CVE漏洞

OGeek|极客世界-中国程序员成长平台 › 门户 › 漏洞›CVE漏洞

RSS

CVE-2022-1231

XSS via Embedded SVG in SVG Diagram Format in GitHub repository plantuml/plantuml prior to 1.2022.4. Stored XSS in the context of the diagram embedder. Depending on the actual context, this ranges fro ...……

作者：菜鸟教程小白 | 时间：2022-6-23 10:14 | 阅读：19 | 回复：0
CVE-2022-20622

A vulnerability in IP ingress packet processing of the Cisco Embedded Wireless Controller with Catalyst Access Points Software could allow an unauthenticated, remote attacker to cause the device to re ...……

作者：菜鸟教程小白 | 时间：2022-6-23 10:14 | 阅读：19 | 回复：0
CVE-2022-20661

Multiple vulnerabilities that affect Cisco Catalyst Digital Building Series Switches and Cisco Catalyst Micro Switches could allow an attacker to execute persistent code at boot time or to permanently ...……

作者：菜鸟教程小白 | 时间：2022-6-23 10:14 | 阅读：19 | 回复：0
CVE-2022-20676

A vulnerability in the Tool Command Language (Tcl) interpreter of Cisco IOS XE Software could allow an authenticated, local attacker to escalate from privilege level 15 to root-level privileges. This ...……

作者：菜鸟教程小白 | 时间：2022-6-23 10:14 | 阅读：23 | 回复：0
CVE-2022-20677

Multiple vulnerabilities in the Cisco IOx application hosting environment on multiple Cisco platforms could allow an attacker to inject arbitrary commands into the underlying host operating system, ex ...……

作者：菜鸟教程小白 | 时间：2022-6-23 10:14 | 阅读：21 | 回复：0
CVE-2022-20678

A vulnerability in the AppNav-XE feature of Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service (DoS) conditio ...……

作者：菜鸟教程小白 | 时间：2022-6-23 10:14 | 阅读：21 | 回复：0
CVE-2022-20679

A vulnerability in the IPSec decryption routine of Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service (DoS) c ...……

作者：菜鸟教程小白 | 时间：2022-6-23 10:14 | 阅读：23 | 回复：0
CVE-2022-20681

A vulnerability in the CLI of Cisco IOS XE Software for Cisco Catalyst 9000 Family Switches and Cisco Catalyst 9000 Family Wireless Controllers could allow an authenticated, local attacker to elevate ...……

作者：菜鸟教程小白 | 时间：2022-6-23 10:14 | 阅读：24 | 回复：0
CVE-2022-20682

A vulnerability in the Control and Provisioning of Wireless Access Points (CAPWAP) protocol processing of Cisco IOS XE Wireless Controller Software for the Catalyst 9000 Family could allow an unauthen ...……

作者：菜鸟教程小白 | 时间：2022-6-23 10:14 | 阅读：32 | 回复：0
CVE-2022-20683

A vulnerability in the Application Visibility and Control (AVC-FNF) feature of Cisco IOS XE Software for Cisco Catalyst 9800 Series Wireless Controllers could allow an unauthenticated, remote attacker ...……

作者：菜鸟教程小白 | 时间：2022-6-23 10:14 | 阅读：27 | 回复：0
CVE-2022-20684

A vulnerability in Simple Network Management Protocol (SNMP) trap generation for wireless clients of Cisco IOS XE Wireless Controller Software for the Catalyst 9000 Family could allow an unauthenticat ...……

作者：菜鸟教程小白 | 时间：2022-6-23 10:14 | 阅读：24 | 回复：0
CVE-2022-20692

A vulnerability in the NETCONF over SSH feature of Cisco IOS XE Software could allow a low-privileged, authenticated, remote attacker to cause a denial of service condition (DoS) on an affected device ...……

作者：菜鸟教程小白 | 时间：2022-6-23 10:14 | 阅读：21 | 回复：0
CVE-2022-20693

A vulnerability in the web UI feature of Cisco IOS XE Software could allow an authenticated, remote attacker to perform an injection attack against an affected device. This vulnerability is due to ins ...……

