Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1310 CNY

100%
Buy Us a Coffee

access:pre-auth — CVE vulnerabilities tagged 19534

19534 CVE security advisories tagged "access:pre-auth" with AI Chinese analysis, CVSS, references and POCs.

The tag "access:pre-auth" identifies vulnerabilities that allow unauthenticated attackers to gain unauthorized access to a system, application, or network resource before legitimate credentials are verified. This classification is critical because it represents the lowest barrier to entry for exploitation, enabling remote code execution, data exfiltration, or full system compromise without prior authentication. Typical scenarios involve flaws in authentication mechanisms, such as broken access controls, insecure direct object references, or logic errors in session management that bypass login requirements. Attackers frequently target these weaknesses via exposed APIs, administrative interfaces, or default configurations. Because no user interaction or valid credentials are needed, pre-authentication flaws are among the most severe and widely exploited security issues, often leading to immediate breach of confidentiality, integrity, and availability across affected infrastructure.

CVE IDTitleCVSSSeverityPublished
CVE-2021-35963 Learningdigital.com, Inc. Orca HCM - Unrestricted Upload of File with Dangerous Type — Orca HCMCWE-434 9.8 Critical2021-07-19
CVE-2019-3752 Dell EMC Avamar Server和EMC Integrated Data Protection Appliance 代码问题漏洞 — AvamarCWE-611 8.2 -2021-07-16
CVE-2021-1422 Cisco Adaptive Security Appliance Software Release 9.16.1 and Cisco Firepower Threat Defense Software Release 7.0.0 IPsec Denial of Service Vulnerability — Cisco Adaptive Security Appliance (ASA) SoftwareCWE-617 7.7 High2021-07-16
CVE-2021-0291 Junos OS and Junos OS Evolved: A vulnerability allows a network based unauthenticated attacker which sends a high rate of specific traffic to cause a partial Denial of Service — Junos OSCWE-497 6.5 Medium2021-07-15
CVE-2021-21587 Dell Wyse Management Suite 信息泄露漏洞 — Wyse Management SuiteCWE-200 5.3 Medium2021-07-15
CVE-2021-34691 IDrive 安全漏洞 — n/a 7.5 -2021-07-15
CVE-2021-34690 IDrive 授权问题漏洞 — n/a 9.8 -2021-07-15
CVE-2019-11098 EDKII MdeModulePkg 输入验证错误漏洞 — Tianocore 6.8 -2021-07-14
CVE-2021-36124 ShareCare SQL注入漏洞 — n/a 9.8 -2021-07-13
CVE-2021-33578 ShareCare SQL注入漏洞 — n/a 9.8 -2021-07-13
CVE-2021-31895 Siemens RUGGEDCOM安全漏洞 — RUGGEDCOM i800CWE-120 8.1 High2021-07-13
CVE-2020-28400 Siemens SCALANCE S602安全漏洞 — Development/Evaluation Kits for PROFINET IO: DK Standard Ethernet ControllerCWE-770 7.5 High2021-07-13
CVE-2021-20595 Mitsubishi Electric Air Conditioning Systems 代码问题漏洞 — Air Conditioning System/Centralized Controllers G-50A; GB-50A; GB-24A; AG-150A-A; AG-150A-J; GB-50ADA-A; GB-50ADA-J; EB-50GU-A; EB-50GU-J; AE-200A; AE-200E; AE-50A; AE-50E; EW-50A; EW-50E; TE-200A; TE-50A; TW-50A; CMS-RMD-J; Air Conditioning System/Expansion Controllers PAC-YG50ECA; Air Conditioning System/BM adapter BAC-HD150 8.2 -2021-07-13
CVE-2021-24442 Poll, Survey, Questionnaire and Voting system < 1.5.3 - Unauthenticated Blind SQL Injection — Poll, Survey, Questionnaire and Voting systemCWE-89 9.8 -2021-07-12
CVE-2021-36381 Edifecs Transaction Management 注入漏洞 — n/a 5.3 -2021-07-12
CVE-2021-21588 Dell EMC PowerFlex数据伪造问题漏洞 — PowerFlexCWE-345 6.5 Medium2021-07-12
CVE-2021-26088 Fortinet FSSO Collector Agent 授权问题漏洞 — Fortinet FSSO Windows DC Agent, FSSO Windows CA 7.1 High2021-07-12
CVE-2021-26090 Fortinet FortiMail 安全漏洞 — Fortinet FortiMail 5.3 Medium2021-07-12
CVE-2021-29104 There is a stored Cross Site Scripting (XXS) vulnerability in ArcGIS Server Manager version 10.8.1 and below. — ArcGIS ServerCWE-79 6.1 -2021-07-11
CVE-2021-29102 There is a Server-Side Request Forgery (SSRF) vulnerability in Esri ArcGIS Server Manager version 10.8.1 and below. — ArcGIS ServerCWE-918 7.5 -2021-07-11
CVE-2021-29107 There is a stored Cross Site Scripting (XXS) vulnerability in ArcGIS Server Manager version 10.8.1 and below. — ArcGIS ServerCWE-79 6.1 -2021-07-10
CVE-2021-26100 Fortinet FortiMail 数据伪造问题漏洞 — Fortinet FortiMail 5.9 Medium2021-07-09
CVE-2021-24020 Fortinet FortiMail 数据伪造问题漏洞 — Fortinet FortiMail 7.5 High2021-07-09
CVE-2021-33012 Allen Bradley Micrologix 1100 输入验证错误漏洞 — Rockwell Automation MicroLogix 1100CWE-20 8.6 -2021-07-09
CVE-2021-30118 Unauthenticated Remote Code Execution in Kaseya VSA < v9.5.5 — n/a 9.8 Critical2021-07-09
CVE-2021-30116 Unauthenticated credential leak and business logic flaw in Kaseya VSA <= v9.5.6 — n/a 10.0 Critical2021-07-09
CVE-2021-1598 Cisco Video Surveillance 7000 Series IP Cameras Link Layer Discovery Protocol Memory Leak Vulnerabilities — Cisco Video Surveillance 7000 Series IP CamerasCWE-401 6.5 Medium2021-07-08
CVE-2021-1597 Cisco Video Surveillance 7000 Series IP Cameras Link Layer Discovery Protocol Memory Leak Vulnerabilities — Cisco Video Surveillance 7000 Series IP CamerasCWE-401 6.5 Medium2021-07-08
CVE-2021-1596 Cisco Video Surveillance 7000 Series IP Cameras Link Layer Discovery Protocol Memory Leak Vulnerabilities — Cisco Video Surveillance 7000 Series IP CamerasCWE-401 6.5 Medium2021-07-08
CVE-2021-1595 Cisco Video Surveillance 7000 Series IP Cameras Link Layer Discovery Protocol Memory Leak Vulnerabilities — Cisco Video Surveillance 7000 Series IP CamerasCWE-401 6.5 Medium2021-07-08

Vulnerabilities classified as access:pre-auth represent 19534 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.