Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

access:pre-auth — CVE vulnerabilities tagged 19070

19070 CVE security advisories tagged "access:pre-auth" with AI Chinese analysis, CVSS, references and POCs.

The tag "access:pre-auth" identifies vulnerabilities that allow unauthenticated attackers to gain unauthorized access to a system, application, or network resource before legitimate credentials are verified. This classification is critical because it represents the lowest barrier to entry for exploitation, enabling remote code execution, data exfiltration, or full system compromise without prior authentication. Typical scenarios involve flaws in authentication mechanisms, such as broken access controls, insecure direct object references, or logic errors in session management that bypass login requirements. Attackers frequently target these weaknesses via exposed APIs, administrative interfaces, or default configurations. Because no user interaction or valid credentials are needed, pre-authentication flaws are among the most severe and widely exploited security issues, often leading to immediate breach of confidentiality, integrity, and availability across affected infrastructure.

CVE IDTitleCVSSSeverityPublished
CVE-2021-22026 VMware vRealize Operations 代码问题漏洞 — VMware vRealize Operations 7.5 -2021-08-30
CVE-2021-22027 VMware vRealize Operations 代码问题漏洞 — VMware vRealize Operations 7.5 -2021-08-30
CVE-2021-22024 VMware vRealize Operations 日志信息泄露漏洞 — VMware vRealize Operations 7.5 -2021-08-30
CVE-2021-38390 Delta Electronics DIAEnergie SQL注入漏洞 — Delta Electronics DIAEnergieCWE-89 9.8 -2021-08-30
CVE-2021-32983 Delta Electronics DIAEnergie SQL注入漏洞 — Delta Electronics DIAEnergieCWE-89 9.8 -2021-08-30
CVE-2021-38393 Delta Electronics DIAEnergie SQL注入漏洞 — Delta Electronics DIAEnergieCWE-89 9.8 -2021-08-30
CVE-2021-38391 Delta Electronics DIAEnergie SQL注入漏洞 — Delta Electronics DIAEnergieCWE-89 9.8 -2021-08-30
CVE-2021-26084 Atlassian Confluence Server 注入漏洞 — Confluence Server 9.8 -2021-08-30
CVE-2021-39165 Unauthenticated SQL Injection — CachetCWE-287 8.1 High2021-08-26
CVE-2021-29487 Authentication bypass in Octobercms — octoberCWE-287 7.4 High2021-08-26
CVE-2021-27944 Vizio P65-F1 命令注入漏洞 — n/a 9.8 -2021-08-26
CVE-2021-1591 Cisco Nexus 9500 Series Switches Access Control List Bypass Vulnerability — Cisco NX-OS SoftwareCWE-284 5.8 Medium2021-08-25
CVE-2021-1590 Cisco NX-OS Software system login block-for Denial of Service Vulnerability — Cisco NX-OS SoftwareCWE-787 5.3 Medium2021-08-25
CVE-2021-1588 Cisco NX-OS Software MPLS OAM Denial of Service Vulnerability — Cisco NX-OS SoftwareCWE-126 8.6 High2021-08-25
CVE-2021-1587 Cisco NX-OS Software VXLAN OAM (NGOAM) Denial of Service Vulnerability — Cisco NX-OS SoftwareCWE-115 8.6 High2021-08-25
CVE-2021-1586 Cisco Nexus 9000 Series Fabric Switches ACI Mode Multi-Pod and Multi-Site TCP Denial of Service Vulnerability — Cisco NX-OS System Software in ACI ModeCWE-345 8.6 High2021-08-25
CVE-2021-1577 Cisco Application Policy Infrastructure Controller Arbitrary File Read and Write Vulnerability — Cisco Application Policy Infrastructure Controller (APIC)CWE-284 9.1 Critical2021-08-25
CVE-2021-1523 Cisco Nexus 9000 Series Fabric Switches ACI Mode Queue Wedge Denial of Service Vulnerability — Cisco NX-OS System Software in ACI ModeCWE-772 8.6 High2021-08-25
CVE-2021-21778 MZ Automation lib60870 安全漏洞 — MZ Automation" 7.5 -2021-08-25
CVE-2021-33886 B. Braun SpaceCom2 格式化字符串错误漏洞 — n/a 8.1 High2021-08-25
CVE-2021-33885 B.Braun SpaceCom2 数据伪造问题漏洞 — n/a 10.0 Critical2021-08-25
CVE-2021-30948 Apple iOS 和 iPadOS 授权问题漏洞 — iOS and iPadOS 4.6 -2021-08-24
CVE-2021-28594 Creative Cloud Desktop installer Uncontrolled Search Path element could lead to arbitrary code execution — PreludeCWE-427 7.8 High2021-08-24
CVE-2021-28629 Adobe Animate heap corruption vulnerability could lead to arbitrary code execution — AnimateCWE-122 7.8 -2021-08-24
CVE-2021-28630 Adobe Animate FLA File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability — AnimateCWE-125 3.3 Low2021-08-24
CVE-2021-28622 Adobe Animate BMP File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability — AnimateCWE-787 7.8 -2021-08-24
CVE-2021-28619 Adobe Animate out-of-bounds read vulnerability could lead to sensitive information disclosure — AnimateCWE-125 5.5 Medium2021-08-24
CVE-2021-28620 Adobe Animate heap corruption vulnerability could lead to arbitrary code execution — AnimateCWE-122 7.8 -2021-08-24
CVE-2021-28621 Adobe Animate FLA File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability — AnimateCWE-125 7.8 High2021-08-24
CVE-2021-28617 Adobe Animate out-of-bounds read vulnerability could lead to sensitive information disclosure — AnimateCWE-125 6.5 -2021-08-24

Vulnerabilities classified as access:pre-auth represent 19070 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.