• 设为首页
  • 点击收藏
  • 手机版
    手机扫一扫访问
    迪恩网络手机版
  • 关注官方公众号
    微信扫一扫关注
    迪恩网络公众号
登陆 注册
描述文字
OGeek|极客世界-中国程序员成长平台 门户 漏洞CVE漏洞

CVE漏洞

RSS
  • CVE-2022-21478
    CVE-2022-21478
    Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.28 and prior. Easily exploitable vulnerability allows high privil ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 10:16 | 阅读:59 | 回复:0
  • CVE-2022-21479
    CVE-2022-21479
    Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.28 and prior. Easily exploitable vulnerability allows high privil ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 10:16 | 阅读:50 | 回复:0
  • CVE-2022-21480
    CVE-2022-21480
    Vulnerability in the Oracle Transportation Management product of Oracle Supply Chain (component: User Interface). Supported versions that are affected are 6.4.3 and 6.5.1. Easily exploitable vulnerabi ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 10:16 | 阅读:56 | 回复:0
  • CVE-2022-21481
    CVE-2022-21481
    Vulnerability in the PeopleSoft Enterprise FIN Cash Management product of Oracle PeopleSoft (component: Financial Gateway). The supported version that is affected is 9.2. Easily exploitable vulnerabil ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 10:16 | 阅读:61 | 回复:0
  • CVE-2022-21482
    CVE-2022-21482
    Vulnerability in the MySQL Cluster product of Oracle MySQL (component: Cluster: General). Supported versions that are affected are 8.0.28 and prior. Difficult to exploit vulnerability allows high priv ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 10:16 | 阅读:54 | 回复:0
  • CVE-2022-21483
    CVE-2022-21483
    Vulnerability in the MySQL Cluster product of Oracle MySQL (component: Cluster: General). Supported versions that are affected are 7.4.35 and prior, 7.5.25 and prior, 7.6.21 and prior and 8.0.28 and p ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 10:16 | 阅读:84 | 回复:0
  • CVE-2022-21484
    CVE-2022-21484
    Vulnerability in the MySQL Cluster product of Oracle MySQL (component: Cluster: General). Supported versions that are affected are 7.4.35 and prior, 7.5.25 and prior, 7.6.21 and prior and 8.0.28 and p ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 10:16 | 阅读:78 | 回复:0
  • CVE-2022-21485
    CVE-2022-21485
    Vulnerability in the MySQL Cluster product of Oracle MySQL (component: Cluster: General). Supported versions that are affected are 7.4.35 and prior, 7.5.25 and prior, 7.6.21 and prior and 8.0.28 and p ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 10:16 | 阅读:52 | 回复:0
  • CVE-2022-21486
    CVE-2022-21486
    Vulnerability in the MySQL Cluster product of Oracle MySQL (component: Cluster: General). Supported versions that are affected are 7.4.35 and prior, 7.5.25 and prior, 7.6.21 and prior and 8.0.28 and p ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 10:16 | 阅读:50 | 回复:0
  • CVE-2022-21487
    CVE-2022-21487
    Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). The supported version that is affected is Prior to 6.1.34. Easily exploitable vulnerability allows low pri ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 10:16 | 阅读:85 | 回复:0
  • CVE-2022-21488
    CVE-2022-21488
    Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). The supported version that is affected is Prior to 6.1.34. Easily exploitable vulnerability allows low pri ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 10:16 | 阅读:41 | 回复:0
  • CVE-2022-21489
    CVE-2022-21489
    Vulnerability in the MySQL Cluster product of Oracle MySQL (component: Cluster: General). Supported versions that are affected are 7.4.35 and prior, 7.5.25 and prior, 7.6.21 and prior and 8.0.28 and p ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 10:16 | 阅读:50 | 回复:0
  • CVE-2022-21490
    CVE-2022-21490
    Vulnerability in the MySQL Cluster product of Oracle MySQL (component: Cluster: General). Supported versions that are affected are 7.4.35 and prior, 7.5.25 and prior, 7.6.21 and prior and 8.0.28 and p ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 10:16 | 阅读:49 | 回复:0
  • CVE-2022-21491
    CVE-2022-21491
    Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). The supported version that is affected is Prior to 6.1.34. Easily exploitable vulnerability allows low pri ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 10:16 | 阅读:70 | 回复:0
  • CVE-2022-21492
    CVE-2022-21492
    Vulnerability in the Oracle Business Intelligence Enterprise Edition product of Oracle Fusion Middleware (component: Analytics Server). The supported version that is affected is 5.9.0.0.0. Easily expl ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 10:16 | 阅读:82 | 回复:0
  • CVE-2022-21493
    CVE-2022-21493
    Vulnerability in the Oracle Solaris product of Oracle Systems (component: Kernel). The supported version that is affected is 11. Easily exploitable vulnerability allows low privileged attacker with lo ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 10:16 | 阅读:114 | 回复:0
  • CVE-2022-21494
    CVE-2022-21494
    Vulnerability in the Oracle Solaris product of Oracle Systems (component: Kernel). The supported version that is affected is 11. Difficult to exploit vulnerability allows high privileged attacker with ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 10:16 | 阅读:85 | 回复:0
  • CVE-2022-21496
    CVE-2022-21496
    Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JNDI). Supported versions that are affected are Oracle Java SE: 7u331, 8u321, 11.0.14, 17.0 ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 10:16 | 阅读:78 | 回复:0
  • CVE-2022-21497
    CVE-2022-21497
    Vulnerability in the Oracle Web Services Manager product of Oracle Fusion Middleware (component: Web Services Security). Supported versions that are affected are 12.2.1.3.0 and 12.2.1.4.0. Easily expl ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 10:16 | 阅读:64 | 回复:0
  • CVE-2022-21498
    CVE-2022-21498
    Vulnerability in the Java VM component of Oracle Database Server. Supported versions that are affected are 12.1.0.2, 19c and 21c. Easily exploitable vulnerability allows low privileged attacker having ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 10:16 | 阅读:122 | 回复:0
  • CVE-2022-25788
    CVE-2022-25788
    A maliciously crafted JT file in Autodesk AutoCAD 2022 may be used to write beyond the allocated buffer while parsing JT files. This vulnerability can be exploited to execute arbitrary code.……
    作者:菜鸟教程小白 | 时间:2022-6-23 10:16 | 阅读:44 | 回复:0
  • CVE-2022-27527
    CVE-2022-27527
    A Memory Corruption vulnerability may lead to code execution through maliciously crafted DLL files. It was fixed in PDFTron earlier than 9.0.7 version in Autodesk Navisworks 2022.……
    作者:菜鸟教程小白 | 时间:2022-6-23 10:16 | 阅读:50 | 回复:0
  • CVE-2022-27862
    CVE-2022-27862
    Arbitrary File Upload leading to RCE in E4J s.r.l. VikBooking Hotel Booking Engine PMS plugin = 1.5.3 on WordPress allows attackers to upload and execute dangerous file types (e.g. PHP shell) via the ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 10:16 | 阅读:51 | 回复:0
  • CVE-2022-27863
    CVE-2022-27863
    Sensitive Information Exposure in E4J s.r.l. VikBooking Hotel Booking Engine PMS plugin = 1.5.3 on WordPress allows attackers to get the booking data by guessing / brute-forcing easy predictable book ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 10:16 | 阅读:44 | 回复:0
  • CVE-2022-28221
    CVE-2022-28221
    The CleanTalk AntiSpam plugin = 5.173 for WordPress is vulnerable to Reflected Cross-Site Scripting (XSS) via the $_REQUEST parameter in`/lib/Cleantalk/ApbctWP/FindSpam/ListTable/Comments.php`……
    作者:菜鸟教程小白 | 时间:2022-6-23 10:16 | 阅读:48 | 回复:0
  • CVE-2022-28222
    CVE-2022-28222
    The CleanTalk AntiSpam plugin = 5.173 for WordPress is vulnerable to Reflected Cross-Site Scripting (XSS) via the $_REQUEST parameter in`/lib/Cleantalk/ApbctWP/FindSpam/ListTable/Users.php`……
    作者:菜鸟教程小白 | 时间:2022-6-23 10:16 | 阅读:33 | 回复:0
  • CVE-2021-3100
    CVE-2021-3100
    The Apache Log4j hotpatch package before log4j-cve-2021-44228-hotpatch-1.1-13 didn’t mimic the permissions of the JVM being patched, allowing it to escalate privileges.……
    作者:菜鸟教程小白 | 时间:2022-6-23 10:16 | 阅读:37 | 回复:0
  • CVE-2021-3101
    CVE-2021-3101
