Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

access:pre-auth — CVE vulnerabilities tagged 19065

19065 CVE security advisories tagged "access:pre-auth" with AI Chinese analysis, CVSS, references and POCs.

The tag "access:pre-auth" identifies vulnerabilities that allow unauthenticated attackers to gain unauthorized access to a system, application, or network resource before legitimate credentials are verified. This classification is critical because it represents the lowest barrier to entry for exploitation, enabling remote code execution, data exfiltration, or full system compromise without prior authentication. Typical scenarios involve flaws in authentication mechanisms, such as broken access controls, insecure direct object references, or logic errors in session management that bypass login requirements. Attackers frequently target these weaknesses via exposed APIs, administrative interfaces, or default configurations. Because no user interaction or valid credentials are needed, pre-authentication flaws are among the most severe and widely exploited security issues, often leading to immediate breach of confidentiality, integrity, and availability across affected infrastructure.

CVE IDTitleCVSSSeverityPublished
CVE-2016-1423 Cisco AsyncOS for Cisco Email Security Appliances 安全漏洞 — Cisco AsyncOS 8.0.2-069 6.1 -2016-10-28
CVE-2016-1480 Cisco AsyncOS for Cisco Email Security Appliances和Web Security Appliances 安全漏洞 — Cisco AsyncOS through WSA10.0.0-000--2016-10-28
CVE-2016-1481 Cisco AsyncOS for Cisco Email Security Appliances 拒绝服务漏洞 — Cisco AsyncOS through 9.7.0-125 7.5 -2016-10-28
CVE-2016-1486 Cisco AsyncOS for Cisco Email Security Appliances 拒绝服务漏洞 — Cisco AsyncOS through 9.7.1-066 7.5 -2016-10-28
CVE-2016-6356 Cisco AsyncOS for Cisco Email Security Appliances 拒绝服务漏洞 — Cisco AsyncOS through 9.7.0-125 7.5 -2016-10-28
CVE-2016-6357 Cisco Email Security Appliance 安全漏洞 — Cisco AsyncOS through 9.9.6-026 5.3 -2016-10-28
CVE-2016-6358 Cisco Email Security Appliance 拒绝服务漏洞 — Cisco Email Security Appliance (ESA) through 9.7.1-000 5.3 -2016-10-28
CVE-2016-6360 Cisco Email Security Appliance和Cisco Web Security Appliance 拒绝服务漏洞 — Cisco AsyncOS through WSA10.0.0-000 5.3 -2016-10-28
CVE-2016-6372 Cisco AsyncOS for Cisco Email Security Appliances和Web Security Appliances 安全绕过漏洞 — Cisco AsyncOS through WSA10.0.0-000 8.2 -2016-10-28
CVE-2016-6397 Cisco IP Interoperability and Collaboration System 身份验证绕过漏洞 — Cisco IPICS 4.8(1) to 4.10(1) 9.1 -2016-10-28
CVE-2016-6431 Cisco Adaptive Security Appliance 拒绝服务漏洞 — Cisco ASA Software before 9.6(1.5) 7.5 -2016-10-27
CVE-2016-6432 Cisco Adaptive Security Appliance Software 缓冲区错误漏洞 — Cisco ASA Software before 9.6(2.1) 8.1 -2016-10-27
CVE-2016-6437 Cisco Wide Area Application Services 拒绝服务漏洞 — Cisco Wide Area Application Services (WAAS) before 5.3(5g)1 and 6.x before 6.2(2.32) 5.9 -2016-10-27
CVE-2016-6438 Cisco IOS XE on cBR-8 Converged Broadband Router 安全漏洞 — Cisco IOS XE 3.16S, 3.17S, 3.18.0S, 3.18.1S, 3.18.0SP 5.9 -2016-10-27
CVE-2016-6439 Cisco Firepower System Software 拒绝服务漏洞 — Cisco Firepower System Software before 6.0.1 7.5 -2016-10-27
CVE-2016-6442 Cisco Finesse Agent and Supervisor Desktop Software 跨站请求伪造漏洞 — Cisco Finesse 11.0(1) 8.8 -2016-10-27
CVE-2016-6444 Cisco Meeting Server 跨站请求伪造漏洞 — Cisco Meeting Server 1.8, 1.9, 2.0 8.8 -2016-10-27
CVE-2016-6445 Cisco Meeting Server 身份验证绕过漏洞 — Cisco Meeting Server (CMS) before 2.0.6 and Acano Server before 1.8.18 and 1.9.x before 1.9.6 9.1 -2016-10-27
CVE-2016-6446 Cisco Meeting Server 信息泄露漏洞 — Cisco Meeting Server 1.8, 1.9, 2.0 7.5 -2016-10-27
CVE-2016-1000112 WordPress contus-video-comments插件远程文件上传漏洞 — n/a 9.1 -2016-10-06
CVE-2016-1000123 Joomla! Huge-IT Video Gallery扩展SQL注入漏洞 — n/a 9.8 -2016-10-06
CVE-2016-1000124 Joomla! Huge-IT Portfolio Gallery插件SQL注入漏洞 — n/a 9.8 -2016-10-06
CVE-2016-1000125 Joomla! Huge-IT Catalog扩展SQL注入漏洞 — n/a 9.8 -2016-10-06
CVE-2016-1421 Cisco IP 8800 缓冲区错误漏洞 — Cisco IP PhonesCWE-119 9.1 -2016-06-10
CVE-2015-1772 Apache Hive HiveServer2接口授权问题漏洞 — n/a 9.1 -2015-12-21
CVE-2015-8214 Siemens多款产品 权限许可和访问控制问题漏洞 — n/a 9.1 -2015-11-27
CVE-2014-3612 Apache ActiveMQ 授权问题漏洞 — n/a 8.1 -2015-08-24
CVE-2010-5308 GE Healthcare Optima MR360 信任管理漏洞 — n/a 6.8 -2015-08-04
CVE-2014-1901 多款Y-Cam产品拒绝服务漏洞 — n/a 9.8 -2015-05-14
CVE-2015-3143 Haxx cURL和libcurl 安全漏洞 — n/a 8.2 -2015-04-24

Vulnerabilities classified as access:pre-auth represent 19065 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.