CVE漏洞

OGeek|极客世界-中国程序员成长平台 › 门户 › 漏洞›CVE漏洞

RSS

CVE-2022-22087

memory corruption in video due to buffer overflow while parsing mkv clip with no codechecker in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Indust ...……

作者：菜鸟教程小白 | 时间：2022-6-23 09:05 | 阅读：75 | 回复：0
CVE-2022-22090

Memory corruption in audio due to use after free while managing buffers from internal cache in Snapdragon Compute, Snapdragon Connectivity, Snapdragon Mobile……

作者：菜鸟教程小白 | 时间：2022-6-23 09:05 | 阅读：96 | 回复：0
CVE-2022-22103

Memory corruption in multimedia driver due to double free while processing data from user in Snapdragon Auto……

作者：菜鸟教程小白 | 时间：2022-6-23 09:05 | 阅读：141 | 回复：0
CVE-2022-25651

Memory corruption in bluetooth host due to integer overflow while processing BT HFP-UNIT profile in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon V ...……

作者：菜鸟教程小白 | 时间：2022-6-23 09:05 | 阅读：93 | 回复：0
CVE-2022-26476

A vulnerability has been identified in Spectrum Power 4 (All versions using Shared HIS), Spectrum Power 7 (All versions using Shared HIS), Spectrum Power MGMS (All versions using Shared HIS). An unaut ...……

作者：菜鸟教程小白 | 时间：2022-6-23 09:05 | 阅读：93 | 回复：0
CVE-2022-27219

A vulnerability has been identified in SINEMA Remote Connect Server (All versions V3.0 SP2). Affected application is missing general HTTP security headers in the web server configured on port 443. Th ...……

作者：菜鸟教程小白 | 时间：2022-6-23 09:05 | 阅读：69 | 回复：0
CVE-2022-27220

A vulnerability has been identified in SINEMA Remote Connect Server (All versions V3.0 SP2). Affected application is missing general HTTP security headers in the web server configured on port 6220. T ...……

作者：菜鸟教程小白 | 时间：2022-6-23 09:05 | 阅读：40 | 回复：0
CVE-2022-27221

A vulnerability has been identified in SINEMA Remote Connect Server (All versions V3.1). An attacker in machine-in-the-middle could obtain plaintext secret values by observing length differences duri ...……

作者：菜鸟教程小白 | 时间：2022-6-23 09:05 | 阅读：28 | 回复：0
CVE-2022-29034

A vulnerability has been identified in SINEMA Remote Connect Server (All versions V3.1). An error message pop up window in the web interface of the affected application does not prevent injection of ...……

作者：菜鸟教程小白 | 时间：2022-6-23 09:05 | 阅读：22 | 回复：0
CVE-2022-30228

A vulnerability has been identified in SICAM GridEdge Essential ARM (All versions V2.6.6), SICAM GridEdge Essential Intel (All versions V2.6.6), SICAM GridEdge Essential with GDS ARM (All versions ...……

作者：菜鸟教程小白 | 时间：2022-6-23 09:05 | 阅读：19 | 回复：0
CVE-2022-30229

A vulnerability has been identified in SICAM GridEdge Essential ARM (All versions V2.6.6), SICAM GridEdge Essential Intel (All versions V2.6.6), SICAM GridEdge Essential with GDS ARM (All versions ...……

作者：菜鸟教程小白 | 时间：2022-6-23 09:05 | 阅读：18 | 回复：0
CVE-2022-30230

A vulnerability has been identified in SICAM GridEdge Essential ARM (All versions V2.6.6), SICAM GridEdge Essential Intel (All versions V2.6.6), SICAM GridEdge Essential with GDS ARM (All versions ...……

作者：菜鸟教程小白 | 时间：2022-6-23 09:05 | 阅读：17 | 回复：0
CVE-2022-30231

A vulnerability has been identified in SICAM GridEdge Essential ARM (All versions V2.6.6), SICAM GridEdge Essential Intel (All versions V2.6.6), SICAM GridEdge Essential with GDS ARM (All versions ...……

