• 设为首页
  • 点击收藏
  • 手机版
    手机扫一扫访问
    迪恩网络手机版
  • 关注官方公众号
    微信扫一扫关注
    迪恩网络公众号
登陆 注册
描述文字
OGeek|极客世界-中国程序员成长平台 门户 漏洞CVE漏洞

CVE漏洞

RSS
  • CVE-2022-24960
    CVE-2022-24960
    A use after free vulnerability was discovered in PDFTron SDK version 9.2.0. A crafted PDF can overwrite RIP with data previously allocated on the heap. This issue affects: PDFTron PDFTron SDK 9.2.0 on ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 10:51 | 阅读:69 | 回复:0
  • CVE-2022-24995
    CVE-2022-24995
    Tenda AX3 v16.03.12.10_CN was discovered to contain a stack overflow in the function fromSetSysTime. This vulnerability allows attackers to cause a Denial of Service (DoS) via the time parameter.……
    作者:菜鸟教程小白 | 时间:2022-6-23 10:51 | 阅读:58 | 回复:0
  • CVE-2022-25090
    CVE-2022-25090
    Printix Secure Cloud Print Management through 1.3.1106.0 creates a temporary temp.ini file in a directory with insecure permissions, leading to privilege escalation because of a race condition.……
    作者:菜鸟教程小白 | 时间:2022-6-23 10:51 | 阅读:76 | 回复:0
  • CVE-2022-25108
    CVE-2022-25108
    Foxit PDF Reader and Editor before 11.2.1 and PhantomPDF before 10.1.7 allow a NULL pointer dereference during PDF parsing because the pointer is used without proper validation.……
    作者:菜鸟教程小白 | 时间:2022-6-23 10:51 | 阅读:102 | 回复:0
  • CVE-2022-25213
    CVE-2022-25213
    Improper physical access control and use of hard-coded credentials in /etc/passwd permits an attacker with physical access to obtain a root shell via an unprotected UART port on the device. The same p ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 10:51 | 阅读:126 | 回复:0
  • CVE-2022-25214
    CVE-2022-25214
    Improper access control on the LocalClientList.asp interface allows an unauthenticated remote attacker to obtain sensitive information concerning devices on the local area network, including IP and MA ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 10:51 | 阅读:163 | 回复:0
  • CVE-2022-25215
    CVE-2022-25215
    Improper access control on the LocalMACConfig.asp interface allows an unauthenticated remote attacker to add (or remove) client MAC addresses to (or from) a list of banned hosts. Clients with those MA ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 10:51 | 阅读:113 | 回复:0
  • CVE-2022-25217
    CVE-2022-25217
    Use of a hard-coded cryptographic key pair by the telnetd_startup service allows an attacker on the local area network to obtain a root shell on the device over telnet. The builds of telnetd_startup i ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 10:51 | 阅读:80 | 回复:0
  • CVE-2022-25218
    CVE-2022-25218
    The use of the RSA algorithm without OAEP, or any other padding scheme, in telnetd_startup, allows an unauthenticated attacker on the local area network to achieve a significant degree of control over ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 10:51 | 阅读:93 | 回复:0
  • CVE-2022-25219
    CVE-2022-25219
    A null byte interaction error has been discovered in the code that the telnetd_startup daemon uses to construct a pair of ephemeral passwords that allow a user to spawn a telnet service on the router, ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 10:51 | 阅读:106 | 回复:0
  • CVE-2022-25225
    CVE-2022-25225
    Network Olympus version 1.8.0 allows an authenticated admin user to inject SQL queries in '/api/eventinstance' via the 'sqlparameter' JSON parameter. It is also possible to achieve rem ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 10:51 | 阅读:111 | 回复:0
  • CVE-2022-25230
    CVE-2022-25230
    Use after free vulnerability in CX-Programmer v9.76.1 and earlier which is a part of CX-One (v4.60) suite allows an attacker to cause information disclosure and/or arbitrary code execution by having a ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 10:51 | 阅读:118 | 回复:0
  • CVE-2022-25234
    CVE-2022-25234
    Out-of-bounds write vulnerability in CX-Programmer v9.76.1 and earlier which is a part of CX-One (v4.60) suite allows an attacker to cause information disclosure and/or arbitrary code execution by hav ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 10:51 | 阅读:79 | 回复:0