作者：菜鸟教程小白 | 时间：2022-6-23 10:14 | 阅读：22 | 回复：0
CVE-2022-20694

A vulnerability in the implementation of the Resource Public Key Infrastructure (RPKI) feature of Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause the Border Gateway Prot ...……

作者：菜鸟教程小白 | 时间：2022-6-23 10:14 | 阅读：24 | 回复：0
CVE-2022-20695

A vulnerability in the authentication functionality of Cisco Wireless LAN Controller (WLC) Software could allow an unauthenticated, remote attacker to bypass authentication controls and log in to the ...……

作者：菜鸟教程小白 | 时间：2022-6-23 10:14 | 阅读：23 | 回复：0
CVE-2022-20697

A vulnerability in the web services interface of Cisco IOS Software and Cisco IOS XE Software could allow an authenticated, remote attacker to cause a denial of service (DoS) condition. This vulnerabi ...……

作者：菜鸟教程小白 | 时间：2022-6-23 10:14 | 阅读：23 | 回复：0
CVE-2022-20714

A vulnerability in the data plane microcode of Lightspeed-Plus line cards for Cisco ASR 9000 Series Aggregation Services Routers could allow an unauthenticated, remote attacker to cause the line card ...……

作者：菜鸟教程小白 | 时间：2022-6-23 10:14 | 阅读：22 | 回复：0
CVE-2022-20716

A vulnerability in the CLI of Cisco SD-WAN Software could allow an authenticated, local attacker to gain escalated privileges. This vulnerability is due to improper access control on files within the ...……

作者：菜鸟教程小白 | 时间：2022-6-23 10:14 | 阅读：27 | 回复：0
CVE-2022-20717

A vulnerability in the NETCONF process of Cisco SD-WAN vEdge Routers could allow an authenticated, local attacker to cause an affected device to run out of memory, resulting in a denial of service (Do ...……

作者：菜鸟教程小白 | 时间：2022-6-23 10:14 | 阅读：38 | 回复：0
CVE-2022-20718

Multiple vulnerabilities in the Cisco IOx application hosting environment on multiple Cisco platforms could allow an attacker to inject arbitrary commands into the underlying host operating system, ex ...……

作者：菜鸟教程小白 | 时间：2022-6-23 10:14 | 阅读：27 | 回复：0
CVE-2022-20719

Multiple vulnerabilities in the Cisco IOx application hosting environment on multiple Cisco platforms could allow an attacker to inject arbitrary commands into the underlying host operating system, ex ...……

作者：菜鸟教程小白 | 时间：2022-6-23 10:14 | 阅读：31 | 回复：0
CVE-2022-20720

Multiple vulnerabilities in the Cisco IOx application hosting environment on multiple Cisco platforms could allow an attacker to inject arbitrary commands into the underlying host operating system, ex ...……

作者：菜鸟教程小白 | 时间：2022-6-23 10:14 | 阅读：24 | 回复：0
CVE-2022-20721

Multiple vulnerabilities in the Cisco IOx application hosting environment on multiple Cisco platforms could allow an attacker to inject arbitrary commands into the underlying host operating system, ex ...……

作者：菜鸟教程小白 | 时间：2022-6-23 10:14 | 阅读：19 | 回复：0
CVE-2022-20722

Multiple vulnerabilities in the Cisco IOx application hosting environment on multiple Cisco platforms could allow an attacker to inject arbitrary commands into the underlying host operating system, ex ...……

作者：菜鸟教程小白 | 时间：2022-6-23 10:14 | 阅读：20 | 回复：0
CVE-2022-20723

Multiple vulnerabilities in the Cisco IOx application hosting environment on multiple Cisco platforms could allow an attacker to inject arbitrary commands into the underlying host operating system, ex ...……

作者：菜鸟教程小白 | 时间：2022-6-23 10:14 | 阅读：21 | 回复：0
CVE-2022-20724

Multiple vulnerabilities in the Cisco IOx application hosting environment on multiple Cisco platforms could allow an attacker to inject arbitrary commands into the underlying host operating system, ex ...……

