CVE漏洞

OGeek|极客世界-中国程序员成长平台 › 门户 › 漏洞›CVE漏洞

RSS

CVE-2021-44487

An issue was discovered in YottaDB through r1.32 and V7.0-000. A lack of NULL checks in calls to ious_open in sr_unix/ious_open.c allows attackers to crash the application by dereferencing a NULL poin ...……

作者：菜鸟教程小白 | 时间：2022-6-23 10:15 | 阅读：29 | 回复：0
CVE-2021-44488

An issue was discovered in YottaDB through r1.32 and V7.0-000. Using crafted input, attackers can control the size and input to calls to memcpy in op_fnfnumber in sr_port/op_fnfnumber.c in order to co ...……

作者：菜鸟教程小白 | 时间：2022-6-23 10:15 | 阅读：28 | 回复：0
CVE-2021-44489

An issue was discovered in YottaDB through r1.32 and V7.0-000. Using crafted input, attackers can cause an integer underflow of the size of calls to memset in op_fnj3 in sr_port/op_fnj3.c in order to ...……

作者：菜鸟教程小白 | 时间：2022-6-23 10:15 | 阅读：23 | 回复：0
CVE-2021-44490

An issue was discovered in YottaDB through r1.32 and V7.0-000. Using crafted input, attackers can cause a calculation of the size of calls to memset in op_fnj3 in sr_port/op_fnj3.c to result in an ext ...……

作者：菜鸟教程小白 | 时间：2022-6-23 10:15 | 阅读：20 | 回复：0
CVE-2021-44491

An issue was discovered in YottaDB through r1.32 and V7.0-000. Using crafted input, attackers can cause a calculation of the size of calls to memset in op_fnj3 in sr_port/op_fnj3.c to result in an ext ...……

作者：菜鸟教程小白 | 时间：2022-6-23 10:15 | 阅读：22 | 回复：0
CVE-2021-44492

An issue was discovered in YottaDB through r1.32 and V7.0-000 and FIS GT.M through V7.0-000. Using crafted input, attackers can cause a type to be incorrectly initialized in the function f_incr in sr_ ...……

作者：菜鸟教程小白 | 时间：2022-6-23 10:15 | 阅读：26 | 回复：0
CVE-2021-44493

An issue was discovered in YottaDB through r1.32 and V7.0-000 and FIS GT.M through V7.0-000. Using crafted input, an attacker can cause a call to $Extract to force an signed integer holding the size o ...……

作者：菜鸟教程小白 | 时间：2022-6-23 10:15 | 阅读：32 | 回复：0
CVE-2021-44494

An issue was discovered in YottaDB through r1.32 and V7.0-000 and FIS GT.M through V7.0-000. Using crafted input, an attacker can cause calls to ZRead to crash due to a NULL pointer dereference.……

作者：菜鸟教程小白 | 时间：2022-6-23 10:15 | 阅读：45 | 回复：0
CVE-2021-44495

An issue was discovered in YottaDB through r1.32 and V7.0-000 and FIS GT.M through V7.0-000. Using crafted input, an attacker can cause a NULL pointer dereference after calls to ZPrint.……

作者：菜鸟教程小白 | 时间：2022-6-23 10:15 | 阅读：46 | 回复：0
CVE-2021-44496

An issue was discovered in FIS GT.M through V7.0-000 (related to the YottaDB code base). Using crafted input, an attacker can control the size variable and buffer that is passed to a call to memcpy. A ...……

作者：菜鸟教程小白 | 时间：2022-6-23 10:15 | 阅读：63 | 回复：0
CVE-2021-44497

An issue was discovered in FIS GT.M through V7.0-000 (related to the YottaDB code base). Using crafted input, can cause the bounds of a for loop to be miscalculated, which leads to a use after free co ...……

作者：菜鸟教程小白 | 时间：2022-6-23 10:15 | 阅读：135 | 回复：0
CVE-2021-44498

An issue was discovered in FIS GT.M through V7.0-000 (related to the YottaDB code base). Using crafted input, attackers can cause a type to be incorrectly initialized in the function f_incr in sr_port ...……

