CVE漏洞

OGeek|极客世界-中国程序员成长平台 › 门户 › 漏洞›CVE漏洞

RSS

CVE-2021-27761

Weak web transport security (Weak TLS): An attacker may be able to decrypt the data using attacks……

作者：菜鸟教程小白 | 时间：2022-6-23 09:33 | 阅读：23 | 回复：0
CVE-2021-27762

Misconfigured security-related HTTP headers: Several security-related headers were missing or mis-configured on the web responses……

作者：菜鸟教程小白 | 时间：2022-6-23 09:33 | 阅读：29 | 回复：0
CVE-2021-27764

Cookie without HTTPONLY flag set. NUMBER cookie(s) was set without Secure or HTTPOnly flags. The images show the cookie with the missing flag. (WebUI)……

作者：菜鸟教程小白 | 时间：2022-6-23 09:33 | 阅读：23 | 回复：0
CVE-2021-27765

The BigFix Server API installer is created with InstallShield, which was affected by CVE-2021-41526, a vulnerability that could allow a local user to perform a privilege escalation. This vulnerability ...……

作者：菜鸟教程小白 | 时间：2022-6-23 09:33 | 阅读：32 | 回复：0
CVE-2021-27766

The BigFix Client installer is created with InstallShield, which was affected by CVE-2021-41526, a vulnerability that could allow a local user to perform a privilege escalation. This vulnerability was ...……

作者：菜鸟教程小白 | 时间：2022-6-23 09:33 | 阅读：34 | 回复：0
CVE-2021-27767

The BigFix Console installer is created with InstallShield, which was affected by CVE-2021-41526, a vulnerability that could allow a local user to perform a privilege escalation. This vulnerability wa ...……

作者：菜鸟教程小白 | 时间：2022-6-23 09:33 | 阅读：42 | 回复：0
CVE-2022-23205

Adobe Photoshop versions 22.5.6 (and earlier)and 23.2.2 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current u ...……

作者：菜鸟教程小白 | 时间：2022-6-23 09:33 | 阅读：40 | 回复：0
CVE-2022-23802

Joomla Guru extension 5.2.5 is affected by: Insecure Permissions. The impact is: obtain sensitive information (remote). The component is: Access to private information and components, possibility to v ...……

作者：菜鸟教程小白 | 时间：2022-6-23 09:33 | 阅读：48 | 回复：0
CVE-2022-24098

Adobe Photoshop versions 22.5.6 (and earlier)and 23.2.2 (and earlier) are affected by an improper input validation vulnerability when parsing a PCX file that could result in arbitrary code execution i ...……

作者：菜鸟教程小白 | 时间：2022-6-23 09:33 | 阅读：74 | 回复：0
CVE-2022-24099

Adobe Photoshop versions 22.5.6 (and earlier)and 23.2.2 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage ...……

作者：菜鸟教程小白 | 时间：2022-6-23 09:33 | 阅读：158 | 回复：0
CVE-2022-24105

Adobe Photoshop versions 22.5.6 (and earlier)and 23.2.2 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current u ...……

作者：菜鸟教程小白 | 时间：2022-6-23 09:33 | 阅读：100 | 回复：0
CVE-2022-27783

Adobe After Effects versions 22.2.1 (and earlier) and 18.4.5 (and earlier) are affected by a stack overflow vulnerability due to insecure handling of a crafted file, potentially resulting in arbitrary ...……

作者：菜鸟教程小白 | 时间：2022-6-23 09:33 | 阅读：89 | 回复：0
CVE-2022-27784

Adobe After Effects versions 22.2.1 (and earlier) and 18.4.5 (and earlier) are affected by a stack overflow vulnerability due to insecure handling of a crafted file, potentially resulting in arbitrary ...……

作者：菜鸟教程小白 | 时间：2022-6-23 09:33 | 阅读：84 | 回复：0
CVE-2022-27909

In Joomla component 'jDownloads 3.9.8.2 Stable' the remote user can change some parameters in the address bar and see the names of other users' files……

