Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1020 CNY

100%
Buy Us a Coffee

access:pre-auth — CVE vulnerabilities tagged 19392

19392 CVE security advisories tagged "access:pre-auth" with AI Chinese analysis, CVSS, references and POCs.

The tag "access:pre-auth" identifies vulnerabilities that allow unauthenticated attackers to gain unauthorized access to a system, application, or network resource before legitimate credentials are verified. This classification is critical because it represents the lowest barrier to entry for exploitation, enabling remote code execution, data exfiltration, or full system compromise without prior authentication. Typical scenarios involve flaws in authentication mechanisms, such as broken access controls, insecure direct object references, or logic errors in session management that bypass login requirements. Attackers frequently target these weaknesses via exposed APIs, administrative interfaces, or default configurations. Because no user interaction or valid credentials are needed, pre-authentication flaws are among the most severe and widely exploited security issues, often leading to immediate breach of confidentiality, integrity, and availability across affected infrastructure.

CVE IDTitleCVSSSeverityPublished
CVE-2021-21091 Adobe Bridge HEIC File Parsing Out-Of-Bounds Read vulnerability could lead to information disclosure — BridgeCWE-125 3.3 -2021-04-15
CVE-2021-28549 Adobe Photoshop parsing JS buffer overflow vulnerability could lead to arbitrary code execution — PhotoshopCWE-120 7.8 -2021-04-15
CVE-2021-21095 Adobe Bridge TTF Font Parsing Out-Of-Bounds Write vulnerability could lead to arbitrary code execution — BridgeCWE-787 7.8 -2021-04-15
CVE-2021-21093 Adobe Bridge SGI File Parsing Memory Corruption vulnerability could lead to arbitrary code execution — BridgeCWE-788 7.8 -2021-04-15
CVE-2021-21100 Adobe Digital Editions Arbitrary file system write vulnerability — Digital EditionsCWE-379 7.8 High2021-04-15
CVE-2021-21094 Adobe Bridge PDF File Parsing Out-Of-Bounds Write vulnerability could lead to arbitrary code execution — BridgeCWE-787 7.8 -2021-04-15
CVE-2020-28593 amazon COSORI Smart 安全漏洞 — CosoriCWE-912 8.1 -2021-04-15
CVE-2020-27239 OpenClinic GA SQL注入漏洞 — OpenClinicCWE-89 9.8 -2021-04-15
CVE-2020-27238 OpenClinic GA SQL注入漏洞 — OpenClinicCWE-89 9.8 -2021-04-15
CVE-2020-27237 OpenClinic GA SQL注入漏洞 — OpenClinicCWE-89 9.8 -2021-04-15
CVE-2021-27850 Bypass of the fix for CVE-2019-0195 — Apache TapestryCWE-200 9.8 -2021-04-15
CVE-2021-23277 Improper Neutralization of Directives in Dynamically Evaluated Code — Intelligent Power manager (IPM)CWE-95 8.3 High2021-04-13
CVE-2021-23281 Remote Code execution — Intelligent Power manager (IPM)CWE-94 10.0 Critical2021-04-13
CVE-2021-23279 Arbitrary File delete — Intelligent Power manager (IPM)CWE-20 8.0 High2021-04-13
CVE-2021-21399 Unauthenticated SubSonic backend access in Ampache — ampacheCWE-284 9.1 Critical2021-04-13
CVE-2021-21524 Dell EMC Storage Resource Manager 代码问题漏洞 — Dell EMC Storage Monitoring and ReportingCWE-502 9.8 -2021-04-12
CVE-2019-15059 Liberty lisPBX 安全漏洞 — n/a 7.5 -2021-04-12
CVE-2021-24222 WP-Curricul Vitea Free <= 6.3 - Unauthenticated Arbitrary File Upload to RCE — WP-Curriculo Vitae FreeCWE-434 9.8 -2021-04-12
CVE-2021-24221 Quiz And Survey Master < 7.1.12 - Authenticated SQL injection via shortcode — Quiz And Survey Master – Best Quiz, Exam and Survey Plugin for WordPressCWE-89 8.8 -2021-04-12
CVE-2021-20020 SonicWall Global Management System 授权问题漏洞 — Global Management System (GMS)CWE-287 9.8 -2021-04-10
CVE-2021-20080 ZOHO ManageEngine ServiceDesk Plus 跨站脚本漏洞 — ManageEngine ServiceDesk Plus 6.1 -2021-04-09
CVE-2021-25326 创维数字 SKYWORTH Digital Technology RN510 跨站请求伪造漏洞 — n/a 5.4 -2021-04-09
CVE-2021-1404 Clam AntiVirus (ClamAV) Email Parser Denial of Service Vulnerability — ClamAVCWE-20 7.5 High2021-04-08
CVE-2021-1405 Clam AntiVirus (ClamAV) PDF Parser Denial of Service Vulnerability — ClamAVCWE-120 7.5 High2021-04-08
CVE-2021-1252 Clam AntiVirus (ClamAV) Excel XLM Parser Denial of Service Vulnerability — ClamAVCWE-20 7.5 High2021-04-08
CVE-2021-1480 Cisco SD-WAN vManage Software Vulnerabilities — Cisco SD-WAN SolutionCWE-119 7.8 High2021-04-08
CVE-2021-1479 Cisco SD-WAN vManage Software Vulnerabilities — Cisco SD-WAN SolutionCWE-119 7.8 High2021-04-08
CVE-2021-1463 Cisco Unified Intelligence Center Reflected Cross-Site Scripting Vulnerability — Cisco Unified Contact Center ExpressCWE-79 6.1 Medium2021-04-08
CVE-2021-1459 Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers Management Interface Remote Command Execution Vulnerability — Cisco Small Business RV Series Router FirmwareCWE-119 9.8 Critical2021-04-08
CVE-2021-1420 Cisco Webex Meetings HTML Injection Vulnerability — Cisco Webex MeetingsCWE-80 4.7 Medium2021-04-08

Vulnerabilities classified as access:pre-auth represent 19392 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.