Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1310 CNY

100%
Buy Us a Coffee

access:pre-auth — CVE vulnerabilities tagged 19524

19524 CVE security advisories tagged "access:pre-auth" with AI Chinese analysis, CVSS, references and POCs.

The tag "access:pre-auth" identifies vulnerabilities that allow unauthenticated attackers to gain unauthorized access to a system, application, or network resource before legitimate credentials are verified. This classification is critical because it represents the lowest barrier to entry for exploitation, enabling remote code execution, data exfiltration, or full system compromise without prior authentication. Typical scenarios involve flaws in authentication mechanisms, such as broken access controls, insecure direct object references, or logic errors in session management that bypass login requirements. Attackers frequently target these weaknesses via exposed APIs, administrative interfaces, or default configurations. Because no user interaction or valid credentials are needed, pre-authentication flaws are among the most severe and widely exploited security issues, often leading to immediate breach of confidentiality, integrity, and availability across affected infrastructure.

CVE IDTitleCVSSSeverityPublished
CVE-2021-35996 Adobe After Effects Memory Corruption Could Lead To Arbitrary Code Execution — After EffectsCWE-788 7.8 High2021-09-02
CVE-2021-35994 Adobe After Effects JPEG2000 Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability — After EffectsCWE-787 7.8 High2021-09-02
CVE-2021-35995 Adobe After Effects MP4 File Parsing Uninitialized Variable Information Disclosure Vulnerability — After EffectsCWE-20 3.3 Low2021-09-02
CVE-2021-35993 Adobe After Effects PDF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability — After EffectsCWE-787 7.8 High2021-09-02
CVE-2021-36019 Adobe After Effects PDF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability — After EffectsCWE-125 3.3 Low2021-09-02
CVE-2021-36018 Adobe After Effects PDF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability — After EffectsCWE-125 3.3 Low2021-09-02
CVE-2021-38314 Gutenberg Template Library & Redux Framework <= 4.2.11 Sensitive Information Disclosure — Gutenberg Template Library & Redux FrameworkCWE-200 5.3 Medium2021-09-02
CVE-2021-28564 Adobe Acrobat Reader out-of-bounds write vulnerability could lead to arbitrary code execution — Acrobat ReaderCWE-787 8.8 High2021-09-02
CVE-2021-28561 Adobe Acrobat Reader memory corruption vulnerability could lead to remote code execution — Acrobat ReaderCWE-787 8.8 High2021-09-02
CVE-2021-28559 Adobe Acrobat Reader privacy violation vulnerability could lead to privilege escalation — Acrobat ReaderCWE-359 5.3 Medium2021-09-02
CVE-2021-28565 Adobe Acrobat Reader out-of-bounds read could lead to information exposure — Acrobat ReaderCWE-125 4.3 Medium2021-09-02
CVE-2021-28560 Adobe Acrobat Reader heap corruption vulnerability could lead to arbitrary code execution — Acrobat ReaderCWE-122 8.8 High2021-09-02
CVE-2021-28557 Adobe Acrobat Reader out-of-bounds read in PDFLibTool could lead to information exposure — Acrobat ReaderCWE-125 4.3 Medium2021-09-02
CVE-2021-28553 Adobe Acrobat Reader use-after-free vulnerability could lead to arbitrary code execution — Acrobat ReaderCWE-416 8.8 -2021-09-02
CVE-2021-28550 Adobe Acrobat Reader use after free vulnerability could lead to arbitrary code execution — Acrobat ReaderCWE-416 8.8 -2021-09-02
CVE-2021-28555 Adobe Acrobat Reader out-of-bounds Read could lead to information disclosure — Acrobat ReaderCWE-125 4.3 -2021-09-02
CVE-2021-28558 Adobe Acrobat Reader heap-based buffer overflow could lead to arbitrary code execution — Acrobat ReaderCWE-122 8.8 -2021-09-02
CVE-2021-21086 Adobe Reader CoolType Arbitrary Stack Manipulation — Acrobat ReaderCWE-787 7.8 High2021-09-02
CVE-2021-34746 Cisco Enterprise NFV Infrastructure Software Authentication Bypass Vulnerability — Cisco Enterprise NFV Infrastructure SoftwareCWE-289 9.8 Critical2021-09-02
CVE-2021-34732 Cisco Prime Collaboration Provisioning Cross-Site Scripting Vulnerability — Cisco Prime Collaboration ProvisioningCWE-79 6.1 Medium2021-09-02
CVE-2021-36061 Adobe Connect Violation of Secure Design Principles Vulnerability Can Lead To Editing Or Deleting Recordings — ConnectCWE-657 5.4 Medium2021-09-01
CVE-2021-36044 Magento Commerce GraphQL Improper Input Validation Could Lead To Denial Of Service — Magento CommerceCWE-20 7.5 High2021-09-01
CVE-2021-36030 Magento Commerce Improper Input Validation During Checkout Process Could Lead To Privilege Escalation — Magento CommerceCWE-20 7.5 High2021-09-01
CVE-2021-36020 Magento Commerce XML Injection Vulnerability In The 'City' Field Could Lead To Remote Code Execution — Magento CommerceCWE-91 8.2 High2021-09-01
CVE-2021-37415 ZOHO ManageEngine ServiceDesk Plus 访问控制错误漏洞 — n/a 9.1 -2021-09-01
CVE-2021-22002 Vmware vRealize Automation 授权问题漏洞 — VMware Workspace ONE Access, Identity Manager and vRealize Automation 9.8 -2021-08-31
CVE-2021-27668 HashiCorp Vault 访问控制错误漏洞 — n/a 5.3 -2021-08-31
CVE-2021-34581 WAGO: Denial of Service vulnerability inside the OpenSSL implementation — 750-831/xxx-xxx, 750-880/xxx-xxx, 750-881, 750-889CWE-772 7.5 High2021-08-31
CVE-2021-34578 WAGO: Authentication Vulnerability in Web-Based Management — PLCCWE-287 9.8 Critical2021-08-31
CVE-2021-33555 A vulnerability may allow remote attackers to read arbitrary files on the server of the WirelessHART-Gateway — WHA-GW-F2D2-0-AS- Z2-ETHCWE-22 7.5 High2021-08-31

Vulnerabilities classified as access:pre-auth represent 19524 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.