Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

access:pre-auth — CVE vulnerabilities tagged 19065

19065 CVE security advisories tagged "access:pre-auth" with AI Chinese analysis, CVSS, references and POCs.

The tag "access:pre-auth" identifies vulnerabilities that allow unauthenticated attackers to gain unauthorized access to a system, application, or network resource before legitimate credentials are verified. This classification is critical because it represents the lowest barrier to entry for exploitation, enabling remote code execution, data exfiltration, or full system compromise without prior authentication. Typical scenarios involve flaws in authentication mechanisms, such as broken access controls, insecure direct object references, or logic errors in session management that bypass login requirements. Attackers frequently target these weaknesses via exposed APIs, administrative interfaces, or default configurations. Because no user interaction or valid credentials are needed, pre-authentication flaws are among the most severe and widely exploited security issues, often leading to immediate breach of confidentiality, integrity, and availability across affected infrastructure.

CVE IDTitleCVSSSeverityPublished
CVE-2020-35224 Netgear NETGEAR JGS516PE 安全漏洞 — n/a 6.5 -2021-03-10
CVE-2020-19419 Emerson Smart Wireless Gateway 访问控制错误漏洞 — n/a 7.5 -2021-03-10
CVE-2021-28122 Sukchan Lee open5gs 访问控制错误漏洞 — n/a 9.8 -2021-03-10
CVE-2021-20670 Weseek GROWI 安全漏洞 — GROWI 7.5 -2021-03-10
CVE-2020-27225 Eclipse Platform 访问控制错误漏洞 — Eclipse PlatformCWE-306 7.8 -2021-03-09
CVE-2021-21484 SAP HANA 安全漏洞 — SAP HANA 9.8 -2021-03-09
CVE-2021-21510 Dell iDRAC8 注入漏洞 — Integrated Dell Remote Access Controller (iDRAC)CWE-20 6.1 -2021-03-08
CVE-2020-27838 Red Hat Keycloak 授权问题漏洞 — keycloakCWE-287 4.3 -2021-03-08
CVE-2021-26788 Oryx Embedded CycloneTCP 输入验证错误漏洞 — n/a 7.5 -2021-03-08
CVE-2020-28466 Denial of Service (DoS) — github.com/nats-io/nats-server/server 7.5 High2021-03-07
CVE-2021-26705 SquareBox CatDV Server 访问控制错误漏洞 — n/a 9.1 -2021-03-05
CVE-2021-26960 Aruba AirWave Management Platform 跨站请求伪造漏洞 — Aruba AirWave Management Platform 8.8 -2021-03-05
CVE-2021-26961 Aruba Networks AirWave Management Platform 跨站请求伪造漏洞 — Aruba AirWave Management Platform 8.8 -2021-03-05
CVE-2021-27964 Sonlogger 代码问题漏洞 — n/a 9.8 -2021-03-05
CVE-2021-27314 Sourcecodesterk Doctor Appointment System SQL注入漏洞 — n/a 7.5 -2021-03-04
CVE-2021-25335 Samsung mobile devices 安全漏洞 — Samsung Mobile DevicesCWE-703 2.5 Low2021-03-04
CVE-2020-24914 Matthias Van Woensel qcubed 安全漏洞 — n/a 9.8 -2021-03-04
CVE-2020-24913 Matthias Van Woensel qcubed SQL注入漏洞 — n/a 9.8 -2021-03-04
CVE-2020-24912 Matthias Van Woensel qcubed 跨站脚本漏洞 — n/a 6.1 -2021-03-04
CVE-2021-27931 LumisXP 代码问题漏洞 — n/a 9.1 -2021-03-03
CVE-2021-22681 Rockwell Automation RSLogix 500 和 Logix Designer Studio 5000 安全漏洞 — Rockwell Automation Studio 5000 Logix Designer, RSLogix 5000, Logix ControllersCWE-522 9.8 -2021-03-03
CVE-2020-28657 Nsf bmpanel2 SQL注入漏洞 — n/a 9.8 -2021-03-02
CVE-2021-21513 Dell EMC OpenManage Server Administrator 授权问题漏洞 — Dell Open Manage Server AdministratorCWE-287 8.6 High2021-03-02
CVE-2021-21517 Dell SRS Policy Manager 代码问题漏洞 — SRS Policy ManagerCWE-611 7.2 High2021-03-01
CVE-2020-36240 Crowd 安全漏洞 — Crowd 5.3 -2021-03-01
CVE-2021-27198 Visualware MyConnection Server 代码问题漏洞 — n/a 9.8 -2021-02-26
CVE-2019-11684 Improper Access Control in Bosch Video Recording Manager — n/a 9.9 Critical2021-02-26
CVE-2021-1396 Cisco Application Services Engine Unauthorized Access Vulnerabilities — Cisco Application Services Engine SoftwareCWE-306 9.8 Critical2021-02-24
CVE-2021-1393 Cisco Application Services Engine Unauthorized Access Vulnerabilities — Cisco Application Services Engine SoftwareCWE-306 9.8 Critical2021-02-24
CVE-2021-1388 Cisco ACI Multi-Site Orchestrator Application Services Engine Deployment Authentication Bypass Vulnerability — Cisco ACI Multi-Site Orchestrator SoftwareCWE-269 10.0 Critical2021-02-24

Vulnerabilities classified as access:pre-auth represent 19065 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.