CVE漏洞

OGeek|极客世界-中国程序员成长平台 › 门户 › 漏洞›CVE漏洞

RSS

CVE-2022-29140

Windows Print Spooler Information Disclosure Vulnerability. This CVE ID is unique from CVE-2022-29114.……

作者：菜鸟教程小白 | 时间：2022-6-23 09:34 | 阅读：40 | 回复：0
CVE-2022-29141

Windows LDAP Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-22012, CVE-2022-22013, CVE-2022-22014, CVE-2022-29128, CVE-2022-29129, CVE-2022-29130, CVE-2022-29131, CVE-2022-29 ...……

作者：菜鸟教程小白 | 时间：2022-6-23 09:34 | 阅读：32 | 回复：0
CVE-2022-29142

Windows Kernel Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-29133.……

作者：菜鸟教程小白 | 时间：2022-6-23 09:34 | 阅读：38 | 回复：0
CVE-2022-29145

.NET and Visual Studio Denial of Service Vulnerability. This CVE ID is unique from CVE-2022-23267, CVE-2022-29117.……

作者：菜鸟教程小白 | 时间：2022-6-23 09:34 | 阅读：37 | 回复：0
CVE-2022-29148

Visual Studio Remote Code Execution Vulnerability.……

作者：菜鸟教程小白 | 时间：2022-6-23 09:34 | 阅读：41 | 回复：0
CVE-2022-29150

Windows Cluster Shared Volume (CSV) Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-29135, CVE-2022-29151.……

作者：菜鸟教程小白 | 时间：2022-6-23 09:34 | 阅读：41 | 回复：0
CVE-2022-29151

Windows Cluster Shared Volume (CSV) Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-29135, CVE-2022-29150.……

作者：菜鸟教程小白 | 时间：2022-6-23 09:34 | 阅读：51 | 回复：0
CVE-2022-30129

Visual Studio Code Remote Code Execution Vulnerability.……

作者：菜鸟教程小白 | 时间：2022-6-23 09:34 | 阅读：49 | 回复：0
CVE-2022-30130

.NET Framework Denial of Service Vulnerability.……

作者：菜鸟教程小白 | 时间：2022-6-23 09:34 | 阅读：48 | 回复：0
CVE-2022-26116

Multiple improper neutralization of special elements used in SQL commands ('SQL Injection') vulnerability in FortiNAC version 8.3.7 and below, 8.5.2 and below, 8.5.4, 8.6.0, 8.6.5 and below, ...……

作者：菜鸟教程小白 | 时间：2022-6-23 09:34 | 阅读：47 | 回复：0
CVE-2020-19228

An issue was found in bludit v3.13.0, unsafe implementation of the backup plugin allows attackers to upload arbitrary files.……

作者：菜鸟教程小白 | 时间：2022-6-23 09:34 | 阅读：55 | 回复：0
CVE-2021-3254

Asus DSL-N14U-B1 1.1.2.3_805 allows remote attackers to cause a Denial of Service (DoS) via a TCP SYN scan using nmap.……

作者：菜鸟教程小白 | 时间：2022-6-23 09:34 | 阅读：59 | 回复：0
CVE-2022-29316

Complete Online Job Search System v1.0 was discovered to contain a SQL injection vulnerability via /eris/index.php?q=resultsearchfor=advancesearch.……

作者：菜鸟教程小白 | 时间：2022-6-23 09:34 | 阅读：58 | 回复：0
CVE-2022-29317

Simple Bus Ticket Booking System v1.0 was discovered to contain multiple SQL injection vulnerbilities via the username and password parameters at /assets/partials/_handleLogin.php.……

作者：菜鸟教程小白 | 时间：2022-6-23 09:34 | 阅读：57 | 回复：0
CVE-2022-29318

An arbitrary file upload vulnerability in the New Entry module of Car Rental Management System v1.0 allows attackers to execute arbitrary code via a crafted PHP file.……