作者：菜鸟教程小白 | 时间：2022-6-23 09:33 | 阅读：103 | 回复：0
CVE-2022-28270

Adobe Photoshop versions 22.5.6 (and earlier) and 23.2.2 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current ...……

作者：菜鸟教程小白 | 时间：2022-6-23 09:33 | 阅读：77 | 回复：0
CVE-2022-28271

Adobe Photoshop versions 22.5.6 (and earlier)and 23.2.2 (and earlier) are affected by a use-after-free vulnerability that could result in arbitrary code execution in the context of the current user. E ...……

作者：菜鸟教程小白 | 时间：2022-6-23 09:33 | 阅读：60 | 回复：0
CVE-2022-28272

Adobe Photoshop versions 22.5.6 (and earlier) and 23.2.2 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current ...……

作者：菜鸟教程小白 | 时间：2022-6-23 09:33 | 阅读：44 | 回复：0
CVE-2022-28273

Adobe Photoshop versions 22.5.6 (and earlier) and 23.2.2 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current ...……

作者：菜鸟教程小白 | 时间：2022-6-23 09:33 | 阅读：28 | 回复：0
CVE-2022-28274

Adobe Photoshop versions 22.5.6 (and earlier) and 23.2.2 (and earlier) are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an ...……

作者：菜鸟教程小白 | 时间：2022-6-23 09:33 | 阅读：32 | 回复：0
CVE-2022-28275

Adobe Photoshop versions 22.5.6 (and earlier) and 23.2.2 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current ...……

作者：菜鸟教程小白 | 时间：2022-6-23 09:33 | 阅读：28 | 回复：0
CVE-2022-28276

Adobe Photoshop versions 22.5.6 (and earlier) and 23.2.2 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current ...……

作者：菜鸟教程小白 | 时间：2022-6-23 09:33 | 阅读：25 | 回复：0
CVE-2022-28277

Adobe Photoshop versions 22.5.6 (and earlier) and 23.2.2 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current ...……

作者：菜鸟教程小白 | 时间：2022-6-23 09:33 | 阅读：26 | 回复：0
CVE-2022-28278

Adobe Photoshop versions 22.5.6 (and earlier) and 23.2.2 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current ...……

作者：菜鸟教程小白 | 时间：2022-6-23 09:33 | 阅读：27 | 回复：0
CVE-2022-28279

Adobe Photoshop versions 22.5.6 (and earlier)and 23.2.2 (and earlier) are affected by a use-after-free vulnerability that could result in arbitrary code execution in the context of the current user. E ...……

作者：菜鸟教程小白 | 时间：2022-6-23 09:33 | 阅读：37 | 回复：0
CVE-2022-29422

Multiple Authenticated (admin+) Persistent Cross-Site Scripting (XSS) vulnerabilities in Adam Skaat's Countdown Clock plugin = 2.3.2 at WordPress via ycd-countdown-width, ycd-progress-height, ycd ...……

作者：菜鸟教程小白 | 时间：2022-6-23 09:33 | 阅读：54 | 回复：0
CVE-2022-29423

Pro Features Lock Bypass vulnerability in Countdown Clock plugin = 2.3.2 at WordPress.……

作者：菜鸟教程小白 | 时间：2022-6-23 09:33 | 阅读：45 | 回复：0
CVE-2021-23592

The package topthink/framework before 6.0.12 are vulnerable to Deserialization of Untrusted Data due to insecure unserialize method in the Driver class.……

作者：菜鸟教程小白 | 时间：2022-6-23 09:33 | 阅读：53 | 回复：0
CVE-2021-23792

The package com.twelvemonkeys.imageio:imageio-metadata before 3.7.1 are vulnerable to XML External Entity (XXE) Injection due to an insecurely initialized XML parser for reading XMP Metadata. An attac ...……

