Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

access:pre-auth — CVE vulnerabilities tagged 19070

19070 CVE security advisories tagged "access:pre-auth" with AI Chinese analysis, CVSS, references and POCs.

The tag "access:pre-auth" identifies vulnerabilities that allow unauthenticated attackers to gain unauthorized access to a system, application, or network resource before legitimate credentials are verified. This classification is critical because it represents the lowest barrier to entry for exploitation, enabling remote code execution, data exfiltration, or full system compromise without prior authentication. Typical scenarios involve flaws in authentication mechanisms, such as broken access controls, insecure direct object references, or logic errors in session management that bypass login requirements. Attackers frequently target these weaknesses via exposed APIs, administrative interfaces, or default configurations. Because no user interaction or valid credentials are needed, pre-authentication flaws are among the most severe and widely exploited security issues, often leading to immediate breach of confidentiality, integrity, and availability across affected infrastructure.

CVE IDTitleCVSSSeverityPublished
CVE-2021-33073 Intel Distribution of OpenVINO(TM) Toolkit 资源管理错误漏洞 — Intel(R) Distribution of OpenVINOâ„¢ Toolkit 5.5 -2021-11-17
CVE-2021-33058 Intel Ethernet controllers 安全漏洞 — version 7.8 -2021-11-17
CVE-2021-40745 Adobe Campaign Path Traversal Leads to Information Exposure — CampaignCWE-22 7.5 High2021-11-17
CVE-2021-24796 My Tickets < 1.8.31 - Unauthenticated Stored Cross-Site Scripting — My TicketsCWE-79 6.1 -2021-11-17
CVE-2021-43011 Adobe Prelude M4A file memory corruption vulnerability could lead to remote code execution — PreludeCWE-788 7.8 High2021-11-16
CVE-2021-43012 Adobe Prelude M4A file memory corruption vulnerability could lead to remote code execution — PreludeCWE-788 7.8 High2021-11-16
CVE-2021-42731 Adobe Indesign Buffer Overflow Could Lead to Remote Code Execution — InDesignCWE-120 7.8 High2021-11-16
CVE-2021-43013 Adobe Media Encoder memory corruption vulnerability could lead to remote code execution — Media EncoderCWE-788 7.8 High2021-11-16
CVE-2021-43048 TIBCO PartnerExpress Click-Jacking vulnerability — TIBCO PartnerExpress 9.8 Critical2021-11-16
CVE-2021-43046 TIBCO PartnerExpress Session Token in URL — TIBCO PartnerExpress 7.5 High2021-11-16
CVE-2021-25984 FactorJS - Stored Cross-Site Scripting (XSS) in Post Reply Functionality — FactorCWE-79 6.1 Medium2021-11-16
CVE-2021-25983 FactorJS - Reflected Cross-Site Scripting (XSS) in Tags and Categories Functionality — FactorCWE-79 6.1 Medium2021-11-16
CVE-2021-25982 FactorJS - Reflected Cross-Site Scripting (XSS) in Search Functionality — FactorCWE-79 6.1 Medium2021-11-16
CVE-2021-41269 Unauthenticated remote code injection in cron-utils — cron-utilsCWE-94 10.0 Critical2021-11-15
CVE-2021-42580 Sourcecodester Pisay Online E-Learning System SQL注入漏洞 — n/a 9.8 -2021-11-15
CVE-2021-41950 Montala ResourceSpace 路径遍历漏洞 — n/a 9.1 -2021-11-15
CVE-2021-41765 Montala ResourceSpace SQL注入漏洞 — n/a 9.8 -2021-11-15
CVE-2021-42838 Grand Vice info Co. webopac7 - Reflected XSS — webopac7CWE-79 6.1 Medium2021-11-15
CVE-2021-36315 EMC PowerScale 安全漏洞 — PowerScale Nodes 6.8 Medium2021-11-12
CVE-2021-3793 Binatone Motorola-branded Camera 安全漏洞 — Binatone Hubble CamerasCWE-424 6.5 Medium2021-11-12
CVE-2021-3791 Binatone Motorola-branded Camera 日志信息泄露漏洞 — Binatone Hubble CamerasCWE-532 6.5 Medium2021-11-12
CVE-2021-3790 Binatone Motorola-branded Camera 安全漏洞 — Binatone Hubble CamerasCWE-121 6.5 Medium2021-11-12
CVE-2021-3577 Motorola-branded Binatone Hubble Cameras 安全漏洞 — Binatone Hubble CamerasCWE-78 8.8 High2021-11-12
CVE-2021-43610 Belledonne Belle-sip 环境问题漏洞 — n/a 7.5 -2021-11-12
CVE-2021-37910 ASUS GT-AXE11000, RT-AX3000, RT-AX55, RT-AX58U, TUF-AX3000 - Improper Authentication — GT-AXE11000CWE-799 3.7 Low2021-11-12
CVE-2021-42775 Emulex Hba Manager 安全漏洞 — n/a 9.1 -2021-11-12
CVE-2021-42773 Broadcom Management Center 信息泄露漏洞 — n/a 7.5 -2021-11-12
CVE-2021-42774 Broadcom Management Center 缓冲区错误漏洞 — n/a 9.8 -2021-11-12
CVE-2021-43350 LDAP filter injection vulnerability in Traffic Ops — Apache Traffic ControlCWE-90 9.8 -2021-11-11
CVE-2021-25980 Talkyard - Host-Header Injection Leads to Account Takeover — talkyardCWE-74 8.8 High2021-11-11

Vulnerabilities classified as access:pre-auth represent 19070 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.