作者：菜鸟教程小白 | 时间：2022-6-23 09:34 | 阅读：83 | 回复：0
CVE-2022-29655

An arbitrary file upload vulnerability in the Upload Photos module of Wedding Management System v1.0 allows attackers to execute arbitrary code via a crafted PHP file.……

作者：菜鸟教程小白 | 时间：2022-6-23 09:34 | 阅读：105 | 回复：0
CVE-2022-29656

Wedding Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /Wedding-Management/package_detail.php.……

作者：菜鸟教程小白 | 时间：2022-6-23 09:34 | 阅读：139 | 回复：0
CVE-2022-29727

Survey Sparrow Enterprise Survey Software 2022 has a Stored cross-site scripting (XSS) vulnerability in the Signup parameter.……

作者：菜鸟教程小白 | 时间：2022-6-23 09:34 | 阅读：228 | 回复：0
CVE-2022-29728

Survey Sparrow Enterprise Survey Software 2022 has a Reflected cross-site scripting (XSS) vulnerability in the test parameter.……

作者：菜鸟教程小白 | 时间：2022-6-23 09:34 | 阅读：129 | 回复：0
CVE-2022-29975

An Authenticated Reflected Cross-site scripting at CC Parameter was discovered in MDaemon before 22.0.0 .……

作者：菜鸟教程小白 | 时间：2022-6-23 09:34 | 阅读：91 | 回复：0
CVE-2022-29976

An Authenticated Reflected Cross-site scripting at BCC Parameter was discovered in MDaemon before 22.0.0 .……

作者：菜鸟教程小白 | 时间：2022-6-23 09:34 | 阅读：86 | 回复：0
CVE-2022-28077

Home Owners Collection Management v1 was discovered to contain a reflected cross-site scripting (XSS) vulnerability in the Admin panel via the $_GET parameter.……

作者：菜鸟教程小白 | 时间：2022-6-23 09:34 | 阅读：91 | 回复：0
CVE-2022-28078

Home Owners Collection Management v1 was discovered to contain a reflected cross-site scripting (XSS) vulnerability in the Admin panel via the $_GET parameter.……

作者：菜鸟教程小白 | 时间：2022-6-23 09:34 | 阅读：133 | 回复：0
CVE-2022-29006

Multiple SQL injection vulnerabilities via the username and password parameters in the Admin panel of Directory Management System v1.0 allows attackers to bypass authentication.……

作者：菜鸟教程小白 | 时间：2022-6-23 09:34 | 阅读：151 | 回复：0
CVE-2022-29007

Multiple SQL injection vulnerabilities via the username and password parameters in the Admin panel of Dairy Farm Shop Management System v1.0 allows attackers to bypass authentication.……

作者：菜鸟教程小白 | 时间：2022-6-23 09:34 | 阅读：107 | 回复：0
CVE-2022-29008

An insecure direct object reference (IDOR) vulnerability in the viewid parameter of Bus Pass Management System v1.0 allows attackers to access sensitive information.……

作者：菜鸟教程小白 | 时间：2022-6-23 09:34 | 阅读：79 | 回复：0
CVE-2022-29009

Multiple SQL injection vulnerabilities via the username and password parameters in the Admin panel of Cyber Cafe Management System Project v1.0 allows attackers to bypass authentication.……

作者：菜鸟教程小白 | 时间：2022-6-23 09:34 | 阅读：76 | 回复：0
CVE-2022-29932

The HTTP Server in PRIMEUR SPAZIO 2.5.1.954 (File Transfer) allows an unauthenticated attacker to obtain sensitive data (related to the content of transferred files) via a crafted HTTP request.……

作者：菜鸟教程小白 | 时间：2022-6-23 09:34 | 阅读：63 | 回复：0
CVE-2022-29977

There is an assertion failure error in stbi__jpeg_huff_decode, stb_image.h:1894 in libsixel img2sixel 1.8.6. Remote attackers could leverage this vulnerability to cause a denial-of-service via a craft ...……

