Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1310 CNY

100%
Buy Us a Coffee

access:pre-auth — CVE vulnerabilities tagged 19534

19534 CVE security advisories tagged "access:pre-auth" with AI Chinese analysis, CVSS, references and POCs.

The tag "access:pre-auth" identifies vulnerabilities that allow unauthenticated attackers to gain unauthorized access to a system, application, or network resource before legitimate credentials are verified. This classification is critical because it represents the lowest barrier to entry for exploitation, enabling remote code execution, data exfiltration, or full system compromise without prior authentication. Typical scenarios involve flaws in authentication mechanisms, such as broken access controls, insecure direct object references, or logic errors in session management that bypass login requirements. Attackers frequently target these weaknesses via exposed APIs, administrative interfaces, or default configurations. Because no user interaction or valid credentials are needed, pre-authentication flaws are among the most severe and widely exploited security issues, often leading to immediate breach of confidentiality, integrity, and availability across affected infrastructure.

CVE IDTitleCVSSSeverityPublished
CVE-2022-22237 Junos OS: Peers not configured for TCP-AO can establish a BGP or LDP session even if authentication is configured locally — Junos OSCWE-287 6.5 Medium2022-10-18
CVE-2022-22236 Junos OS: SRX Series and MX Series: When specific valid SIP packets are received the PFE will crash — Junos OSCWE-824 7.5 High2022-10-18
CVE-2022-22235 Junos OS: SRX Series: A flowd core will be observed when malformed GPRS traffic is processed — Junos OSCWE-754 5.9 Medium2022-10-18
CVE-2022-22232 SRX Series: If Unified Threat Management (UTM) Enhanced Content Filtering (CF) is enabled and specific traffic is processed the PFE will crash — Junos OSCWE-476 7.5 High2022-10-18
CVE-2022-22231 SRX Series: If UTM Enhanced Content Filtering and AntiVirus are enabled, and specific traffic is processed the PFE will crash — Junos OSCWE-690 7.5 High2022-10-18
CVE-2022-22230 Junos OS and Junos OS Evolved: RPD crash upon receipt of specific OSPFv3 LSAs — Junos OSCWE-20 6.5 Medium2022-10-18
CVE-2022-22227 Junos OS Evolved: ACX7000 Series: Specific IPv6 transit traffic gets exceptioned to the routing-engine which causes increased CPU utilization — Junos OS EvolvedCWE-754 5.3 Medium2022-10-18
CVE-2022-22226 Junos OS: EX4300-MP, EX4600, QFX5000 Series: In VxLAN scenarios specific packets processed cause a memory leak leading to a PFE crash — Junos OSCWE-789 6.5 Medium2022-10-18
CVE-2022-22225 Junos OS and Junos OS Evolved: In a BGP multipath scenario, when one of the contributing routes is flapping often and rapidly, rpd may crash — Junos OS 5.9 Medium2022-10-18
CVE-2022-22224 Junos OS and Junos OS Evolved: PPMD goes into infinite loop upon receipt of malformed OSPF TLV — Junos OSCWE-703 6.5 Medium2022-10-18
CVE-2022-22220 Junos OS and Junos OS Evolved: Due to a race condition the rpd process can crash upon receipt of a BGP update message containing flow spec route — Junos OSCWE-367 5.9 Medium2022-10-18
CVE-2022-22218 Junos OS: SRX Series: Upon processing of a genuine packet the pkid process will crash during CMPv2 auto-re-enrollment — Junos OS 7.5 High2022-10-18
CVE-2022-22208 Junos OS and Junos OS Evolved: An rpd crash can occur due to memory corruption caused by flapping BGP sessions — Junos OSCWE-416 5.9 Medium2022-10-18
CVE-2022-22201 SRX5000 Series with SPC3, SRX4000 Series, and vSRX: When PowerMode IPsec is configured, the PFE will crash upon receipt of a malformed ESP packet — Junos OSCWE-1285 7.5 High2022-10-18
CVE-2022-22192 Junos OS Evolved: PTX Series: An attacker can cause a kernel panic by sending a malformed TCP packet to the device — Junos OS Evolved 7.5 High2022-10-18
CVE-2022-21587 Oracle E-Business Suite 访问控制错误漏洞 — Web Applications Desktop Integrator 9.8 Critical2022-10-18
CVE-2022-21593 Oracle HTTP Server 安全漏洞 — HTTP Server 7.1 High2022-10-18
CVE-2022-21597 Oracle GraalVM 安全漏洞 — GraalVM Enterprise Edition 5.3 Medium2022-10-18
CVE-2022-21598 Oracle Siebel CRM 安全漏洞 — Siebel Core - DB Deployment and Configuration 7.5 High2022-10-18
CVE-2022-21601 Oracle Communications Billing and Revenue Management 安全漏洞 — Communications Billing and Revenue Management 6.5 Medium2022-10-18
CVE-2022-21602 Oracle PeopleSoft Enterprise PeopleTools 安全漏洞 — PeopleSoft Enterprise PT PeopleTools 5.3 Medium2022-10-18
CVE-2022-21606 Oracle Database Server 跨站脚本漏洞 — Services for Microsoft Transaction Server 6.1 Medium2022-10-18
CVE-2022-21613 Oracle Fusion Middleware 安全漏洞 — Enterprise Data Quality 8.8 High2022-10-18
CVE-2022-21614 Oracle Fusion Middleware 安全漏洞 — Enterprise Data Quality 7.5 High2022-10-18
CVE-2022-21615 Oracle Fusion Middleware 安全漏洞 — Enterprise Data Quality 7.4 High2022-10-18
CVE-2022-21618 Oracle Java SE和Oracle GraalVM 安全漏洞 — Java SE JDK and JRE 5.3 Medium2022-10-18
CVE-2022-21619 Oracle Java SE 安全漏洞 — Java SE JDK and JRE 3.7 Low2022-10-18
CVE-2022-21622 Oracle Fusion Middleware 安全漏洞 — SOA Suite 7.5 High2022-10-18
CVE-2022-21623 Oracle Enterprise Manager Base Platform 安全漏洞 — Enterprise Manager Base Platform 7.5 High2022-10-18
CVE-2022-21624 Oracle Java SE和Oracle GraalVM 安全漏洞 — Java SE JDK and JRE 3.7 Low2022-10-18

Vulnerabilities classified as access:pre-auth represent 19534 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.