  • CVE-2022-25243
    CVE-2022-25243
    Vault and Vault Enterprise 1.8.0 through 1.8.8, and 1.9.3 allowed the PKI secrets engine under certain configurations to issue wildcard certificates to authorized users for a specified domain, even if ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 10:51 | 阅读:86 | 回复:0
  • CVE-2022-25244
    CVE-2022-25244
    Vault Enterprise clusters using the tokenization transform feature can expose the tokenization key through the tokenization key configuration endpoint to authorized operators with `read` permissions o ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 10:51 | 阅读:62 | 回复:0
  • CVE-2022-25294
    CVE-2022-25294
    Proofpoint Insider Threat Management Agent for Windows relies on an inherently dangerous function that could enable an unprivileged local Windows user to run arbitrary code with SYSTEM privileges. All ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 10:51 | 阅读:65 | 回复:0
  • CVE-2022-25325
    CVE-2022-25325
    Use after free vulnerability in CX-Programmer v9.76.1 and earlier which is a part of CX-One (v4.60) suite allows an attacker to cause information disclosure and/or arbitrary code execution by having a ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 10:51 | 阅读:56 | 回复:0
  • CVE-2022-25368
    CVE-2022-25368
    Spectre BHB is a variant of Spectre-v2 in which malicious code uses the shared branch history (stored in the CPU BHB) to influence mispredicted branches in the victim's hardware context. Speculati ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 10:51 | 阅读:77 | 回复:0
  • CVE-2022-25546
    CVE-2022-25546
    Tenda AX1806 v1.0.0.1 was discovered to contain a stack overflow in the function formSetSysToolDDNS. This vulnerability allows attackers to cause a Denial of Service (DoS) via the ddnsUser parameter.……
    作者:菜鸟教程小白 | 时间:2022-6-23 10:51 | 阅读:86 | 回复:0
  • CVE-2022-25547
    CVE-2022-25547
    Tenda AX1806 v1.0.0.1 was discovered to contain a stack overflow in the function fromSetSysTime. This vulnerability allows attackers to cause a Denial of Service (DoS) via the time parameter.……
    作者:菜鸟教程小白 | 时间:2022-6-23 10:51 | 阅读:100 | 回复:0
  • CVE-2022-25548
    CVE-2022-25548
    Tenda AX1806 v1.0.0.1 was discovered to contain a stack overflow in the function fromSetSysTime. This vulnerability allows attackers to cause a Denial of Service (DoS) via the serverName parameter.……
    作者:菜鸟教程小白 | 时间:2022-6-23 10:51 | 阅读:131 | 回复:0
  • CVE-2022-25549
    CVE-2022-25549
    Tenda AX1806 v1.0.0.1 was discovered to contain a stack overflow in the function formSetSysToolDDNS. This vulnerability allows attackers to cause a Denial of Service (DoS) via the ddnsEn parameter.……
    作者:菜鸟教程小白 | 时间:2022-6-23 10:51 | 阅读:88 | 回复:0
  • CVE-2022-25550
    CVE-2022-25550
    Tenda AX1806 v1.0.0.1 was discovered to contain a stack overflow in the function saveParentControlInfo. This vulnerability allows attackers to cause a Denial of Service (DoS) via the deviceName parame ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 10:51 | 阅读:70 | 回复:0
  • CVE-2022-25551
    CVE-2022-25551
    Tenda AX1806 v1.0.0.1 was discovered to contain a stack overflow in the function formSetSysToolDDNS. This vulnerability allows attackers to cause a Denial of Service (DoS) via the ddnsDomain parameter ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 10:51 | 阅读:68 | 回复:0
  • CVE-2022-25552
    CVE-2022-25552
    Tenda AX1806 v1.0.0.1 was discovered to contain a stack overflow in the function form_fast_setting_wifi_set. This vulnerability allows attackers to cause a Denial of Service (DoS) via the ssid paramet ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 10:51 | 阅读:57 | 回复:0
  • CVE-2022-25553
    CVE-2022-25553
    Tenda AX1806 v1.0.0.1 was discovered to contain a stack overflow in the function formSetSysToolDDNS. This vulnerability allows attackers to cause a Denial of Service (DoS) via the ddnsPwd parameter.……
    作者:菜鸟教程小白 | 时间:2022-6-23 10:51 | 阅读:67 | 回复:0
  • CVE-2022-25554