作者：菜鸟教程小白 | 时间：2022-6-23 10:15 | 阅读：69 | 回复：0
CVE-2021-44499

An issue was discovered in FIS GT.M through V7.0-000 (related to the YottaDB code base). Using crafted input, an attacker can cause a call to $Extract to force an signed integer holding the size of a ...……

作者：菜鸟教程小白 | 时间：2022-6-23 10:15 | 阅读：50 | 回复：0
CVE-2021-44500

An issue was discovered in FIS GT.M through V7.0-000 (related to the YottaDB code base). A lack of input validation in calls to eb_div in sr_port/eb_muldiv.c allows attackers to crash the application ...……

作者：菜鸟教程小白 | 时间：2022-6-23 10:15 | 阅读：42 | 回复：0
CVE-2021-44501

An issue was discovered in FIS GT.M through V7.0-000 (related to the YottaDB code base). Using crafted input, an attacker can cause calls to ZRead to crash due to a NULL pointer dereference.……

作者：菜鸟教程小白 | 时间：2022-6-23 10:15 | 阅读：33 | 回复：0
CVE-2021-44502

An issue was discovered in FIS GT.M through V7.0-000 (related to the YottaDB code base). Using crafted input, an attacker can control the size of a memset that occurs in calls to util_format in sr_uni ...……

作者：菜鸟教程小白 | 时间：2022-6-23 10:15 | 阅读：36 | 回复：0
CVE-2021-44503

An issue was discovered in FIS GT.M through V7.0-000 (related to the YottaDB code base). Using crafted input, an attacker can cause a call to va_arg on an empty variadic parameter list, most likely ca ...……

作者：菜鸟教程小白 | 时间：2022-6-23 10:15 | 阅读：24 | 回复：0
CVE-2021-44504

An issue was discovered in FIS GT.M through V7.0-000 (related to the YottaDB code base). Using crafted input, an attacker can cause a size variable, stored as an signed int, to equal an extremely larg ...……

作者：菜鸟教程小白 | 时间：2022-6-23 10:15 | 阅读：26 | 回复：0
CVE-2021-44505

An issue was discovered in FIS GT.M through V7.0-000 (related to the YottaDB code base). Using crafted input, an attacker can cause a NULL pointer dereference after calls to ZPrint.……

作者：菜鸟教程小白 | 时间：2022-6-23 10:15 | 阅读：27 | 回复：0
CVE-2021-44506

An issue was discovered in FIS GT.M through V7.0-000 (related to the YottaDB code base). A lack of input validation in calls to do_verify in sr_unix/do_verify.c allows attackers to attempt to jump to ...……

作者：菜鸟教程小白 | 时间：2022-6-23 10:15 | 阅读：27 | 回复：0
CVE-2021-44507

An issue was discovered in FIS GT.M through V7.0-000 (related to the YottaDB code base). A lack of parameter validation in calls to memcpy in str_tok in sr_unix/ztimeoutroutines.c allows attackers to ...……

作者：菜鸟教程小白 | 时间：2022-6-23 10:15 | 阅读：29 | 回复：0
CVE-2021-44508

An issue was discovered in FIS GT.M through V7.0-000 (related to the YottaDB code base). A lack of NULL checks in calls to ious_open in sr_unix/ious_open.c allows attackers to crash the application by ...……

作者：菜鸟教程小白 | 时间：2022-6-23 10:15 | 阅读：32 | 回复：0
CVE-2021-44509

An issue was discovered in FIS GT.M through V7.0-000 (related to the YottaDB code base). Using crafted input, attackers can cause an integer underflow of the size of calls to memset in op_fnj3 in sr_p ...……

作者：菜鸟教程小白 | 时间：2022-6-23 10:15 | 阅读：45 | 回复：0
CVE-2021-44510

An issue was discovered in FIS GT.M through V7.0-000 (related to the YottaDB code base). Using crafted input, attackers can cause a calculation of the size of calls to memset in op_fnj3 in sr_port/op_ ...……