作者：菜鸟教程小白 | 时间：2022-6-23 09:33 | 阅读：49 | 回复：0
CVE-2022-25324

All versions of package bignum are vulnerable to Denial of Service (DoS) due to a type-check exception in V8, when verifying the type of the second argument to the .powm function, V8 will crash regard ...……

作者：菜鸟教程小白 | 时间：2022-6-23 09:33 | 阅读：65 | 回复：0
CVE-2022-29180

A vulnerability in which attackers could forge HTTP requests to manipulate the `charm` data directory to access or delete anything on the server. This has been patched and is available in release (htt ...……

作者：菜鸟教程小白 | 时间：2022-6-23 09:33 | 阅读：77 | 回复：0
CVE-2022-30330

In the KeepKey firmware before 7.3.2, the bootloader can be exploited in unusual situations in which the attacker has physical access, convinces the victim to install malicious firmware, or has unspec ...……

作者：菜鸟教程小白 | 时间：2022-6-23 09:33 | 阅读：123 | 回复：0
CVE-2022-30334

Brave before 1.34, when a Private Window with Tor Connectivity is used, leaks .onion URLs in Referer and Origin headers. NOTE: although this was fixed by Brave, the Brave documentation still advises N ...……

作者：菜鸟教程小白 | 时间：2022-6-23 09:33 | 阅读：85 | 回复：0
CVE-2022-1616

Use after free in append_command in GitHub repository vim/vim prior to 8.2.4895. This vulnerability is capable of crashing software, Bypass Protection Mechanism, Modify Memory, and possible remote exe ...……

作者：菜鸟教程小白 | 时间：2022-6-23 09:33 | 阅读：67 | 回复：0
CVE-2018-25033

ADMesh through 0.98.4 has a heap-based buffer over-read in stl_update_connects_remove_1 (called from stl_remove_degenerate) in connect.c in libadmesh.a.……

作者：菜鸟教程小白 | 时间：2022-6-23 09:33 | 阅读：65 | 回复：0
CVE-2022-1619

Heap-based Buffer Overflow in function cmdline_erase_chars in GitHub repository vim/vim prior to 8.2.4899. This vulnerabilities are capable of crashing software, modify memory, and possible remote exe ...……

作者：菜鸟教程小白 | 时间：2022-6-23 09:33 | 阅读：53 | 回复：0
CVE-2022-1620

NULL Pointer Dereference in function vim_regexec_string at regexp.c:2729 in GitHub repository vim/vim prior to 8.2.4901. NULL Pointer Dereference in function vim_regexec_string at regexp.c:2729 allows ...……

作者：菜鸟教程小白 | 时间：2022-6-23 09:33 | 阅读：65 | 回复：0
CVE-2022-28470

marcador package in PyPI 0.1 through 0.13 included a code-execution backdoor.……

作者：菜鸟教程小白 | 时间：2022-6-23 09:33 | 阅读：44 | 回复：0
CVE-2022-28463

ImageMagick 7.1.0-27 is vulnerable to Buffer Overflow.……

作者：菜鸟教程小白 | 时间：2022-6-23 09:33 | 阅读：41 | 回复：0
CVE-2022-23066

In Solana rBPF versions 0.2.26 and 0.2.27 are affected by Incorrect Calculation which is caused by improper implementation of sdiv instruction. This can lead to the wrong execution path, resulting in ...……

作者：菜鸟教程小白 | 时间：2022-6-23 09:33 | 阅读：48 | 回复：0
CVE-2022-30333

RARLAB UnRAR before 6.12 on Linux and UNIX allows directory traversal to write to files during an extract (aka unpack) operation, as demonstrated by creating a ~/.ssh/authorized_keys file. NOTE: WinRA ...……

作者：菜鸟教程小白 | 时间：2022-6-23 09:33 | 阅读：61 | 回复：0