作者：菜鸟教程小白 | 时间：2022-6-23 10:14 | 阅读：20 | 回复：0
CVE-2022-20725

Multiple vulnerabilities in the Cisco IOx application hosting environment on multiple Cisco platforms could allow an attacker to inject arbitrary commands into the underlying host operating system, ex ...……

作者：菜鸟教程小白 | 时间：2022-6-23 10:14 | 阅读：20 | 回复：0
CVE-2022-20726

Multiple vulnerabilities in the Cisco IOx application hosting environment on multiple Cisco platforms could allow an attacker to inject arbitrary commands into the underlying host operating system, ex ...……

作者：菜鸟教程小白 | 时间：2022-6-23 10:14 | 阅读：18 | 回复：0
CVE-2022-20727

Multiple vulnerabilities in the Cisco IOx application hosting environment on multiple Cisco platforms could allow an attacker to inject arbitrary commands into the underlying host operating system, ex ...……

作者：菜鸟教程小白 | 时间：2022-6-23 10:14 | 阅读：16 | 回复：0
CVE-2022-20731

Multiple vulnerabilities that affect Cisco Catalyst Digital Building Series Switches and Cisco Catalyst Micro Switches could allow an attacker to execute persistent code at boot time or to permanently ...……

作者：菜鸟教程小白 | 时间：2022-6-23 10:14 | 阅读：16 | 回复：0
CVE-2022-20735

A vulnerability in the web-based management interface of Cisco SD-WAN vManage Software could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack on an affec ...……

作者：菜鸟教程小白 | 时间：2022-6-23 10:14 | 阅读：16 | 回复：0
CVE-2022-20739

A vulnerability in the CLI of Cisco SD-WAN vManage Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system as the root user. The attacker ...……

作者：菜鸟教程小白 | 时间：2022-6-23 10:14 | 阅读：17 | 回复：0
CVE-2022-20747

A vulnerability in the History API of Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to gain access to sensitive information on an affected system. This vulnerability is d ...……

作者：菜鸟教程小白 | 时间：2022-6-23 10:14 | 阅读：17 | 回复：0
CVE-2022-20758

A vulnerability in the implementation of the Border Gateway Protocol (BGP) Ethernet VPN (EVPN) functionality in Cisco IOS XR Software could allow an unauthenticated, remote attacker to cause a denial ...……

作者：菜鸟教程小白 | 时间：2022-6-23 10:14 | 阅读：18 | 回复：0
CVE-2022-20761

A vulnerability in the integrated wireless access point (AP) packet processing of the Cisco 1000 Series Connected Grid Router (CGR1K) could allow an unauthenticated, adjacent attacker to cause a denia ...……

作者：菜鸟教程小白 | 时间：2022-6-23 10:14 | 阅读：19 | 回复：0
CVE-2022-27043

Yearning versions 2.3.1 and 2.3.2 Interstellar GA and 2.3.4 - 2.3.6 Neptune is vulnerable to Directory Traversal.……

作者：菜鸟教程小白 | 时间：2022-6-23 10:14 | 阅读：18 | 回复：0
CVE-2022-21159

A denial of service vulnerability exists in the parseNormalModeParameters functionality of MZ Automation GmbH libiec61850 1.5.0. A specially-crafted series of network requests can lead to denial of se ...……

作者：菜鸟教程小白 | 时间：2022-6-23 10:14 | 阅读：22 | 回复：0
CVE-2022-23865

Nyron 1.0 is affected by a SQL injection vulnerability through Nyron/Library/Catalog/winlibsrch.aspx. To exploit this vulnerability, an attacker must inject ' on the thes1 parameter.……

作者：菜鸟教程小白 | 时间：2022-6-23 10:14 | 阅读：20 | 回复：0
CVE-2022-27115

In Studio-42 elFinder 2.1.60, there is a vulnerability that causes remote code execution through file name bypass for file upload.……

作者：菜鸟教程小白 | 时间：2022-6-23 10:13 | 阅读：50 | 回复：0
CVE-2021-37291

An SQL Injection vulnerability exists in KevinLAB Inc Building Energy Management System 4ST BEMS 1.0.0 ivia the input_id POST parameter in index.php.……

作者：菜鸟教程小白 | 时间：2022-6-23 10:13 | 阅读：84 | 回复：0