Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1310 CNY

100%
Buy Us a Coffee

access:pre-auth — CVE vulnerabilities tagged 19499

19499 CVE security advisories tagged "access:pre-auth" with AI Chinese analysis, CVSS, references and POCs.

The tag "access:pre-auth" identifies vulnerabilities that allow unauthenticated attackers to gain unauthorized access to a system, application, or network resource before legitimate credentials are verified. This classification is critical because it represents the lowest barrier to entry for exploitation, enabling remote code execution, data exfiltration, or full system compromise without prior authentication. Typical scenarios involve flaws in authentication mechanisms, such as broken access controls, insecure direct object references, or logic errors in session management that bypass login requirements. Attackers frequently target these weaknesses via exposed APIs, administrative interfaces, or default configurations. Because no user interaction or valid credentials are needed, pre-authentication flaws are among the most severe and widely exploited security issues, often leading to immediate breach of confidentiality, integrity, and availability across affected infrastructure.

CVE IDTitleCVSSSeverityPublished
CVE-2022-36444 Atos Unify OpenScape 安全漏洞 — n/a 8.6 High2022-07-25
CVE-2022-33901 WordPress MultiSafepay plugin for WooCommerce plugin <= 4.13.1 - Unauthenticated Arbitrary File Read vulnerability — MultiSafepay plugin for WooCommerce (WordPress plugin) 5.3 Medium2022-07-22
CVE-2021-36200 Metasys ADS/ADX/OAS with MUI — Metasys ADS/ADX/OAS serverCWE-306 5.3 Medium2022-07-22
CVE-2022-34487 WordPress Shortcode Addons plugin <= 3.0.2 - Unauthenticated Arbitrary Option Update vulnerability — Shortcode Addons (WordPress plugin)CWE-264 9.8 Critical2022-07-21
CVE-2022-33198 WordPress Accordions plugin <= 2.0.2 - Unauthenticated WordPress Options Change vulnerability — Accordions (WordPress plugin)CWE-264 9.8 Critical2022-07-21
CVE-2022-30628 Supersmart.me – Walk Through access to business information without authentication — Supersmart.me – Walk Through 4.8 Medium2022-07-21
CVE-2022-20916 Cisco IoT Control Center Cross-Site Scripting Vulnerability — Cisco IoT Control CenterCWE-80 6.1 Medium2022-07-21
CVE-2022-20857 Cisco Nexus Dashboard Unauthorized Access Vulnerabilities — Cisco Nexus DashboardCWE-306 9.8 Critical2022-07-21
CVE-2022-20858 Cisco Nexus Dashboard Unauthorized Access Vulnerabilities — Cisco Nexus DashboardCWE-306 9.8 Critical2022-07-21
CVE-2022-20860 Cisco Nexus Dashboard SSL Certificate Validation Vulnerability — Cisco Nexus DashboardCWE-295 7.4 High2022-07-21
CVE-2022-20861 Cisco Nexus Dashboard Unauthorized Access Vulnerabilities — Cisco Nexus DashboardCWE-306 9.8 Critical2022-07-21
CVE-2022-34367 Dell EMC Data Protection Central 跨站请求伪造漏洞 — Data Protection CentralCWE-352 5.4 Medium2022-07-20
CVE-2022-31234 Dell EMC PowerStore 安全漏洞 — PowerStoreCWE-307 8.1 High2022-07-20
CVE-2022-26138 Atlassian Confluence Server 信任管理问题漏洞 — Questions For ConfluenceCWE-798 9.8 -2022-07-20
CVE-2022-26137 Atlassian Crowd和Atlassian Jira 访问控制错误漏洞 — Bamboo ServerCWE-180 8.8 -2022-07-20
CVE-2022-26136 Atlassian Crowd和Atlassian Jira 授权问题漏洞 — Bamboo ServerCWE-180 8.8 -2022-07-20
CVE-2022-33319 Mitsubishi Electric MC Works64 缓冲区错误漏洞 — GENESIS64CWE-125 8.2 High2022-07-20
CVE-2022-33318 Mitsubishi Electric MC Works64 代码问题漏洞 — GENESIS64CWE-502 9.8 Critical2022-07-20
CVE-2022-33320 Mitsubishi Electric MC Works64 代码问题漏洞 — GENESIS64CWE-502 7.8 High2022-07-20
CVE-2022-33315 Mitsubishi Electric MC Works64和ICONICS GENESIS64 代码问题漏洞 — GENESIS64CWE-502 7.8 High2022-07-20
CVE-2022-33317 Mitsubishi Electric MC Works64和ICONICS GENESIS64 安全漏洞 — GENESIS64CWE-829 7.8 High2022-07-20
CVE-2022-33316 Mitsubishi Electric MC Works64 和 ICONICS GENESIS64 代码问题漏洞 — GENESIS64CWE-502 7.8 High2022-07-20
CVE-2022-34049 WAVLINK WN530HG4 安全漏洞 — n/a 5.3 -2022-07-20
CVE-2022-29834 ICONICS GENESIS64 路径遍历漏洞 — GENESIS64CWE-22 7.5 High2022-07-20
CVE-2022-2141 ICSA-22-200-01 MiCODUS MV720 GPS tracker Improper Authentication — MV720CWE-287 9.8 Critical2022-07-20
CVE-2022-22217 Junos OS: QFX10K Series: Denial of Service (DoS) upon receipt of crafted MLD packets on multi-homing ESI in VXLAN — Junos OSCWE-754 6.1 Medium2022-07-20
CVE-2022-22216 Junos OS: PTX Series and QFX10000 Series: 'Etherleak' memory disclosure in Ethernet padding data — Junos OSCWE-200 4.3 Medium2022-07-20
CVE-2022-22213 Junos OS and Junos OS Evolved: Denial of Service (DoS) vulnerability in RPD upon receipt of specific BGP update — Junos OSCWE-232 5.9 Medium2022-07-20
CVE-2022-22212 Junos OS Evolved: A high rate of specific hostbound traffic will cause unexpected hostbound traffic delays or drops — Junos OS EvolvedCWE-770 7.5 High2022-07-20
CVE-2022-22210 Junos OS: QFX5000 Series and MX Series: An l2alm crash leading to an FPC crash can be observed in VxLAN scenario — Junos OSCWE-476 6.5 Medium2022-07-20

Vulnerabilities classified as access:pre-auth represent 19499 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.