作者：菜鸟教程小白 | 时间：2022-6-23 09:34 | 阅读：69 | 回复：0
CVE-2022-29978

There is a floating point exception error in sixel_encoder_do_resize, encoder.c:633 in libsixel img2sixel 1.8.6. Remote attackers could leverage this vulnerability to cause a denial-of-service via a c ...……

作者：菜鸟教程小白 | 时间：2022-6-23 09:34 | 阅读：57 | 回复：0
CVE-2021-34605

A zip slip vulnerability in XINJE XD/E Series PLC Program Tool up to version v3.5.1 can provide an attacker with arbitrary file write privilege when opening a specially-crafted project file. This vuln ...……

作者：菜鸟教程小白 | 时间：2022-6-23 09:34 | 阅读：49 | 回复：0
CVE-2021-34606

A vulnerability exists in XINJE XD/E Series PLC Program Tool in versions up to v3.5.1 that can allow an authenticated, local attacker to load a malicious DLL. Local access is required to successfully ...……

作者：菜鸟教程小白 | 时间：2022-6-23 09:34 | 阅读：45 | 回复：0
CVE-2021-37851

Local privilege escalation in Windows products of ESET allows user who is logged into the system to exploit repair feature of the installer to run malicious code with higher privileges. This issue aff ...……

作者：菜鸟教程小白 | 时间：2022-6-23 09:34 | 阅读：55 | 回复：0
CVE-2021-42651

A Server Side Template Injection (SSTI) vulnerability in Pentest-Collaboration-Framework v1.0.8 allows an authenticated remote attacker to execute arbitrary code through /project/PROJECTNAME/reports/.……

作者：菜鸟教程小白 | 时间：2022-6-23 09:34 | 阅读：50 | 回复：0
CVE-2021-43081

An improper neutralization of input during web page generation vulnerability in FortiOS version 7.0.3 and below, 6.4.8 and below, 6.2.10 and below, 6.0.14 to 6.0.0. and in FortiProxy version 7.0.1 an ...……

作者：菜鸟教程小白 | 时间：2022-6-23 09:34 | 阅读：39 | 回复：0
CVE-2021-44167

An incorrect permission assignment for critical resource vulnerability in FortiClient for Linux version 6.0.8 and below, 6.2.9 and below, 6.4.7 and below, 7.0.2 and below may allow an unauthenticated ...……

作者：菜鸟教程小白 | 时间：2022-6-23 09:34 | 阅读：41 | 回复：0
CVE-2022-1124

An improper authorization issue has been discovered in GitLab CE/EE affecting all versions prior to 14.8.6, all versions from 14.9.0 prior to 14.9.4, and 14.10.0, allowing Guest project members to acc ...……

作者：菜鸟教程小白 | 时间：2022-6-23 09:34 | 阅读：34 | 回复：0
CVE-2022-1352

Due to an insecure direct object reference vulnerability in Gitlab EE/CE affecting all versions from 11.0 prior to 14.8.6, 14.9 prior to 14.9.4, and 14.10 prior to 14.10.1, an endpoint may reveal the ...……

作者：菜鸟教程小白 | 时间：2022-6-23 09:34 | 阅读：37 | 回复：0
CVE-2022-1406

Improper input validation in GitLab CE/EE affecting all versions from 8.12 prior to 14.8.6, all versions from 14.9.0 prior to 14.9.4, and 14.10.0 allows a Developer to read protected Group or Project ...……

作者：菜鸟教程小白 | 时间：2022-6-23 09:34 | 阅读：35 | 回复：0
CVE-2022-1426

An issue has been discovered in GitLab affecting all versions starting from 12.6 before 14.8.6, all versions starting from 14.9 before 14.9.4, all versions starting from 14.10 before 14.10.1. GitLab w ...……

作者：菜鸟教程小白 | 时间：2022-6-23 09:34 | 阅读：40 | 回复：0