Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

access:pre-auth — CVE vulnerabilities tagged 19242

19242 CVE security advisories tagged "access:pre-auth" with AI Chinese analysis, CVSS, references and POCs.

The tag "access:pre-auth" identifies vulnerabilities that allow unauthenticated attackers to gain unauthorized access to a system, application, or network resource before legitimate credentials are verified. This classification is critical because it represents the lowest barrier to entry for exploitation, enabling remote code execution, data exfiltration, or full system compromise without prior authentication. Typical scenarios involve flaws in authentication mechanisms, such as broken access controls, insecure direct object references, or logic errors in session management that bypass login requirements. Attackers frequently target these weaknesses via exposed APIs, administrative interfaces, or default configurations. Because no user interaction or valid credentials are needed, pre-authentication flaws are among the most severe and widely exploited security issues, often leading to immediate breach of confidentiality, integrity, and availability across affected infrastructure.

CVE IDTitleCVSSSeverityPublished
CVE-2020-13500 AVEVA eDNA Enterprise Data Historian SQL注入漏洞 — AvevaCWE-89 9.8 -2020-09-24
CVE-2020-13499 AVEVA eDNA Enterprise Data Historian SQL注入漏洞 — AvevaCWE-89 9.8 -2020-09-24
CVE-2020-13505 AVEVA eDNA Enterprise Data Historian SQL注入漏洞 — Aveva 9.8 -2020-09-24
CVE-2020-13504 AVEVA eDNA Enterprise Data Historian SQL注入漏洞 — Aveva 9.8 -2020-09-24
CVE-2020-16147 Telmat AccessLog 操作系统命令注入漏洞 — n/a 9.8 -2020-09-24
CVE-2020-12818 Fortinet FortiGate 安全漏洞 — Fortinet FortiOS 5.3 -2020-09-24
CVE-2019-15289 Cisco TelePresence Collaboration Endpoint and RoomOS Software Denial of Service Vulnerabilities — Cisco TelePresence TC SoftwareCWE-20 7.5 -2020-09-23
CVE-2019-15969 Cisco Web Security Appliance Management Interface Cross-Site Scripting Vulnerability — Cisco Web Security Appliance (WSA)CWE-79 6.1 -2020-09-23
CVE-2019-15974 Cisco Managed Services Accelerator Open Redirect Vulnerability — Cisco Managed Services AcceleratorCWE-601 6.1 -2020-09-23
CVE-2019-15993 Cisco Small Business Switches Information Disclosure Vulnerability — Cisco Small Business 250 Series Smart Switches SoftwareCWE-16 5.3 -2020-09-23
CVE-2019-16004 Cisco Vision Dynamic Signage Director Authentication Bypass Vulnerability — Cisco Vision Dynamic Signage DirectorCWE-306 8.2 -2020-09-23
CVE-2019-16007 Cisco AnyConnect Secure Mobility Client for Android Service Hijack Vulnerability — Cisco AnyConnect Secure Mobility ClientCWE-345 7.1 -2020-09-23
CVE-2019-16009 Cisco IOS and Cisco IOS XE Software Web UI Cross-Site Request Forgery Vulnerability — Cisco IOS 12.2(15)BCWE-352 8.8 -2020-09-23
CVE-2019-16019 Cisco IOS XR Software BGP EVPN Denial of Service Vulnerabilities — Cisco IOS XR SoftwareCWE-399 8.6 -2020-09-23
CVE-2019-16021 Cisco IOS XR Software BGP EVPN Denial of Service Vulnerabilities — Cisco IOS XR SoftwareCWE-399 8.6 -2020-09-23
CVE-2019-16023 Cisco IOS XR Software BGP EVPN Denial of Service Vulnerabilities — Cisco IOS XR SoftwareCWE-399 8.6 -2020-09-23
CVE-2019-16028 Cisco Firepower Management Center Lightweight Directory Access Protocol Authentication Bypass Vulnerability — Cisco Firepower Management CenterCWE-287 9.8 -2020-09-23
CVE-2019-1947 Cisco Email Security Appliance Denial of Service Vulnerability — Cisco Email Security Appliance (ESA)CWE-20 8.6 -2020-09-23
CVE-2019-1983 Cisco Email Security Appliance and Cisco Content Security Management Appliance Denial of Service Vulnerability — Cisco Email Security Appliance (ESA)CWE-20 5.3 -2020-09-23
CVE-2020-3117 Cisco Web Security Appliance and Cisco Content Security Management Appliance HTTP Header Injection Vulnerability — Cisco Web Security Appliance (WSA)CWE-113 4.7 -2020-09-23
CVE-2020-3124 Cisco Hosted Collaboration Mediation Fulfillment Cross-Site Request Forgery Vulnerability — Cisco Hosted Collaboration Mediation FulfillmentCWE-352 6.5 -2020-09-23
CVE-2020-3133 Cisco Email Security Appliance Content Filter Bypass Vulnerability — Cisco Email Security Appliance (ESA)CWE-20 7.5 -2020-09-23
CVE-2020-3135 Cisco Unified Communications Manager Cross-Site Request Forgery Vulnerability — Cisco Unified Communications ManagerCWE-352 8.8 -2020-09-23
CVE-2020-3137 Cisco Email Security Appliance Cross-Site Scripting Vulnerability — Cisco Email Security Appliance (ESA)CWE-79 6.1 -2020-09-23
CVE-2020-3569 Cisco IOS XR Software DVMRP Memory Exhaustion Vulnerabilities — Cisco IOS XR SoftwareCWE-400 8.6 High2020-09-23
CVE-2020-23446 Verint Workforce Optimization Suite 安全漏洞 — n/a 5.3 -2020-09-22
CVE-2020-8887 Telestream Tektronix Medius 和 Sentry SQL注入漏洞 — n/a 7.5 -2020-09-22
CVE-2020-14179 Atlassian Jira 信息泄露漏洞 — Jira Server 5.3 -2020-09-21
CVE-2020-15188 Unauthenticated Remote Code Execution in SOY CMS — soycmsCWE-502 10.0 Critical2020-09-18
CVE-2020-15958 1crm 代码问题漏洞 — n/a 7.5 -2020-09-18

Vulnerabilities classified as access:pre-auth represent 19242 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.