    CVE-2022-25554
    Tenda AX1806 v1.0.0.1 was discovered to contain a stack overflow in the function saveParentControlInfo. This vulnerability allows attackers to cause a Denial of Service (DoS) via the deviceId paramete ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 10:51 | 阅读:68 | 回复:0
  • CVE-2022-25555
    CVE-2022-25555
    Tenda AX1806 v1.0.0.1 was discovered to contain a stack overflow in the function fromSetSysTime. This vulnerability allows attackers to cause a Denial of Service (DoS) via the ntpServer parameter.……
    作者:菜鸟教程小白 | 时间:2022-6-23 10:51 | 阅读:62 | 回复:0
  • CVE-2022-25556
    CVE-2022-25556
    Tenda AX12 v22.03.01.21 was discovered to contain a stack overflow in the function sub_42E328. This vulnerability allows attackers to cause a Denial of Service (DoS) via the list parameter.……
    作者:菜鸟教程小白 | 时间:2022-6-23 10:51 | 阅读:50 | 回复:0
  • CVE-2022-25557
    CVE-2022-25557
    Tenda AX1806 v1.0.0.1 was discovered to contain a heap overflow in the function saveParentControlInfo. This vulnerability allows attackers to cause a Denial of Service (DoS) via the urls parameter.……
    作者:菜鸟教程小白 | 时间:2022-6-23 10:51 | 阅读:51 | 回复:0
  • CVE-2022-25558
    CVE-2022-25558
    Tenda AX1806 v1.0.0.1 was discovered to contain a stack overflow in the function formSetProvince. This vulnerability allows attackers to cause a Denial of Service (DoS) via the ProvinceCode parameter.……
    作者:菜鸟教程小白 | 时间:2022-6-23 10:51 | 阅读:56 | 回复:0
  • CVE-2022-25560
    CVE-2022-25560
    Tenda AX12 v22.03.01.21 was discovered to contain a stack overflow in the function sub_4327CC. This vulnerability allows attackers to cause a Denial of Service (DoS) via the list parameter.……
    作者:菜鸟教程小白 | 时间:2022-6-23 10:51 | 阅读:71 | 回复:0
  • CVE-2022-25561
    CVE-2022-25561
    Tenda AX12 v22.03.01.21 was discovered to contain a stack overflow in the function sub_42DE00. This vulnerability allows attackers to cause a Denial of Service (DoS) via the list parameter.……
    作者:菜鸟教程小白 | 时间:2022-6-23 10:51 | 阅读:58 | 回复:0
  • CVE-2022-25566
    CVE-2022-25566
    Tenda AX1806 v1.0.0.1 was discovered to contain a stack overflow in the function saveParentControlInfo. This vulnerability allows attackers to cause a Denial of Service (DoS) via the time parameter.……
    作者:菜鸟教程小白 | 时间:2022-6-23 10:51 | 阅读:50 | 回复:0
  • CVE-2022-25814
    CVE-2022-25814
    PendingIntent hijacking vulnerability in Wearable Manager Installer prior to SMR Mar-2022 Release 1 allows local attackers to perform unauthorized action without permission via hijacking the PendingIn ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 10:51 | 阅读:34 | 回复:0
  • CVE-2022-25815
    CVE-2022-25815
    PendingIntent hijacking vulnerability in Weather application prior to SMR Mar-2022 Release 1 allows local attackers to perform unauthorized action without permission via hijacking the PendingIntent.……
    作者:菜鸟教程小白 | 时间:2022-6-23 10:51 | 阅读:52 | 回复:0
  • CVE-2022-25816
    CVE-2022-25816
    Improper authentication in Samsung Lock and mask apps setting prior to SMR Mar-2022 Release 1 allows attacker to change enable/disable without authentication……
    作者:菜鸟教程小白 | 时间:2022-6-23 10:51 | 阅读:72 | 回复:0
  • CVE-2022-25817
    CVE-2022-25817
    Improper authentication in One UI Home prior to SMR Mar-2022 Release 1 allows attacker to generate pinned-shortcut without user consent.……
    作者:菜鸟教程小白 | 时间:2022-6-23 10:51 | 阅读:63 | 回复:0
  • CVE-2022-25818
    CVE-2022-25818
    Improper boundary check in UWB stack prior to SMR Mar-2022 Release 1 allows arbitrary code execution.……
    作者:菜鸟教程小白 | 时间:2022-6-23 10:51 | 阅读:40 | 回复:0
  • CVE-2022-25819
    CVE-2022-25819
    OOB read vulnerability in hdcp2 device node prior to SMR Mar-2022 Release 1 allow an attacker to view Kernel stack memory.……
    作者:菜鸟教程小白 | 时间:2022-6-23 10:51 | 阅读:44 | 回复:0

关注我们

极客给你想要的成长

关注极客中国获取最新资讯

加入Q群 官方微博
热门推荐
More+
专题导读
More+
热门话题
More+
阅读排行榜

扫描微信二维码

查看手机版网站

随时了解更新最新资讯

139-2527-9053

在线客服(服务时间 9:00~18:00)

在线QQ客服
地址:深圳市南山区西丽大学城创智工业园
电邮:jeky_zhao#qq.com
移动电话:139-2527-9053

Powered by 互联科技 X3.4© 2001-2213 极客世界.|Sitemap