    Hotdog, prior to v1.0.1, did not mimic the capabilities or the SELinux label of the target JVM process. This would allow a container to gain full privileges on the host, bypassing restrictions set on ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 10:16 | 阅读:34 | 回复:0
  • CVE-2022-0070
    CVE-2022-0070
    Incomplete fix for CVE-2021-3100. The Apache Log4j hotpatch package starting with log4j-cve-2021-44228-hotpatch-1.1-16 will now explicitly mimic the Linux capabilities and cgroups of the target Java p ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 10:16 | 阅读:36 | 回复:0
  • CVE-2022-0071
    CVE-2022-0071
    Incomplete fix for CVE-2021-3101. Hotdog, prior to v1.0.2, did not mimic the resource limits, device restrictions, or syscall filters of the target JVM process. This would allow a container to exhaust ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 10:16 | 阅读:40 | 回复:0
  • CVE-2022-24858
    CVE-2022-24858
    next-auth v3 users before version 3.29.2 are impacted. next-auth version 4 users before version 4.3.2 are also impacted. Upgrading to 3.29.2 or 4.3.2 will patch this vulnerability. If you are not able ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 10:16 | 阅读:43 | 回复:0
  • CVE-2022-24826
    CVE-2022-24826
    On Windows, if Git LFS operates on a malicious repository with a `..exe` file as well as a file named `git.exe`, and `git.exe` is not found in `PATH`, the `..exe` program will be executed, permitting ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 10:16 | 阅读:49 | 回复:0
  • CVE-2022-24860
    CVE-2022-24860
    Databasir is a team-oriented relational database model document management platform. Databasir 1.01 has Use of Hard-coded Cryptographic Key vulnerability. An attacker can use hard coding to generate l ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 10:16 | 阅读:48 | 回复:0
  • CVE-2022-27629
    CVE-2022-27629
    Cross-site request forgery (CSRF) vulnerability in 'MicroPayments - Paid Author Subscriptions, Content, Downloads, Membership' versions prior to 1.9.6 allows a remote unauthenticated attacker ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 10:16 | 阅读:46 | 回复:0
  • CVE-2022-29266
    CVE-2022-29266
    In APache APISIX before 3.13.1, the jwt-auth plugin has a security issue that leaks the user's secret key because the error message returned from the dependency lua-resty-jwt contains sensitive in ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 10:16 | 阅读:49 | 回复:0
  • CVE-2022-24675
    CVE-2022-24675
    encoding/pem in Go before 1.17.9 and 1.18.x before 1.18.1 has a Decode stack overflow via a large amount of PEM data.……
    作者:菜鸟教程小白 | 时间:2022-6-23 10:16 | 阅读:108 | 回复:0
  • CVE-2022-27536
    CVE-2022-27536
    Certificate.Verify in crypto/x509 in Go 1.18.x before 1.18.1 can be caused to panic on macOS when presented with certain malformed certificates. This allows a remote TLS server to cause a TLS client t ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 10:16 | 阅读:41 | 回复:0
  • CVE-2022-28327
    CVE-2022-28327
    The generic P-256 feature in crypto/elliptic in Go before 1.17.9 and 1.18.x before 1.18.1 allows a panic via long scalar input.……
    作者:菜鸟教程小白 | 时间:2022-6-23 10:16 | 阅读:39 | 回复:0
  • CVE-2022-29527
    CVE-2022-29527
    Amazon AWS amazon-ssm-agent before 3.1.1208.0 creates a world-writable sudoers file, which allows local attackers to inject Sudo rules and escalate privileges to root. This occurs in certain situation ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 10:16 | 阅读:34 | 回复:0
  • CVE-2022-1254
    CVE-2022-1254
    A URL redirection vulnerability in Skyhigh SWG in main releases 10.x prior to 10.2.9, 9.x prior to 9.2.20, 8.x prior to 8.2.27, and 7.x prior to 7.8.2.31, and controlled release 11.x prior to 11.1.3 a ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 10:16 | 阅读:31 | 回复:0

关注我们

极客给你想要的成长

关注极客中国获取最新资讯

加入Q群 官方微博
热门推荐
More+
专题导读
More+
热门话题
More+
阅读排行榜

扫描微信二维码

查看手机版网站

随时了解更新最新资讯

139-2527-9053

在线客服(服务时间 9:00~18:00)

在线QQ客服
地址:深圳市南山区西丽大学城创智工业园
电邮:jeky_zhao#qq.com
移动电话:139-2527-9053

Powered by 互联科技 X3.4© 2001-2213 极客世界.|Sitemap