Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1110 CNY

100%
Buy Us a Coffee

access:pre-auth — CVE vulnerabilities tagged 19401

19401 CVE security advisories tagged "access:pre-auth" with AI Chinese analysis, CVSS, references and POCs.

The tag "access:pre-auth" identifies vulnerabilities that allow unauthenticated attackers to gain unauthorized access to a system, application, or network resource before legitimate credentials are verified. This classification is critical because it represents the lowest barrier to entry for exploitation, enabling remote code execution, data exfiltration, or full system compromise without prior authentication. Typical scenarios involve flaws in authentication mechanisms, such as broken access controls, insecure direct object references, or logic errors in session management that bypass login requirements. Attackers frequently target these weaknesses via exposed APIs, administrative interfaces, or default configurations. Because no user interaction or valid credentials are needed, pre-authentication flaws are among the most severe and widely exploited security issues, often leading to immediate breach of confidentiality, integrity, and availability across affected infrastructure.

CVE IDTitleCVSSSeverityPublished
CVE-2021-1445 Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Web Services VPN Denial of Service Vulnerabilities — Cisco Adaptive Security Appliance (ASA) SoftwareCWE-787 8.6 High2021-04-29
CVE-2021-1402 Cisco Firepower Threat Defense Software SSL Decryption Policy Denial of Service Vulnerability — Cisco Firepower Threat Defense SoftwareCWE-119 8.6 -2021-04-29
CVE-2020-22002 INIM ELECTRONICS SmartLiving System 代码问题漏洞 — n/a 7.5 -2021-04-29
CVE-2020-21997 Smartwares Home Easy 访问控制错误漏洞 — n/a 7.5 -2021-04-29
CVE-2020-21990 Emmanuel MyDomoAtHome 安全漏洞 — n/a 7.5 -2021-04-29
CVE-2021-20090 Buffalo WSR-2533DHPL2 路径遍历漏洞 — Buffalo WSR-2533DHPL2, Buffalo WSR-2533DHP3 9.8 -2021-04-29
CVE-2020-7038 Avaya Meetings Server Information Disclosure vulnerability — Avaya Meetings ManagementCWE-284 7.5 High2021-04-28
CVE-2020-22789 safe FME Server 跨站脚本漏洞 — n/a 6.1 -2021-04-28
CVE-2020-21996 AVE DOMINAplus 访问控制错误漏洞 — n/a 7.5 -2021-04-28
CVE-2020-21994 AVE DOMINAplus 安全漏洞 — n/a 9.8 -2021-04-28
CVE-2020-21991 AVE DOMINAplus 授权问题漏洞 — n/a 9.8 -2021-04-28
CVE-2021-22330 Huawei P30 缓冲区错误漏洞 — HUAWEI P30 6.5 -2021-04-28
CVE-2021-3512 Buffalo broadband routers 安全漏洞 — Buffalo broadband routers 8.8 -2021-04-28
CVE-2021-3511 Buffalo broadband routers 安全漏洞 — Buffalo broadband routers 7.1 -2021-04-28
CVE-2021-29442 Authentication bypass — nacosCWE-306 8.6 High2021-04-27
CVE-2021-29200 RCE vulnerability in latest Apache OFBiz due to Java serialisation using RMI — Apache OFBiz 9.8 -2021-04-27
CVE-2021-30642 Symantec Security Analytics Web UI 操作系统命令注入漏洞 — Symantec Security Analytics 9.8 -2021-04-27
CVE-2020-17517 Ozone S3 Gateway allows bucket and key access to non authenticated users — Apache OzoneCWE-285 7.5 -2021-04-27
CVE-2021-3494 Foreman 安全漏洞 — foremanCWE-319 5.9 -2021-04-26
CVE-2021-28399 Orangehrm 安全漏洞 — n/a 5.3 -2021-04-26
CVE-2021-31802 NETGEAR R7000 缓冲区错误漏洞 — n/a 8.8 -2021-04-26
CVE-2021-25899 Void Aural Rec Monitor SQL注入漏洞 — n/a 9.1 -2021-04-23
CVE-2021-22893 Pulse Secure Pulse Connect Secure 资源管理错误漏洞 — Pulse Connect SecureCWE-287 10.0 -2021-04-23
CVE-2021-2317 Oracle Cloud Infrastructure Storage Gateway 安全漏洞 — Cloud Infrastructure 10.0 Critical2021-04-22
CVE-2021-2307 Oracle MySQL 输入验证错误漏洞 — MySQL Server 6.1 Medium2021-04-22
CVE-2021-2315 Oracle Fusion Middleware 输入验证错误漏洞 — HTTP Server 5.4 Medium2021-04-22
CVE-2021-2302 Oracle Fusion Middleware 输入验证错误漏洞 — Platform Security for Java 9.8 Critical2021-04-22
CVE-2021-2294 Oracle WebLogic Server 输入验证错误漏洞 — WebLogic Server 6.5 Medium2021-04-22
CVE-2021-2280 Oracle VM VirtualBox 输入验证错误漏洞 — VM VirtualBox 7.1 High2021-04-22
CVE-2021-2281 Oracle VM VirtualBox 输入验证错误漏洞 — VM VirtualBox 7.1 High2021-04-22

Vulnerabilities classified as access:pre-auth represent 19401 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.