Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

access:pre-auth — CVE vulnerabilities tagged 19070

19070 CVE security advisories tagged "access:pre-auth" with AI Chinese analysis, CVSS, references and POCs.

The tag "access:pre-auth" identifies vulnerabilities that allow unauthenticated attackers to gain unauthorized access to a system, application, or network resource before legitimate credentials are verified. This classification is critical because it represents the lowest barrier to entry for exploitation, enabling remote code execution, data exfiltration, or full system compromise without prior authentication. Typical scenarios involve flaws in authentication mechanisms, such as broken access controls, insecure direct object references, or logic errors in session management that bypass login requirements. Attackers frequently target these weaknesses via exposed APIs, administrative interfaces, or default configurations. Because no user interaction or valid credentials are needed, pre-authentication flaws are among the most severe and widely exploited security issues, often leading to immediate breach of confidentiality, integrity, and availability across affected infrastructure.

CVE IDTitleCVSSSeverityPublished
CVE-2021-35583 Oracle MySQL Server 输入验证错误漏洞 — MySQL Server 7.5 High2021-10-20
CVE-2021-35581 Oracle E-Business Suite和Oracle Applications Manager 安全漏洞 — Applications Manager 4.7 Medium2021-10-20
CVE-2021-35580 Oracle E-Business Suite和Oracle Applications Manager 安全漏洞 — Applications Manager 6.1 Medium2021-10-20
CVE-2021-35578 Oracle Java SE 输入验证错误漏洞 — Java SE JDK and JRE 5.3 Medium2021-10-20
CVE-2021-35574 Oracle Outside In Technology 输入验证错误漏洞 — Outside In Technology 7.5 High2021-10-20
CVE-2021-35573 Oracle Fusion Middleware和Oracle Outside In Technology 输入验证错误漏洞 — Outside In Technology 7.5 High2021-10-20
CVE-2021-35572 Oracle Fusion Middleware和Oracle Outside In Technology 输入验证错误漏洞 — Outside In Technology 7.5 High2021-10-20
CVE-2021-35568 Oracle PeopleSoft 安全漏洞 — PeopleSoft Enterprise PT PeopleTools 6.1 Medium2021-10-20
CVE-2021-35565 Oracle Java SE 输入验证错误漏洞 — Java SE JDK and JRE 5.3 Medium2021-10-20
CVE-2021-35564 Oracle Java SE 输入验证错误漏洞 — Java SE JDK and JRE 5.3 Medium2021-10-20
CVE-2021-35561 Oracle Java SE 输入验证错误漏洞 — Java SE JDK and JRE 5.3 Medium2021-10-20
CVE-2021-35560 Oracle Java SE 输入验证错误漏洞 — Java SE JDK and JRE 7.5 High2021-10-20
CVE-2021-35559 Oracle GraalVM 输入验证错误漏洞 — Java SE JDK and JRE 5.3 Medium2021-10-20
CVE-2021-35556 Oracle Java SE 输入验证错误漏洞 — Java SE JDK and JRE 5.3 Medium2021-10-20
CVE-2021-35554 Oracle E-Business Suite和Oracle Trade Management 安全漏洞 — Trade Management 5.3 Medium2021-10-20
CVE-2021-35552 Oracle WebLogic Server 输入验证错误漏洞 — WebLogic Server 5.3 Medium2021-10-20
CVE-2021-35550 Oracle Java SE 输入验证错误漏洞 — Java SE JDK and JRE 5.9 Medium2021-10-20
CVE-2021-2480 Oracle Fusion Middleware和Oracle HTTP Server 输入验证错误漏洞 — HTTP Server 3.7 Low2021-10-20
CVE-2021-2477 Oracle E-Business Suite和Oracle Applications Framework 安全漏洞 — Applications Framework 5.3 Medium2021-10-20
CVE-2021-2476 Oracle Transportation Management 安全漏洞 — Transportation Management 5.3 Medium2021-10-20
CVE-2021-2461 Oracle Communications 安全漏洞 — Communications Interactive Session Recorder 8.3 High2021-10-20
CVE-2021-30302 多款Qualcomm产品授权问题漏洞 — Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking 7.5 High2021-10-20
CVE-2021-31386 Junos OS: When using J-Web with HTTP an attacker may retrieve encryption keys via Person-in-the-Middle attacks. — Junos OSCWE-311 5.3 Medium2021-10-19
CVE-2021-31383 Junos OS and Junos OS Evolved: In Point to MultiPoint (P2MP) scenarios receipt of various crafted packets causes RPD to core. — Junos OS 7.5 High2021-10-19
CVE-2021-31370 Junos OS: QFX5000 Series and EX4600 Series: Control traffic might be dropped if a high rate of specific multicast traffic is received — Junos OSCWE-184 6.5 Medium2021-10-19
CVE-2021-31369 Junos OS: MX Series: Traffic drops will be observed if MS-MPC/MS-PIC resources are consumed by certain traffic causing a partial DoS — Junos OSCWE-770 5.3 Medium2021-10-19
CVE-2021-31368 Junos OS: EX2300 Series, EX3400 Series, and ACX710 might become unresponsive if the out-of-band management port receives a flood of traffic — Junos OSCWE-400 7.5 High2021-10-19
CVE-2021-31364 Junos OS: SRX Series: The flowd process will crash if log session-close is configured and specific traffic is received — Junos OSCWE-754 5.9 Medium2021-10-19
CVE-2021-31363 Junos OS and Junos OS Evolved: Receipt of a specific LDP message will cause a Denial of Service — Junos OSCWE-835 6.5 Medium2021-10-19
CVE-2021-31362 Junos OS and Junos OS Evolved: An IS-IS adjacency might be taken down if a bad hello PDU is received for an existing adjacency causing a DoS — Junos OSCWE-693 6.5 Medium2021-10-19

Vulnerabilities classified as access:pre-auth represent 19070 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.