Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1310 CNY

100%
Buy Us a Coffee

access:pre-auth — CVE vulnerabilities tagged 19534

19534 CVE security advisories tagged "access:pre-auth" with AI Chinese analysis, CVSS, references and POCs.

The tag "access:pre-auth" identifies vulnerabilities that allow unauthenticated attackers to gain unauthorized access to a system, application, or network resource before legitimate credentials are verified. This classification is critical because it represents the lowest barrier to entry for exploitation, enabling remote code execution, data exfiltration, or full system compromise without prior authentication. Typical scenarios involve flaws in authentication mechanisms, such as broken access controls, insecure direct object references, or logic errors in session management that bypass login requirements. Attackers frequently target these weaknesses via exposed APIs, administrative interfaces, or default configurations. Because no user interaction or valid credentials are needed, pre-authentication flaws are among the most severe and widely exploited security issues, often leading to immediate breach of confidentiality, integrity, and availability across affected infrastructure.

CVE IDTitleCVSSSeverityPublished
CVE-2022-2379 Easy Student Results <= 2.2.8 - Sensitive Information Disclosure via REST API — Easy Student ResultsCWE-862 7.5 -2022-08-15
CVE-2022-2180 GREYD.SUITE < 1.2.7 - Unauthenticated File Upload to RCE — greyd_suiteCWE-434 9.8 -2022-08-15
CVE-2021-29117 arcreader use-after-free — ArcReaderCWE-416 7.8 -2022-08-12
CVE-2021-29112 Esri ArcReader PMF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability — ArcReaderCWE-125 5.5 -2022-08-12
CVE-2021-29118 Esri ArcReader PMF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability — ArcReaderCWE-125 5.5 -2022-08-12
CVE-2022-37397 The software is vulnerable when using LDAP-based authentication in YCQL with Microsoft’s Active Directory — Yugabyte DBCWE-287 8.3 High2022-08-12
CVE-2021-22289 RCE through Project Upload from Target — Automation StudioCWE-20 8.3 High2022-08-11
CVE-2022-33927 Dell Wyse Management Suite 授权问题漏洞 — Wyse Management SuiteCWE-384 5.4 Medium2022-08-10
CVE-2022-20866 Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software RSA Private Key Leak Vulnerability — Cisco Adaptive Security Appliance (ASA) SoftwareCWE-203 7.4 High2022-08-10
CVE-2022-20713 Cisco Adaptive Security Appliances Software 跨站脚本漏洞 — Cisco Adaptive Security Appliance (ASA) SoftwareCWE-444 4.3 Medium2022-08-10
CVE-2022-38130 Keysight Technologies Sensor Management Server SQL注入漏洞 — Keysight Technologies Sensor Management Server 9.8 -2022-08-10
CVE-2022-38129 Keysight Technologies Sensor Management Server 路径遍历漏洞 — Keysight Technologies Sensor Management Server 9.1 -2022-08-10
CVE-2022-36923 多款ZOHO ManageEngine产品安全漏洞 — n/a 7.5 -2022-08-10
CVE-2022-36324 多款Siemens SCALANCE产品安全漏洞 — RUGGEDCOM RM1224 LTE(4G) EUCWE-770 7.5 High2022-08-10
CVE-2021-46304 Siemens SICAM A8000 CP-8000 安全漏洞 — CP-8000 MASTER MODULE WITH I/O -25/+70°CCWE-284 7.5 -2022-08-10
CVE-2022-20827 Cisco Small Business RV Series Routers Vulnerabilities — Cisco Small Business RV Series Router FirmwareCWE-120 9.0 Critical2022-08-10
CVE-2022-20869 Cisco BroadWorks Application Delivery Platform Software Cross-Site Scripting Vulnerability — Cisco BroadWorksCWE-79 6.1 Medium2022-08-10
CVE-2022-20842 Cisco Small Business RV Series Routers Vulnerabilities — Cisco Small Business RV Series Router FirmwareCWE-120 9.0 Critical2022-08-10
CVE-2022-20841 Cisco Small Business RV Series Routers Vulnerabilities — Cisco Small Business RV Series Router FirmwareCWE-120 9.0 Critical2022-08-10
CVE-2022-31675 VMware vRealize Operations 安全漏洞 — VMware vRealize Operations 7.5 -2022-08-09
CVE-2022-23238 Netapp StorageGRID 安全漏洞 — StorageGRID (formerly StorageGRID Webscale) 6.5 -2022-08-09
CVE-2022-29083 Dell BIOS 授权问题漏洞 — CPG BIOSCWE-287 6.8 Medium2022-08-09
CVE-2022-32245 SAP BusinessObjects Business Intelligence Platform 安全漏洞 — SAP BusinessObjects Business Intelligence Platform (Open Document)CWE-319 8.2 -2022-08-09
CVE-2022-35293 SAP Enable Now Manager 安全漏洞 — SAP Enable Now ManagerCWE-862 9.1 -2022-08-09
CVE-2022-32429 MSNSwitch 授权问题漏洞 — n/a 9.8 -2022-08-09
CVE-2022-36264 Airspan AirSpot 5410 代码问题漏洞 — n/a 9.1 -2022-08-08
CVE-2022-36267 Airspan AirSpot 5410 安全漏洞 — n/a 9.8 -2022-08-08
CVE-2022-35487 Zammad 安全漏洞 — n/a 7.5 -2022-08-08
CVE-2022-2460 WPDating < 7.4.0 - Multiple Unauthenticated SQLi — WPDating 9.8 -2022-08-08
CVE-2022-2675 Unitree Go 1 "Robot Dog" Unauthenticated Remote Power Down — Go 1CWE-285 6.5 -2022-08-05

Vulnerabilities classified as access:pre-auth represent 19534 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.