Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1310 CNY

100%
Buy Us a Coffee

access:pre-auth — CVE vulnerabilities tagged 19504

19504 CVE security advisories tagged "access:pre-auth" with AI Chinese analysis, CVSS, references and POCs.

The tag "access:pre-auth" identifies vulnerabilities that allow unauthenticated attackers to gain unauthorized access to a system, application, or network resource before legitimate credentials are verified. This classification is critical because it represents the lowest barrier to entry for exploitation, enabling remote code execution, data exfiltration, or full system compromise without prior authentication. Typical scenarios involve flaws in authentication mechanisms, such as broken access controls, insecure direct object references, or logic errors in session management that bypass login requirements. Attackers frequently target these weaknesses via exposed APIs, administrative interfaces, or default configurations. Because no user interaction or valid credentials are needed, pre-authentication flaws are among the most severe and widely exploited security issues, often leading to immediate breach of confidentiality, integrity, and availability across affected infrastructure.

CVE IDTitleCVSSSeverityPublished
CVE-2021-35987 Adobe Acrobat Pro DC PDFLibTool Out-of-Bound Read — Acrobat ReaderCWE-125 3.3 Low2021-08-20
CVE-2021-35986 Adobe Acrobat Pro DC getAnnot Type Confusion Information Disclosure Vulnerability — Acrobat ReaderCWE-843 3.3 Low2021-08-20
CVE-2021-35981 Adobe Acrobat Reader DC launchURL Use-After-Free Remote Code Execution Vulnerability — Acrobat ReaderCWE-416 7.8 High2021-08-20
CVE-2021-35985 Adobe Acrobat Pro DC PDFLibTool Null Pointer Dereference Bug — Acrobat ReaderCWE-476 5.5 Medium2021-08-20
CVE-2021-35983 Adobe Acrobat Reader DC AcroForm Use-After-Free Remote Code Execution Vulnerability — Acrobat ReaderCWE-416 7.8 High2021-08-20
CVE-2021-28643 Adobe Acrobat Pro DC embedDocAsDataObject Type Confusion Information Disclosure Vulnerability — Acrobat ReaderCWE-843 3.3 Low2021-08-20
CVE-2021-28642 Adobe Acrobat Pro DC Out-of-Bounds Write Arbitrary Code Execution Vulnerability — Acrobat ReaderCWE-787 8.8 High2021-08-20
CVE-2021-28638 Adobe Acrobat Reader DC PDF File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability — Acrobat ReaderCWE-122 7.8 High2021-08-20
CVE-2021-28641 Adobe Acrobat Reader Use-After-Free Arbitrary Code Execution Vulnerability — Acrobat ReaderCWE-416 7.8 High2021-08-20
CVE-2021-28639 Adobe Acrobat Reader DC setAction Use-After-Free Remote Code Execution Vulnerability — Acrobat ReaderCWE-416 7.8 High2021-08-20
CVE-2021-28635 Adobe Acrobat Reader Use-After-Free Vulnerability — Acrobat ReaderCWE-416 7.8 High2021-08-20
CVE-2021-28637 Adobe Acrobat Pro DC PDFLibTool Out-of-Bounds Read Remote Code Execution Vulnerability — Acrobat ReaderCWE-125 7.8 High2021-08-20
CVE-2021-28595 Adobe Dimension Uncontrolled Search Path Element Could Lead To Remote Code Execution — DimensionCWE-427 7.8 High2021-08-20
CVE-2021-28591 Adobe Illustrator PDF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability — IllustratorCWE-787 7.8 High2021-08-20
CVE-2021-28624 Adobe Bridge SGI File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability — BridgeCWE-122 7.8 High2021-08-20
CVE-2021-28589 Adobe Media Encoder TS File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability — Media EncoderCWE-125 3.3 Low2021-08-20
CVE-2021-28592 Adobe Illustrator JPEG2000 Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability — IllustratorCWE-787 7.8 High2021-08-20
CVE-2021-28593 Adobe Illustrator PostScript Parsing Use-After-Free Information Disclosure Vulnerability — IllustratorCWE-416 3.3 Low2021-08-20
CVE-2021-28590 Adobe Media Encoder VOB File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability — Media EncoderCWE-125 3.3 Low2021-08-20
CVE-2021-31338 SINEMA Remote Connect Server 安全漏洞 — SINEMA Remote Connect ClientCWE-15 7.8 -2021-08-19
CVE-2021-32602 Fortinet FortiPortal 跨站脚本漏洞 — Fortinet FortiPortal 5.8 Medium2021-08-18
CVE-2021-32588 Fortinet FortiPortal 信任管理问题漏洞 — Fortinet FortiPortal 9.8 Critical2021-08-18
CVE-2021-34749 Multiple Cisco Products Server Name Identification Data Exfiltration Vulnerability — Cisco Web Security Appliance (WSA)CWE-200 5.8 Medium2021-08-18
CVE-2021-34734 Cisco Video Surveillance 7000 Series IP Cameras Link Layer Discovery Protocol Double-Free Denial of Service Vulnerability — Cisco Video Surveillance 7000 Series IP CamerasCWE-415 6.5 Medium2021-08-18
CVE-2021-34730 Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers Remote Command Execution and Denial of Service Vulnerability — Cisco Small Business RV Series Router FirmwareCWE-121 9.8 Critical2021-08-18
CVE-2021-3458 Motorola MM1000 授权问题漏洞 — MM1000 MoCA AdapterCWE-287 6.1 Medium2021-08-17
CVE-2021-38755 Hospital Management System 安全漏洞 — n/a 5.3 -2021-08-16
CVE-2021-35393 Realtek Jungle SDK 缓冲区错误漏洞 — n/a 9.1 -2021-08-16
CVE-2021-35394 Realtek Jungle SDK 安全漏洞 — n/a 9.8 -2021-08-16
CVE-2021-3708 D-Link DSL-2750U 操作系统命令注入漏洞 — DSL-2750UCWE-78 7.8 -2021-08-16

Vulnerabilities classified as access:pre-auth represent 19504 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.