作者：菜鸟教程小白 | 时间：2022-6-23 09:05 | 阅读：18 | 回复：0
CVE-2022-30937

A vulnerability has been identified in EN100 Ethernet module DNP3 IP variant (All versions), EN100 Ethernet module IEC 104 variant (All versions), EN100 Ethernet module IEC 61850 variant (All versions ...……

作者：菜鸟教程小白 | 时间：2022-6-23 09:05 | 阅读：15 | 回复：0
CVE-2022-31465

A vulnerability has been identified in Xpedition Designer (All versions VX.2.11). The affected application assigns improper access rights to the service executable. This could allow an authenticated ...……

作者：菜鸟教程小白 | 时间：2022-6-23 09:05 | 阅读：17 | 回复：0
CVE-2022-31619

A vulnerability has been identified in Teamcenter V12.4 (All versions V12.4.0.13), Teamcenter V13.0 (All versions V13.0.0.9), Teamcenter V13.1 (All versions V13.1.0.9), Teamcenter V13.2 (All versio ...……

作者：菜鸟教程小白 | 时间：2022-6-23 09:05 | 阅读：11 | 回复：0
CVE-2022-32145

A vulnerability has been identified in Teamcenter Active Workspace V5.2 (All versions V5.2.9), Teamcenter Active Workspace V6.0 (All versions V6.0.3). A reflected cross-site scripting (XSS) vulnerab ...……

作者：菜鸟教程小白 | 时间：2022-6-23 09:05 | 阅读：11 | 回复：0
CVE-2022-32251

A vulnerability has been identified in SINEMA Remote Connect Server (All versions V3.1). There is a missing authentication verification for a resource used to change the roles and permissions of a us ...……

作者：菜鸟教程小白 | 时间：2022-6-23 09:05 | 阅读：11 | 回复：0
CVE-2022-32252

A vulnerability has been identified in SINEMA Remote Connect Server (All versions V3.1). The application does not perform the integrity check of the update packages. Without validation, an admin user ...……

作者：菜鸟教程小白 | 时间：2022-6-23 09:05 | 阅读：10 | 回复：0
CVE-2022-32253

A vulnerability has been identified in SINEMA Remote Connect Server (All versions V3.1). Due to improper input validation, the OpenSSL certificate's password could be printed to a file reachable ...……

作者：菜鸟教程小白 | 时间：2022-6-23 09:05 | 阅读：10 | 回复：0
CVE-2022-32254

A vulnerability has been identified in SINEMA Remote Connect Server (All versions V3.1). A customized HTTP POST request could force the application to write the status of a given user to a log file, ...……

作者：菜鸟教程小白 | 时间：2022-6-23 09:05 | 阅读：10 | 回复：0
CVE-2022-32255

A vulnerability has been identified in SINEMA Remote Connect Server (All versions V3.1). The affected application consists of a web service that lacks proper access control for some of the endpoints. ...……

作者：菜鸟教程小白 | 时间：2022-6-23 09:05 | 阅读：9 | 回复：0
CVE-2022-32256

A vulnerability has been identified in SINEMA Remote Connect Server (All versions V3.1). The affected application consists of a web service that lacks proper access control for some of the endpoints. ...……

作者：菜鸟教程小白 | 时间：2022-6-23 09:05 | 阅读：8 | 回复：0
CVE-2022-32258

A vulnerability has been identified in SINEMA Remote Connect Server (All versions V3.1). The affected application contains an older feature that allows to import device configurations via a specific ...……

作者：菜鸟教程小白 | 时间：2022-6-23 09:05 | 阅读：8 | 回复：0
CVE-2022-32259

A vulnerability has been identified in SINEMA Remote Connect Server (All versions V3.1). The system images for installation or update of the affected application contain unit test scripts with sensit ...……

作者：菜鸟教程小白 | 时间：2022-6-23 09:05 | 阅读：8 | 回复：0
CVE-2022-32260

A vulnerability has been identified in SINEMA Remote Connect Server (All versions V3.1). The affected application creates temporary user credentials for UMC (User Management Component) users. An atta ...……

