Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1310 CNY

100%
Buy Us a Coffee

access:pre-auth — CVE vulnerabilities tagged 19518

19518 CVE security advisories tagged "access:pre-auth" with AI Chinese analysis, CVSS, references and POCs.

The tag "access:pre-auth" identifies vulnerabilities that allow unauthenticated attackers to gain unauthorized access to a system, application, or network resource before legitimate credentials are verified. This classification is critical because it represents the lowest barrier to entry for exploitation, enabling remote code execution, data exfiltration, or full system compromise without prior authentication. Typical scenarios involve flaws in authentication mechanisms, such as broken access controls, insecure direct object references, or logic errors in session management that bypass login requirements. Attackers frequently target these weaknesses via exposed APIs, administrative interfaces, or default configurations. Because no user interaction or valid credentials are needed, pre-authentication flaws are among the most severe and widely exploited security issues, often leading to immediate breach of confidentiality, integrity, and availability across affected infrastructure.

CVE IDTitleCVSSSeverityPublished
CVE-2022-20622 Cisco Embedded Wireless Controller with Catalyst Access Points IP Flood Denial of Service Vulnerability — Cisco Aironet Access Point SoftwareCWE-770 8.6 High2022-04-15
CVE-2022-20678 Cisco IOS XE Software AppNav-XE Denial of Service Vulnerability — Cisco IOS XE SoftwareCWE-413 8.6 High2022-04-15
CVE-2022-20679 Cisco IOS XE Software IPSec Denial of Service Vulnerability — Cisco IOS XE SoftwareCWE-20 6.8 Medium2022-04-15
CVE-2022-20682 Cisco IOS XE Wireless Controller Software for the Catalyst 9000 Family CAPWAP Denial of Service Vulnerability — Cisco IOS XE SoftwareCWE-690 8.6 High2022-04-15
CVE-2022-20683 Cisco IOS XE Software for Catalyst 9800 Series Wireless Controllers Application Visibility and Control Denial of Service Vulnerability — Cisco IOS XE SoftwareCWE-124 8.6 High2022-04-15
CVE-2022-20684 Cisco IOS XE Wireless Controller Software for the Catalyst 9000 Family SNMP Trap Denial of Service Vulnerability — Cisco IOS XE SoftwareCWE-190 7.4 High2022-04-15
CVE-2022-20694 Cisco IOS XE Software Border Gateway Protocol Resource Public Key Infrastructure Denial of Service Vulnerability — Cisco IOS XE SoftwareCWE-617 6.8 Medium2022-04-15
CVE-2022-20695 Cisco Wireless LAN Controller Management Interface Authentication Bypass Vulnerability — Cisco Wireless LAN Controller (WLC)CWE-303 10.0 Critical2022-04-15
CVE-2022-20714 Cisco IOS XR Software for ASR 9000 Series Routers Lightspeed-Plus Line Cards Denial of Service Vulnerability — Cisco IOS XR SoftwareCWE-126 8.6 High2022-04-15
CVE-2022-28345 Signal iOS Client 注入漏洞 — n/a 6.5 -2022-04-15
CVE-2020-25162 B. Braun SpaceCom, Battery Pack SP with Wi-Fi, and Data module compactplus — SpaceComCWE-643 7.5 High2022-04-14
CVE-2022-22198 Junos OS: MX MS-MPC or MS-MIC, or SRX SPC crashes if it receives a SIP message with a specific contact header format — Junos OSCWE-824 7.5 High2022-04-14
CVE-2022-22197 Junos OS and Junos OS Evolved: An rpd core will be observed with proxy BGP route-target filtering enabled and certain route add and delete event happening — Junos OSCWE-672 7.5 High2022-04-14
CVE-2022-22196 Junos OS and Junos OS Evolved: The rpd CPU spikes to 100% after a malformed ISIS TLV has been received — Junos OSCWE-754 6.5 Medium2022-04-14
CVE-2022-22195 Junos OS Evolved: Specific packets reaching the RE lead to a counter overflow and eventually a crash — Junos OS EvolvedCWE-911 7.5 High2022-04-14
CVE-2022-22194 Junos OS Evolved: PTX series: An attacker sending a crafted GRE packet will cause the PFE to restart — Junos OS EvolvedCWE-754 7.5 High2022-04-14
CVE-2022-22191 Junos OS: EX4300: PFE Denial of Service (DoS) upon receipt of a flood of specific ARP traffic — Junos OSCWE-410 6.5 Medium2022-04-14
CVE-2022-22190 Paragon Active Assurance Control Center: Information disclosure vulnerability in crafted URL — Paragon Active AssuranceCWE-284 7.4 High2022-04-14
CVE-2022-22189 Contrail Service Orchestration: An authenticated local user may have their permissions elevated via the device via management interface without authentication — Contrail Service OrchestrationCWE-288 7.3 High2022-04-14
CVE-2022-22188 Junos OS: QFX5100/QFX5110/QFX5120/QFX5200/QFX5210/EX4600/EX4650 Series: When storm control profiling is enabled and a device is under an active storm, a Heap-based Buffer Overflow in the PFE will cause a device to hang. — Junos OSCWE-789 7.5 High2022-04-14
CVE-2022-22185 Junos OS: SRX Series: Denial of service vulnerability in flowd daemon upon receipt of a specific fragmented packet — Junos OSCWE-754 7.5 High2022-04-14
CVE-2022-22183 Junos OS Evolved: A remote attacker may cause a CPU Denial of Service by sending genuine traffic to a device on a specific IPv4 port. — Junos OS Evolved 7.5 High2022-04-14
CVE-2021-43287 ThoughtWorks GoCD 信息泄露漏洞 — n/a 7.5 -2022-04-14
CVE-2022-22562 Dell Technologies Dell PowerScale OneFS安全漏洞 — PowerScale OneFSCWE-229 7.5 High2022-04-12
CVE-2022-22561 Dell Technologies Dell PowerScale OneFS 安全漏洞 — PowerScale OneFSCWE-307 8.1 High2022-04-12
CVE-2022-22549 Dell Technologies Dell PowerScale OneFS 信任管理问题漏洞 — PowerScale OneFSCWE-295 7.5 High2022-04-12
CVE-2022-28215 SAP NetWeaver ABAP Server 输入验证错误漏洞 — SAP NetWeaver ABAP Server and ABAP PlatformCWE-601 4.7 -2022-04-12
CVE-2022-27669 SAP NetWeaver Application Server 安全漏洞 — SAP NetWeaver Application Server for JavaCWE-862 9.8 -2022-04-12
CVE-2022-28216 SAP BusinessObjects Business Intelligence Platform 跨站脚本漏洞 — SAP BusinessObjects Business Intelligence Platform (BI Workspace)CWE-79 6.1 -2022-04-12
CVE-2022-28770 SAPUI5 library 跨站脚本漏洞 — SAPUI5 (vbm library)CWE-79 6.1 -2022-04-12

Vulnerabilities classified as access:pre-auth represent 19518 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.