Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

access:pre-auth — CVE vulnerabilities tagged 19263

19263 CVE security advisories tagged "access:pre-auth" with AI Chinese analysis, CVSS, references and POCs.

The tag "access:pre-auth" identifies vulnerabilities that allow unauthenticated attackers to gain unauthorized access to a system, application, or network resource before legitimate credentials are verified. This classification is critical because it represents the lowest barrier to entry for exploitation, enabling remote code execution, data exfiltration, or full system compromise without prior authentication. Typical scenarios involve flaws in authentication mechanisms, such as broken access controls, insecure direct object references, or logic errors in session management that bypass login requirements. Attackers frequently target these weaknesses via exposed APIs, administrative interfaces, or default configurations. Because no user interaction or valid credentials are needed, pre-authentication flaws are among the most severe and widely exploited security issues, often leading to immediate breach of confidentiality, integrity, and availability across affected infrastructure.

CVE IDTitleCVSSSeverityPublished
CVE-2022-22173 Junos OS: CRL failing to download causes a memory leak and ultimately a DoS — Junos OSCWE-401 7.5 High2022-01-19
CVE-2022-22172 Junos OS and Junos OS Evolved: An l2cpd memory leak can occur when specific LLDP packets are received leading to a DoS — Junos OSCWE-401 6.5 Medium2022-01-19
CVE-2022-22171 Junos OS: Specific packets over VXLAN cause FPC reset — Junos OS 7.5 High2022-01-19
CVE-2022-22170 Junos OS: Specific packets over VXLAN cause FPC memory leak and ultimately reset — Junos OS 7.5 High2022-01-19
CVE-2022-22168 Junos OS: vMX and MX150: Specific packets might cause a memory leak and eventually an FPC reboot — Junos OSCWE-1287 6.5 Medium2022-01-19
CVE-2022-22166 Junos OS: An rpd core will occur if BGP update tracing is configured and an update containing a malformed BGP SR-TE policy tunnel attribute is received — Junos OSCWE-1284 6.5 Medium2022-01-19
CVE-2022-22163 Junos OS: jdhcpd crashes upon receipt of a specific DHCPv6 packet — Junos OSCWE-20 7.4 High2022-01-19
CVE-2022-22161 Junos OS: MX104 might become unresponsive if the out-of-band management port receives a flood of traffic — Junos OSCWE-400 7.5 High2022-01-19
CVE-2022-22160 Junos OS: MX Series: The bbe-smgd process crashes if an unsupported configuration exists and a PPPoE client sends a specific message — Junos OSCWE-391 6.5 Medium2022-01-19
CVE-2022-22153 SRX Series and MX Series with SPC3: A high percentage of fragments might lead to high latency or packet drops — Junos OSCWE-407 7.5 High2022-01-19
CVE-2021-33912 libspf2 缓冲区错误漏洞 — n/a 9.8 -2022-01-19
CVE-2021-33913 libspf2 缓冲区错误漏洞 — n/a 9.8 -2022-01-19
CVE-2022-21695 Improper Access Control in Onionshare — onionshareCWE-287 4.3 Medium2022-01-18
CVE-2022-0236 WP Import Export (Lite) <= 3.9.15 Unauthenticated Sensitive Data Disclosure — WP Import ExportCWE-862 7.5 High2022-01-18
CVE-2021-38697 Saraban 代码问题漏洞 — n/a 9.8 -2022-01-18
CVE-2022-23178 Crestron Hd-Md4X2-4K-E 授权问题漏洞 — n/a 9.8 -2022-01-15
CVE-2021-3965 HP DesignJet安全漏洞 — HP DesignJet Printer 7.5 -2022-01-14
CVE-2022-0130 Tenable Network Security Tenable.Sc 代码注入漏洞 — Tenable.sc 8.1 -2022-01-14
CVE-2021-44739 Adobe Acrobat Reader DC add-on (AxAcroPDFLib.AxAcroPDF) src NTLMv2 SSO Auth leak vulnerability — Acrobat ReaderCWE-200 4.3 -2022-01-14
CVE-2021-44702 Adobe Acrobat Reader DC add-on (AxAcroPDFLib.AxAcroPDF) for Internet Explorer LoadFile NTLMv2 SSO Auth leak vulnerability — Acrobat ReaderCWE-200 4.3 -2022-01-14
CVE-2021-44741 Adobe Acrobat Pro DC NULL Pointer Dereference could lead to Application-denial-of-service — Acrobat ReaderCWE-476 3.3 Low2022-01-14
CVE-2021-44740 Adobe Acrobat Pro DC NULL Pointer Dereference could lead to Application-denial-of-service — Acrobat ReaderCWE-476 3.3 Low2022-01-14
CVE-2021-20613 Mitsubishi Electric MELSEC-F Series 安全漏洞 — MELSEC-F series FX3U-ENET; MELSEC-F series FX3U-ENET-L; MELSEC-F series FX3U-ENET-P502 7.5 -2022-01-14
CVE-2021-20612 Mitsubishi Electric MELSEC-F Series 安全漏洞 — MELSEC-F series FX3U-ENET; MELSEC-F series FX3U-ENET-L; MELSEC-F series FX3U-ENET-P502 7.5 -2022-01-14
CVE-2021-45468 Imperva SecureSphere 环境问题漏洞 — n/a 9.8 -2022-01-14
CVE-2022-23227 NUUO NVRmini2访问控制错误漏洞 — n/a 9.8 -2022-01-14
CVE-2021-42551 Reflected XSS in NetBiblio WebOPAC search functionality — NetBiblio WebOPACCWE-79 6.1 Medium2022-01-14
CVE-2022-20698 Clam AntiVirus (ClamAV) Denial of Service Vulnerability — ClamAVCWE-20 7.5 High2022-01-14
CVE-2022-20639 Cisco Security Manager Cross-Site Scripting Vulnerabilities — Cisco Security ManagerCWE-79 6.1 Medium2022-01-14
CVE-2022-20638 Cisco Security Manager Cross-Site Scripting Vulnerabilities — Cisco Security ManagerCWE-79 6.1 Medium2022-01-14

Vulnerabilities classified as access:pre-auth represent 19263 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.