Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

access:pre-auth — CVE vulnerabilities tagged 19263

19263 CVE security advisories tagged "access:pre-auth" with AI Chinese analysis, CVSS, references and POCs.

The tag "access:pre-auth" identifies vulnerabilities that allow unauthenticated attackers to gain unauthorized access to a system, application, or network resource before legitimate credentials are verified. This classification is critical because it represents the lowest barrier to entry for exploitation, enabling remote code execution, data exfiltration, or full system compromise without prior authentication. Typical scenarios involve flaws in authentication mechanisms, such as broken access controls, insecure direct object references, or logic errors in session management that bypass login requirements. Attackers frequently target these weaknesses via exposed APIs, administrative interfaces, or default configurations. Because no user interaction or valid credentials are needed, pre-authentication flaws are among the most severe and widely exploited security issues, often leading to immediate breach of confidentiality, integrity, and availability across affected infrastructure.

CVE IDTitleCVSSSeverityPublished
CVE-2020-27270 多款Sooil产品授权问题漏洞 — SOOIL Developments CoLtd DiabecareRS,AnyDana-i,AnyDana-A 6.5 -2021-01-19
CVE-2021-21242 Pre-Auth Unsafe Deserialization on AttachmentUploadServet — onedevCWE-74 10.0 Critical2021-01-15
CVE-2021-21243 Pre-Auth Unsafe Deserialization on KubernetesResource — onedevCWE-74 10.0 Critical2021-01-15
CVE-2021-21244 Pre-Auth SSTI via Bean validation message tampering — onedevCWE-74 10.0 Critical2021-01-15
CVE-2020-24641 HPE Aruba Airwave Glass 代码问题漏洞 — Aruba AirWave Glass Software 7.5 -2021-01-15
CVE-2021-0210 Junos OS: Privilege escalation in J-Web due to arbitrary command and code execution via information disclosure from another users active session — Junos OS 6.8 Medium2021-01-15
CVE-2020-29495 DELL Dell EMC Avamar Server 操作系统命令注入漏洞 — AvamarCWE-22 10.0 Critical2021-01-14
CVE-2020-29493 DELL Dell EMC Avamar Server SQL注入漏洞 — AvamarCWE-89 10.0 Critical2021-01-14
CVE-2020-29015 Fortinet FortiWeb SQL注入漏洞 — Fortinet FortiWeb 9.8 -2021-01-14
CVE-2020-29016 Fortinet FortiWeb 缓冲区错误漏洞 — Fortinet FortiWeb 9.8 -2021-01-14
CVE-2020-29019 Fortinet FortiWeb 缓冲区错误漏洞 — Fortinet FortiWeb 7.5 -2021-01-14
CVE-2020-6776 CSRF in Bosch PRAESIDEO and Bosch PRAESENSA Management Interface — PRAESIDEOCWE-352 8.8 High2021-01-14
CVE-2021-1310 Cisco Webex Meetings Open Redirect Vulnerability — Cisco Webex MeetingsCWE-601 4.7 Medium2021-01-13
CVE-2021-1131 Cisco Video Surveillance 8000 Series IP Cameras Cisco Discovery Protocol Denial of Service Vulnerability — Cisco Video Surveillance 8000 Series IP CamerasCWE-119 6.5 Medium2021-01-13
CVE-2021-1245 Cisco Finesse OpenSocial Gadget Editor Cross-Site Scripting Vulnerability — Cisco Unified Customer Voice Portal (CVP)CWE-79 6.5 Medium2021-01-13
CVE-2021-1246 Cisco Finesse OpenSocial Gadget Editor Unauthenticated Access Vulnerability — Cisco Unified Customer Voice Portal (CVP)CWE-306 6.5 Medium2021-01-13
CVE-2021-1242 Cisco Webex Teams Shared File Manipulation Vulnerability — Cisco Webex TeamsCWE-450 4.3 Medium2021-01-13
CVE-2021-1236 Multiple Cisco Products Snort Application Detection Engine Policy Bypass Vulnerability — Cisco Firepower Threat Defense SoftwareCWE-670 5.3 -2021-01-13
CVE-2021-1224 Multiple Cisco Products Snort TCP Fast Open File Policy Bypass Vulnerability — Cisco Firepower Threat Defense SoftwareCWE-693 5.8 Medium2021-01-13
CVE-2021-1223 Multiple Cisco Products Snort HTTP Detection Engine File Policy Bypass Vulnerability — Cisco Firepower Threat Defense SoftwareCWE-693 5.3 -2021-01-13
CVE-2020-27488 Loxone Miniserver 授权问题漏洞 — n/a 9.8 -2021-01-13
CVE-2020-15799 Siemens SCALANCE X-200IRT 访问控制错误漏洞 — SCALANCE X-200 switch family (incl. SIPLUS NET variants)CWE-306 6.5 -2021-01-12
CVE-2021-21446 SAP Netweaver 资源管理错误漏洞 — SAP NetWeaver AS ABAP 7.5 -2021-01-12
CVE-2020-35458 ClusterLabs Hawk 代码注入漏洞 — n/a 9.8 -2021-01-12
CVE-2021-3129 Facade Ignition for Laravel 授权问题漏洞 — n/a 9.8 -2021-01-12
CVE-2020-5022 IBM Spectrum Protect Plus 信息泄露漏洞 — Spectrum Protect Plus 7.5 -2021-01-08
CVE-2020-8584 Element OS 代码注入漏洞 — Element OS 9.8 -2021-01-08
CVE-2020-17500 Barco Transform NDN Device 命令注入漏洞 — n/a 9.8 -2021-01-07
CVE-2020-8274 Citrix Secure Mail For Android 代码注入漏洞 — Citrix Secure Mail for AndroidCWE-94 6.5 -2021-01-06
CVE-2020-8275 Citrix Secure Mail For Android 访问控制错误漏洞 — Citrix Secure Mail for AndroidCWE-284 4.3 -2021-01-06

Vulnerabilities classified as access:pre-auth represent 19263 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.