Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1020 CNY

100%
Buy Us a Coffee

access:pre-auth — CVE vulnerabilities tagged 19392

19392 CVE security advisories tagged "access:pre-auth" with AI Chinese analysis, CVSS, references and POCs.

The tag "access:pre-auth" identifies vulnerabilities that allow unauthenticated attackers to gain unauthorized access to a system, application, or network resource before legitimate credentials are verified. This classification is critical because it represents the lowest barrier to entry for exploitation, enabling remote code execution, data exfiltration, or full system compromise without prior authentication. Typical scenarios involve flaws in authentication mechanisms, such as broken access controls, insecure direct object references, or logic errors in session management that bypass login requirements. Attackers frequently target these weaknesses via exposed APIs, administrative interfaces, or default configurations. Because no user interaction or valid credentials are needed, pre-authentication flaws are among the most severe and widely exploited security issues, often leading to immediate breach of confidentiality, integrity, and availability across affected infrastructure.

CVE IDTitleCVSSSeverityPublished
CVE-2021-1409 Cisco Unified Communications Products Cross-Site Scripting Vulnerabilities — Cisco Unity ConnectionCWE-89 6.1 Medium2021-04-08
CVE-2021-1408 Cisco Unified Communications Products Cross-Site Scripting Vulnerabilities — Cisco Unity ConnectionCWE-89 6.1 Medium2021-04-08
CVE-2021-1407 Cisco Unified Communications Products Cross-Site Scripting Vulnerabilities — Cisco Unity ConnectionCWE-89 6.1 Medium2021-04-08
CVE-2021-1380 Cisco Unified Communications Products Cross-Site Scripting Vulnerabilities — Cisco Unity ConnectionCWE-89 6.1 Medium2021-04-08
CVE-2021-1309 Cisco Small Business RV Series Routers Link Layer Discovery Protocol Vulnerabilities — Cisco Small Business RV Series Router FirmwareCWE-119 7.4 High2021-04-08
CVE-2021-1308 Cisco Small Business RV Series Routers Link Layer Discovery Protocol Vulnerabilities — Cisco Small Business RV Series Router FirmwareCWE-119 7.4 High2021-04-08
CVE-2021-1251 Cisco Small Business RV Series Routers Link Layer Discovery Protocol Vulnerabilities — Cisco Small Business RV Series Router FirmwareCWE-119 7.4 High2021-04-08
CVE-2021-1137 Cisco SD-WAN vManage Software Vulnerabilities — Cisco SD-WAN SolutionCWE-119 7.8 High2021-04-08
CVE-2021-21425 Unauthenticated Arbitrary YAML Write/Update leads to Code Execution — grav-plugin-adminCWE-284 9.3 Critical2021-04-07
CVE-2021-26709 D-Link DSL-320B-D1 缓冲区错误漏洞 — n/a 9.8 -2021-04-07
CVE-2021-24212 WooCommerce Help Scout < 2.9.1 - Unauthenticated Arbitrary File Upload leading to RCE — WooCommerce Help ScoutCWE-434 9.8 -2021-04-05
CVE-2021-24175 The Plus Addons for Elementor Page Builder < 4.1.7 - Authentication Bypass — The Plus Addons for Elementor Page BuilderCWE-287 9.8 -2021-04-05
CVE-2021-24150 Like Button Rating < 2.6.32 - Unauthenticated Full-Read SSRF — Like Button Rating ♥ LikeBtnCWE-918 7.5 -2021-04-05
CVE-2021-20235 libzmq 缓冲区错误漏洞 — zeromqCWE-120 8.1 -2021-04-01
CVE-2021-28546 Acrobat Reader DC Missing Support for Integrity Check — Acrobat ReaderCWE-353 6.5 Medium2021-04-01
CVE-2021-28545 Acrobat Reader DC Missing Support for Integrity Check — Acrobat ReaderCWE-353 8.1 High2021-04-01
CVE-2021-28918 Npm netmask 代码问题漏洞 — n/a 9.1 -2021-04-01
CVE-2021-22986 F5 BIG-IP 代码问题漏洞 — BIG-IP; BIG-IQ 9.8 -2021-03-31
CVE-2020-28172 Sourcecodester Simple College Website SQL注入漏洞 — n/a 9.8 -2021-03-31
CVE-2020-19640 INSMA Wifi Mini Spy 1080P HD Security IP Camera 安全漏洞 — n/a 7.5 -2021-03-30
CVE-2020-35518 Red Hat Directory Server 信息泄露漏洞 — 389-ds-baseCWE-200 5.3 -2021-03-26
CVE-2021-3275 TP-Link多款产品 跨站脚本漏洞 — n/a 6.1 -2021-03-26
CVE-2021-23890 McAfee ePO Information Leak vulnerability — McAfee ePolicy Orchestrator (ePO)CWE-200 6.5 Medium2021-03-26
CVE-2021-29098 ArcGIS general raster security update: uninitialized pointer — ArcReaderCWE-824 7.8 -2021-03-25
CVE-2021-29097 ArcGIS general raster security update: buffer overflow — ArcReaderCWE-122 7.8 -2021-03-25
CVE-2021-29096 ArcGIS general raster security update: use-after-free — ArcReaderCWE-416 7.8 -2021-03-25
CVE-2021-27194 Netop Vision 安全漏洞 — n/a 7.5 -2021-03-25
CVE-2021-27193 Netop Vision 访问控制错误漏洞 — n/a 9.8 -2021-03-25
CVE-2021-22659 Rockwell Automation MicroLogix 1400 安全漏洞 — Rockwell Automation MicroLogix 1400CWE-120 9.8 -2021-03-25
CVE-2021-29156 Forgerock ForgeRock OpenAM 注入漏洞 — n/a 7.5 -2021-03-25

Vulnerabilities classified as access:pre-auth represent 19392 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.