Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

access:pre-auth — CVE vulnerabilities tagged 19043

19043 CVE security advisories tagged "access:pre-auth" with AI Chinese analysis, CVSS, references and POCs.

The tag "access:pre-auth" identifies vulnerabilities that allow unauthenticated attackers to gain unauthorized access to a system, application, or network resource before legitimate credentials are verified. This classification is critical because it represents the lowest barrier to entry for exploitation, enabling remote code execution, data exfiltration, or full system compromise without prior authentication. Typical scenarios involve flaws in authentication mechanisms, such as broken access controls, insecure direct object references, or logic errors in session management that bypass login requirements. Attackers frequently target these weaknesses via exposed APIs, administrative interfaces, or default configurations. Because no user interaction or valid credentials are needed, pre-authentication flaws are among the most severe and widely exploited security issues, often leading to immediate breach of confidentiality, integrity, and availability across affected infrastructure.

CVE IDTitleCVSSSeverityPublished
CVE-2021-21021 Acrobat Reader DC Use-After-Free Vulnerability Could Lead To Arbitrary Code Execution — Acrobat ReaderCWE-416 8.8 -2021-02-11
CVE-2021-21028 Acrobat Reader DC Use-After-Free Vulnerability Could Lead To Arbitrary Code Execution — Acrobat ReaderCWE-416 8.8 -2021-02-11
CVE-2021-21033 Acrobat Reader DC Use-After-Free Vulnerability Could Lead To Arbitrary Code Execution — Acrobat ReaderCWE-416 8.8 -2021-02-11
CVE-2021-21035 Acrobat Reader DC Use-After-Free Vulnerability Could Lead To Arbitrary Code Execution — Acrobat ReaderCWE-416 8.8 -2021-02-11
CVE-2021-21037 Acrobat Reader DC Path Traversal Vulnerability Could Lead To Arbitrary Code Execution — Acrobat ReaderCWE-22 7.8 High2021-02-11
CVE-2021-21038 Acrobat Reader DC Out-Of-Bounds Write Vulnerability Could Lead To Arbitrary Code Execution — Acrobat ReaderCWE-787 7.8 High2021-02-11
CVE-2021-21040 Acrobat Reader DC Use-After-Free Vulnerability Could Lead To Arbitrary Code Execution — Acrobat ReaderCWE-416 7.8 High2021-02-11
CVE-2021-21044 Acrobat Reader DC Out-Of-Bounds Write Vulnerability Could Lead To Arbitrary Code Execution — Acrobat ReaderCWE-787 7.8 -2021-02-11
CVE-2021-21046 Acrobat Reader DC Buffer Overflow Vulnerability Could Lead To Arbitrary Code Execution — Acrobat ReaderCWE-787 6.5 -2021-02-11
CVE-2021-21057 Acrobat Reader DC Invalid Memory Read Due To An Uninitialized Pointer — Acrobat ReaderCWE-476 6.6 Medium2021-02-11
CVE-2021-21017 Acrobat Reader DC Heap-based Buffer Overflow Vulnerability Could Lead To Arbitrary Code Execution — Acrobat ReaderCWE-122 8.8 High2021-02-11
CVE-2021-21045 Acrobat Reader DC Improper Installer Access Control Vulnerability Could Lead To Privilege Escalation — Acrobat ReaderCWE-284 8.2 High2021-02-11
CVE-2021-21060 Acrobat Pro DC Improper File Parsing Could Lead to Information Disclosure — Acrobat ReaderCWE-20 4.6 Medium2021-02-11
CVE-2021-21061 Acrobat Pro DC Use-After-Free Vulnerability Could Lead to Information Disclosure — Acrobat ReaderCWE-416 3.3 -2021-02-11
CVE-2021-21024 Magento Commerce Blind SQL Injection Could Lead To Unauthorized Access — Magento CommerceCWE-89 6.5 -2021-02-11
CVE-2021-21026 Magento Commerce Incorrect permissions Could Lead To Unauthorized Access — Magento CommerceCWE-285 4.9 -2021-02-11
CVE-2021-21027 Magento Commerce Cross-Site Request Forgery (CSRF) Could Lead To Unauthorized Data Modification — Magento CommerceCWE-352 4.3 -2021-02-11
CVE-2021-21307 Remote Code Exploit in Lucee Admin — LuceeCWE-862 8.6 High2021-02-11
CVE-2021-27139 FiberHome HG6245D devices 安全漏洞 — n/a 7.5 -2021-02-10
CVE-2021-27173 FiberHome HG6245D devices 安全漏洞 — n/a 9.1 -2021-02-10
CVE-2020-26195 DELL EMC PowerScale 安全漏洞 — PowerScale OneFSCWE-280 5.3 Medium2021-02-09
CVE-2021-21476 SAP UI5 输入验证错误漏洞 — SAP UI5 6.1 -2021-02-09
CVE-2020-13117 Wavlink WN575A4 和 WN579X3 命令注入漏洞 — n/a 9.8 -2021-02-09
CVE-2021-25140 HPE Moonshot Provisioning Manager 路径遍历漏洞 — HPE Moonshot Provisioning Manager 9.8 -2021-02-09
CVE-2021-25139 HPE Moonshot Provisioning Manager 缓冲区错误漏洞 — HPE Moonshot Provisioning Manager 9.8 -2021-02-09
CVE-2020-24685 AC500 V2 unauthenticated crafter packet vulnerability — AC500 V2 products with onboard Ethernet 8.6 High2021-02-09
CVE-2021-26915 NetMotion Mobility 代码问题漏洞 — n/a 8.1 -2021-02-08
CVE-2021-26914 NetMotion Mobility 代码问题漏洞 — n/a 8.1 -2021-02-08
CVE-2021-26913 NetMotion Mobility 代码问题漏洞 — n/a 8.1 -2021-02-08
CVE-2021-26912 NetMotion Mobility 代码问题漏洞 — n/a 8.1 -2021-02-08

Vulnerabilities classified as access:pre-auth represent 19043 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.