Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

access:pre-auth — CVE vulnerabilities tagged 19065

19065 CVE security advisories tagged "access:pre-auth" with AI Chinese analysis, CVSS, references and POCs.

The tag "access:pre-auth" identifies vulnerabilities that allow unauthenticated attackers to gain unauthorized access to a system, application, or network resource before legitimate credentials are verified. This classification is critical because it represents the lowest barrier to entry for exploitation, enabling remote code execution, data exfiltration, or full system compromise without prior authentication. Typical scenarios involve flaws in authentication mechanisms, such as broken access controls, insecure direct object references, or logic errors in session management that bypass login requirements. Attackers frequently target these weaknesses via exposed APIs, administrative interfaces, or default configurations. Because no user interaction or valid credentials are needed, pre-authentication flaws are among the most severe and widely exploited security issues, often leading to immediate breach of confidentiality, integrity, and availability across affected infrastructure.

CVE IDTitleCVSSSeverityPublished
CVE-2021-27193 Netop Vision 访问控制错误漏洞 — n/a 9.8 -2021-03-25
CVE-2021-22659 Rockwell Automation MicroLogix 1400 安全漏洞 — Rockwell Automation MicroLogix 1400CWE-120 9.8 -2021-03-25
CVE-2021-29156 Forgerock ForgeRock OpenAM 注入漏洞 — n/a 7.5 -2021-03-25
CVE-2021-26715 Michael Stepankin OpenID-Connect-Java-Spring-Server 代码问题漏洞 — n/a 9.1 -2021-03-25
CVE-2021-1381 Cisco IOS XE Software Active Debug Code Vulnerability — Cisco IOS XE SoftwareCWE-489 6.1 Medium2021-03-24
CVE-2021-1352 Cisco IOS XE Software DECnet Phase IV/OSI Denial of Service Vulnerability — Cisco IOS XE SoftwareCWE-823 7.4 High2021-03-24
CVE-2021-1373 Cisco IOS XE Wireless Controller Software for the Catalyst 9000 Family CAPWAP Denial of Service Vulnerability — Cisco IOS XE SoftwareCWE-126 8.6 High2021-03-24
CVE-2021-1377 Cisco IOS and IOS XE Software ARP Resource Management Exhaustion Denial of Service Vulnerability — Cisco IOSCWE-399 5.8 Medium2021-03-24
CVE-2021-1394 Cisco IOS XE Software for Network Convergence System 520 Routers Denial of Service Vulnerability — Cisco IOS XE SoftwareCWE-399 5.3 Medium2021-03-24
CVE-2021-1398 Cisco IOS XE Software Arbitrary Code Execution Vulnerability — Cisco IOS XE SoftwareCWE-489 6.8 Medium2021-03-24
CVE-2021-1403 Cisco IOS XE Software Web UI Cross-Site WebSocket Hijacking Vulnerability — Cisco IOS XE SoftwareCWE-345 7.4 High2021-03-24
CVE-2021-1460 Cisco IOx Application Framework Denial of Service Vulnerability — Cisco IOSCWE-400 5.3 Medium2021-03-24
CVE-2021-1453 Cisco IOS XE Software for the Catalyst 9000 Family Arbitrary Code Execution Vulnerability — Cisco IOS XE SoftwareCWE-347 6.8 Medium2021-03-24
CVE-2021-1452 Cisco IOS XE ROM Monitor Software for Cisco Industrial Switches OS Command Injection Vulnerability — Cisco IOS XE ROMMON SoftwareCWE-78 6.8 Medium2021-03-24
CVE-2021-1451 Cisco IOS XE Software Easy Virtual Switching System Arbitrary Code Execution Vulnerability — Cisco IOS XE SoftwareCWE-119 8.1 High2021-03-24
CVE-2021-1446 Cisco IOS XE Software DNS NAT Protocol Application Layer Gateway Denial of Service Vulnerability — Cisco IOS XE SoftwareCWE-754 8.6 High2021-03-24
CVE-2021-1439 Cisco Aironet Access Points FlexConnect Multicast DNS Denial of Service Vulnerability — Cisco Aironet Access Point Software (IOS XE Controller)CWE-120 7.4 High2021-03-24
CVE-2021-1437 Cisco Aironet Access Points FlexConnect Upgrade Information Disclosure Vulnerability — Cisco Aironet Access Point SoftwareCWE-275 7.5 High2021-03-24
CVE-2021-1433 Cisco IOS XE SD-WAN Software vDaemon Buffer Overflow Vulnerability — Cisco IOS XE SoftwareCWE-119 8.1 High2021-03-24
CVE-2021-1431 Cisco IOS XE SD-WAN Software vDaemon Denial of Service Vulnerability — Cisco IOS XE SoftwareCWE-20 7.5 High2021-03-24
CVE-2021-27320 Sourcecodesterk Doctor Appointment System SQL注入漏洞 — n/a 7.5 -2021-03-24
CVE-2021-27319 Sourcecodesterk Doctor Appointment System SQL注入漏洞 — n/a 7.5 -2021-03-24
CVE-2021-27316 Sourcecodesterk Doctor Appointment System SQL注入漏洞 — n/a 7.5 -2021-03-24
CVE-2021-27315 Sourcecodesterk Doctor Appointment System SQL注入漏洞 — n/a 7.5 -2021-03-24
CVE-2021-23274 TIBCO API Exchange Gateway Clickjack Vulnerability — TIBCO API Exchange Gateway 9.8 Critical2021-03-23
CVE-2021-27309 OpenSourceCMS.com Clansphere CMS 跨站脚本漏洞 — n/a 6.1 -2021-03-23
CVE-2021-27310 OpenSourceCMS.com Clansphere CMS 跨站脚本漏洞 — n/a 6.1 -2021-03-23
CVE-2021-29076 Netgear NETGEAR 命令注入漏洞 — n/a 9.6 Critical2021-03-23
CVE-2021-29077 多款Netgear产品命令注入漏洞 — n/a 9.6 Critical2021-03-23
CVE-2021-29078 多款Netgear产品命令注入漏洞 — n/a 9.6 Critical2021-03-23

Vulnerabilities classified as access:pre-auth represent 19065 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.