Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

access:pre-auth — CVE vulnerabilities tagged 19070

19070 CVE security advisories tagged "access:pre-auth" with AI Chinese analysis, CVSS, references and POCs.

The tag "access:pre-auth" identifies vulnerabilities that allow unauthenticated attackers to gain unauthorized access to a system, application, or network resource before legitimate credentials are verified. This classification is critical because it represents the lowest barrier to entry for exploitation, enabling remote code execution, data exfiltration, or full system compromise without prior authentication. Typical scenarios involve flaws in authentication mechanisms, such as broken access controls, insecure direct object references, or logic errors in session management that bypass login requirements. Attackers frequently target these weaknesses via exposed APIs, administrative interfaces, or default configurations. Because no user interaction or valid credentials are needed, pre-authentication flaws are among the most severe and widely exploited security issues, often leading to immediate breach of confidentiality, integrity, and availability across affected infrastructure.

CVE IDTitleCVSSSeverityPublished
CVE-2021-36134 Out of bounds write in Netop Vision Pro — n/a 7.4 High2021-09-27
CVE-2021-40709 Adobe Photoshop Buffer Overflow leads to Arbitrary Code Execution — PhotoshopCWE-120 7.8 High2021-09-27
CVE-2021-36880 WordPress uListing plugin <= 2.0.3 - Unauthenticated SQL Injection (SQLi) vulnerability — uListing (WordPress plugin)CWE-89 8.6 High2021-09-27
CVE-2021-36879 WordPress uListing plugin <= 2.0.5 - Unauthenticated Privilege Escalation vulnerability — uListing (WordPress plugin)CWE-264 9.8 Critical2021-09-27
CVE-2021-40106 PortlandLabs Concrete Cms 跨站脚本漏洞 — n/a 6.1 -2021-09-27
CVE-2021-22941 Citrix Systems Citrix ShareFile 安全漏洞 — Citrix ShareFile storage zones controllerCWE-284 9.4 -2021-09-23
CVE-2021-22012 VMware vCenter Server 访问控制错误漏洞 — VMware vCenter Server 7.5 -2021-09-23
CVE-2021-22011 Vmware VMware vCenter Server 授权问题漏洞 — VMware vCenter Server, VMware Cloud Foundation 7.5 -2021-09-23
CVE-2021-1621 Cisco IOS XE Software Interface Queue Wedge Denial of Service Vulnerability — Cisco IOS XE SoftwareCWE-399 7.4 High2021-09-23
CVE-2021-1619 Cisco IOS XE Software NETCONF and RESTCONF Authentication Bypass Vulnerability — Cisco IOS XE SoftwareCWE-824 9.8 Critical2021-09-23
CVE-2021-1616 Cisco IOS XE Software H.323 Application Level Gateway Bypass Vulnerability — Cisco IOS XE SoftwareCWE-693 4.7 Medium2021-09-23
CVE-2021-1615 Cisco Embedded Wireless Controller Software for Catalyst Access Points Denial of Service Vulnerability — Cisco IOS XE SoftwareCWE-410 8.6 High2021-09-23
CVE-2021-1611 Cisco IOS XE Software for Catalyst 9800 Series Wireless Controllers EoGRE Denial of Service Vulnerability — Cisco IOS XE SoftwareCWE-399 8.6 High2021-09-23
CVE-2021-1565 Cisco IOS XE Software for Catalyst 9000 Family Wireless Controllers CAPWAP Denial of Service Vulnerabilities — Cisco IOS XE SoftwareCWE-415 8.6 High2021-09-23
CVE-2021-34770 Cisco IOS XE Software for Catalyst 9000 Family Wireless Controllers CAPWAP Remote Code Execution Vulnerability — Cisco IOS XE SoftwareCWE-122 10.0 Critical2021-09-23
CVE-2021-34769 Cisco IOS XE Software for Catalyst 9000 Family Wireless Controllers CAPWAP Denial of Service Vulnerabilities — Cisco IOS XE SoftwareCWE-415 8.6 High2021-09-23
CVE-2021-34768 Cisco IOS XE Software for Catalyst 9000 Family Wireless Controllers CAPWAP Denial of Service Vulnerabilities — Cisco IOS XE SoftwareCWE-415 8.6 High2021-09-23
CVE-2021-34767 Cisco IOS XE Software for Catalyst 9800 Series Wireless Controllers IPv6 Denial of Service Vulnerability — Cisco IOS XE SoftwareCWE-670 7.4 High2021-09-23
CVE-2021-34740 Cisco Aironet Access Points WLAN Control Protocol Packet Buffer Leak Denial of Service Vulnerability — Cisco Aironet Access Point SoftwareCWE-401 7.4 High2021-09-23
CVE-2021-34727 Cisco IOS XE SD-WAN Software Buffer Overflow Vulnerability — Cisco IOS XE SD-WAN SoftwareCWE-120 9.8 Critical2021-09-23
CVE-2021-34705 Cisco IOS and IOS XE Software FXO Interface Destination Pattern Bypass Vulnerability — Cisco IOSCWE-232 5.3 Medium2021-09-23
CVE-2021-34714 Multiple Cisco Operating Systems Unidirectional Link Detection Denial of Service Vulnerability — Cisco IOSCWE-20 7.4 High2021-09-23
CVE-2021-34703 Cisco IOS and IOS XE Software Link Layer Discovery Protocol Denial of Service Vulnerability — Cisco IOSCWE-456 6.8 Medium2021-09-23
CVE-2021-34697 Cisco IOS XE Software Protection Against Distributed Denial of Service Attacks Feature Vulnerability — Cisco IOS XE SoftwareCWE-665 5.8 Medium2021-09-23
CVE-2021-34696 Cisco ASR 900 and ASR 920 Series Aggregation Services Routers Access Control List Bypass Vulnerability — Cisco IOS XE SoftwareCWE-284 5.8 Medium2021-09-23
CVE-2021-1625 Cisco IOS XE Software Zone-Based Policy Firewall ICMP and UDP Inspection Vulnerability — Cisco IOS XE SoftwareCWE-284 5.8 Medium2021-09-23
CVE-2021-1624 Cisco IOS XE Software Rate Limiting Network Address Translation Denial of Service Vulnerability — Cisco IOS XE SoftwareCWE-399 8.6 High2021-09-23
CVE-2021-1622 Cisco IOS XE Software for Cisco cBR-8 Converged Broadband Routers Common Open Policy Service Denial of Service Vulnerability — Cisco IOS XE SoftwareCWE-833 8.6 High2021-09-23
CVE-2019-6288 Edgecore ECS2020 命令注入漏洞 — n/a 9.8 -2021-09-22
CVE-2021-40684 Talend ESB 授权问题漏洞 — n/a 9.8 -2021-09-22

Vulnerabilities classified as access:pre-auth represent 19070 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.