterprise Manager Base Platform 安全漏洞 — Enterprise Manager Base Platform 7.5 High2022-10-18
CVE-2022-21624 Oracle Java SE和Oracle GraalVM 安全漏洞 — Java SE JDK and JRE 3.7 Low2022-10-18
CVE-2022-21626 Oracle Java SE 安全漏洞 — Java SE JDK and JRE 5.3 Medium2022-10-18
CVE-2022-21628 Oracle Java SE和Oracle GraalVM 安全漏洞 — Java SE JDK and JRE 5.3 Medium2022-10-18
CVE-2022-21630 Oracle JD Edwards Products 安全漏洞 — JD Edwards EnterpriseOne Tools 6.1 Medium2022-10-18
CVE-2022-21631 Oracle JD Edwards Products 跨站脚本漏洞 — JD Edwards EnterpriseOne Tools 6.1 Medium2022-10-18
CVE-2022-21634 Oracle Java SE和Oracle GraalVM 安全漏洞 — GraalVM Enterprise Edition 7.5 High2022-10-18
CVE-2022-21639 Oracle PeopleSoft Enterprise PeopleTools 跨站脚本漏洞 — PeopleSoft Enterprise PT PeopleTools 6.1 Medium2022-10-18
CVE-2022-3338 XXE in Trellix ePO server — Trellix ePolicy Orchestrator (ePO)CWE-611 5.4 Medium2022-10-18
CVE-2022-3339 Reflected XSS in Trellix ePO server — Trellix ePolicy Orchestrator (ePO)CWE-79 5.4 Medium2022-10-18
CVE-2022-39399 Oracle Java SE和Oracle GraalVM 安全漏洞 — Java SE JDK and JRE 3.7 Low2022-10-18
CVE-2022-39402 Oracle MySQL 安全漏洞 — MySQL Server 4.3 Medium2022-10-18
CVE-2022-39405 Oracle Fusion Middleware 安全漏洞 — Access Manager 5.3 Medium2022-10-18
CVE-2022-39412 Oracle Fusion Middleware 安全漏洞 — Access Manager 7.5 High2022-10-18
CVE-2022-39424 Oracle Virtualization和Oracle VM VirtualBox 安全漏洞 — VM VirtualBox 8.1 High2022-10-18

Vulnerabilities classified as access:pre-auth represent 19401 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.