作者：菜鸟教程小白 | 时间：2022-6-23 10:15 | 阅读：50 | 回复：0
CVE-2022-27157

pearweb 1.32 is suffers from a Weak Password Recovery Mechanism via include/users/passwordmanage.php.……

作者：菜鸟教程小白 | 时间：2022-6-23 10:15 | 阅读：42 | 回复：0
CVE-2022-27158

pearweb 1.32 suffers from Deserialization of Untrusted Data.……

作者：菜鸟教程小白 | 时间：2022-6-23 10:15 | 阅读：49 | 回复：0
CVE-2022-27257

A PHP Local File Inclusion vulneraility in the default Redbasic theme for Hubzilla before version 7.2 allows remote attackers to include arbitrary php files via the schema parameter.……

作者：菜鸟教程小白 | 时间：2022-6-23 10:15 | 阅读：57 | 回复：0
CVE-2022-27365

Cscms Music Portal System v4.2 was discovered to contain a SQL injection vulnerability via the component dance_Dance.php_del.……

作者：菜鸟教程小白 | 时间：2022-6-23 10:15 | 阅读：43 | 回复：0
CVE-2022-27366

Cscms Music Portal System v4.2 was discovered to contain a blind SQL injection vulnerability via the component dance_Dance.php_hy.……

作者：菜鸟教程小白 | 时间：2022-6-23 10:15 | 阅读：44 | 回复：0
CVE-2022-27367

Cscms Music Portal System v4.2 was discovered to contain a SQL injection vulnerability via the component dance_Topic.php_del.……

作者：菜鸟教程小白 | 时间：2022-6-23 10:15 | 阅读：31 | 回复：0
CVE-2022-27368

Cscms Music Portal System v4.2 was discovered to contain a SQL injection vulnerability via the component dance_Lists.php_zhuan.……

作者：菜鸟教程小白 | 时间：2022-6-23 10:15 | 阅读：39 | 回复：0
CVE-2022-27369

Cscms Music Portal System v4.2 was discovered to contain a SQL injection vulnerability via the component news_News.php_hy.……

作者：菜鸟教程小白 | 时间：2022-6-23 10:15 | 阅读：35 | 回复：0
CVE-2022-21983

Win32 Stream Enumeration Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-24534.……

作者：菜鸟教程小白 | 时间：2022-6-23 10:15 | 阅读：39 | 回复：0
CVE-2022-22008

Windows Hyper-V Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-22009, CVE-2022-23257, CVE-2022-24537.……

作者：菜鸟教程小白 | 时间：2022-6-23 10:15 | 阅读：31 | 回复：0
CVE-2022-22009

Windows Hyper-V Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-22008, CVE-2022-23257, CVE-2022-24537.……

作者：菜鸟教程小白 | 时间：2022-6-23 10:15 | 阅读：35 | 回复：0
CVE-2022-23257

Windows Hyper-V Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-22008, CVE-2022-22009, CVE-2022-24537.……

作者：菜鸟教程小白 | 时间：2022-6-23 10:15 | 阅读：33 | 回复：0
CVE-2022-23259

Microsoft Dynamics 365 (on-premises) Remote Code Execution Vulnerability.……

作者：菜鸟教程小白 | 时间：2022-6-23 10:15 | 阅读：39 | 回复：0
CVE-2022-23268

Windows Hyper-V Denial of Service Vulnerability.……

作者：菜鸟教程小白 | 时间：2022-6-23 10:15 | 阅读：36 | 回复：0
CVE-2022-23292

Microsoft Power BI Spoofing Vulnerability.……

作者：菜鸟教程小白 | 时间：2022-6-23 10:15 | 阅读：36 | 回复：0
CVE-2022-24472

Microsoft SharePoint Server Spoofing Vulnerability.……

作者：菜鸟教程小白 | 时间：2022-6-23 10:15 | 阅读：39 | 回复：0