Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1110 CNY

100%
Buy Us a Coffee

access:pre-auth — CVE vulnerabilities tagged 19402

19402 CVE security advisories tagged "access:pre-auth" with AI Chinese analysis, CVSS, references and POCs.

The tag "access:pre-auth" identifies vulnerabilities that allow unauthenticated attackers to gain unauthorized access to a system, application, or network resource before legitimate credentials are verified. This classification is critical because it represents the lowest barrier to entry for exploitation, enabling remote code execution, data exfiltration, or full system compromise without prior authentication. Typical scenarios involve flaws in authentication mechanisms, such as broken access controls, insecure direct object references, or logic errors in session management that bypass login requirements. Attackers frequently target these weaknesses via exposed APIs, administrative interfaces, or default configurations. Because no user interaction or valid credentials are needed, pre-authentication flaws are among the most severe and widely exploited security issues, often leading to immediate breach of confidentiality, integrity, and availability across affected infrastructure.

CVE IDTitleCVSSSeverityPublished
CVE-2021-1490 Cisco Web Security Appliance Cross-Site Scripting Vulnerability — Cisco Web Security Appliance (WSA)CWE-79 4.7 Medium2021-05-06
CVE-2021-1486 Cisco SD-WAN vManage HTTP Authentication User Enumeration Vulnerability — Cisco SD-WAN vManageCWE-203 5.3 Medium2021-05-06
CVE-2021-1468 Cisco SD-WAN vManage Software Vulnerabilities — Cisco SD-WAN vManageCWE-20 9.8 Critical2021-05-06
CVE-2021-21505 Microsoft Azure和Microsoft Azure Stack 安全漏洞 — Dell EMC Integrated System for Microsoft Azure Stack HubCWE-255 8.0 High2021-05-06
CVE-2020-28026 Exim 安全漏洞 — n/a 9.8 -2021-05-06
CVE-2020-28024 Exim 缓冲区错误漏洞 — n/a 9.8 -2021-05-06
CVE-2020-28023 Exim 缓冲区错误漏洞 — n/a 7.5 -2021-05-06
CVE-2020-28020 Exim 输入验证错误漏洞 — n/a 9.8 -2021-05-06
CVE-2021-24236 Imagements <= 1.2.5 - Unauthenticated Arbitrary File Upload to RCE — ImagementsCWE-434 9.8 -2021-05-05
CVE-2021-29490 Unauthenticated GET requests through Remote Image endpoints — jellyfinCWE-918 5.8 Medium2021-05-05
CVE-2021-29101 ArcGIS GeoEvent Server has a Directory Traversal security vulnerability. — ArcGIS GeoEvent ServerCWE-23 7.5 -2021-05-05
CVE-2021-3154 SolarWinds Serv-U 注入漏洞 — n/a 7.5 -2021-05-04
CVE-2020-35758 Libre Wireless LS9 授权问题漏洞 — n/a 9.1 -2021-05-03
CVE-2020-35757 Libre Wireless 访问控制错误漏洞 — n/a 9.8 -2021-05-03
CVE-2020-35756 Libre Wireless 访问控制错误漏洞 — n/a 7.5 -2021-05-03
CVE-2021-21507 Dell EMC Networking X-Series 加密问题漏洞 — VRTX Switch ModulesCWE-261 8.8 High2021-04-30
CVE-2021-21541 Dell EMC iDRAC9 跨站脚本漏洞 — Integrated Dell Remote Access Controller (iDRAC)CWE-79 6.1 Medium2021-04-30
CVE-2021-21536 Dell Hybrid Client 信息泄露漏洞 — Dell Hybrid Client (DHC)CWE-200 6.2 Medium2021-04-30
CVE-2021-21537 Dell Hybrid Client 信息泄露漏洞 — Dell Hybrid Client (DHC)CWE-200 6.2 Medium2021-04-30
CVE-2021-21535 Dell Hybrid Client 访问控制错误漏洞 — Dell Hybrid Client (DHC)CWE-306 7.4 High2021-04-30
CVE-2021-21534 Dell Hybrid Client 信息泄露漏洞 — Dell Hybrid Client (DHC)CWE-200 4.0 Medium2021-04-30
CVE-2020-15153 Unauthenticated SQL injection in Ampache — ampacheCWE-89 8.2 High2021-04-30
CVE-2021-28959 Zoho ManageEngine Eventlog Analyzer 路径遍历漏洞 — n/a 9.8 -2021-04-30
CVE-2020-24918 Ambarella Oryx RTSP Server 缓冲区错误漏洞 — n/a 9.8 -2021-04-30
CVE-2021-1504 Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Web Services VPN Denial of Service Vulnerabilities — Cisco Adaptive Security Appliance (ASA) SoftwareCWE-787 8.6 High2021-04-29
CVE-2021-1501 Cisco Adaptive Security Appliance Software and Cisco Firepower Threat Defense Software SIP Denial of Service Vulnerability — Cisco Adaptive Security Appliance (ASA) SoftwareCWE-613 8.6 High2021-04-29
CVE-2021-1495 Multiple Cisco Products Snort HTTP Detection Engine File Policy Bypass Vulnerability — Cisco Firepower Threat Defense Software 5.8 Medium2021-04-29
CVE-2021-1458 Cisco Firepower Management Center Software Cross-Site Scripting Vulnerabilities — Cisco Firepower Management CenterCWE-79 4.8 Medium2021-04-29
CVE-2021-1457 Cisco Firepower Management Center Software Cross-Site Scripting Vulnerabilities — Cisco Firepower Management CenterCWE-79 4.8 Medium2021-04-29
CVE-2021-1456 Cisco Firepower Management Center Software Cross-Site Scripting Vulnerabilities — Cisco Firepower Management CenterCWE-79 4.8 Medium2021-04-29

Vulnerabilities classified as access:pre-auth represent 19402 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.