作者：菜鸟教程小白 | 时间：2022-6-23 09:05 | 阅读：8 | 回复：0
CVE-2022-32261

A vulnerability has been identified in SINEMA Remote Connect Server (All versions V3.1). The affected application contains a misconfiguration in the APT update. This could allow an attacker to add in ...……

作者：菜鸟教程小白 | 时间：2022-6-23 09:05 | 阅读：6 | 回复：0
CVE-2022-32262

A vulnerability has been identified in SINEMA Remote Connect Server (All versions V3.1). The affected application contains a file upload server that is vulnerable to command injection. An attacker co ...……

作者：菜鸟教程小白 | 时间：2022-6-23 09:05 | 阅读：6 | 回复：0
CVE-2022-32285

A vulnerability has been identified in Mendix SAML Module (Mendix 7 compatible) (All versions V1.16.6), Mendix SAML Module (Mendix 8 compatible) (All versions V2.2.2), Mendix SAML Module (Mendix 9 c ...……

作者：菜鸟教程小白 | 时间：2022-6-23 09:05 | 阅读：7 | 回复：0
CVE-2022-32286

A vulnerability has been identified in Mendix SAML Module (Mendix 7 compatible) (All versions V1.16.6), Mendix SAML Module (Mendix 8 compatible) (All versions V2.2.2), Mendix SAML Module (Mendix 9 c ...……

作者：菜鸟教程小白 | 时间：2022-6-23 09:05 | 阅读：7 | 回复：0
CVE-2021-40633

A memory leak (out-of-memory) in gif2rgb in util/gif2rgb.c in giflib 5.1.4 allows remote attackers trigger an out of memory exception or denial of service via a gif format file.……

作者：菜鸟教程小白 | 时间：2022-6-23 09:05 | 阅读：7 | 回复：0
CVE-2021-40658

Textpattern 4.8.7 is affected by a HTML injection vulnerability through “ContentWriteBody”.……

作者：菜鸟教程小白 | 时间：2022-6-23 09:05 | 阅读：5 | 回复：0
CVE-2021-40678

In Piwigo 11.5.0, there exists a persistent cross-site scripting in the single mode function through /admin.php?page=batch_managermode=unit.……

作者：菜鸟教程小白 | 时间：2022-6-23 09:05 | 阅读：5 | 回复：0
CVE-2022-31273

An issue in TopIDP3000 Topsec Operating System tos_3.3.005.665b.15_smpidp allows attackers to perform a brute-force attack via a crafted session_id cookie.……

作者：菜鸟教程小白 | 时间：2022-6-23 09:05 | 阅读：5 | 回复：0
CVE-2021-40660

An issue was discovered in Delight Nashorn Sandbox 0.2.0. There is an ReDoS vulnerability that can be exploited to launching a denial of service (DoS) attack.……

作者：菜鸟教程小白 | 时间：2022-6-23 09:05 | 阅读：5 | 回复：0
CVE-2022-27889

The Multipass service was found to have code paths that could be abused to cause a denial of service for authentication or authorization operations. A malicious attacker could perform an application-l ...……

作者：菜鸟教程小白 | 时间：2022-6-23 09:05 | 阅读：5 | 回复：0
CVE-2022-31308

A vulnerability in live_mfg.shtml of WAVLINK AERIAL X 1200M M79X3.V5030.191012 allows attackers to obtain sensitive router information via execution of the exec cmd function.……

作者：菜鸟教程小白 | 时间：2022-6-23 09:05 | 阅读：5 | 回复：0
CVE-2022-31309

A vulnerability in live_check.shtml of WAVLINK AERIAL X 1200M M79X3.V5030.180719 allows attackers to obtain sensitive router information via execution of the exec cmd function.……

作者：菜鸟教程小白 | 时间：2022-6-23 09:05 | 阅读：5 | 回复：0
CVE-2022-31311

An issue in adm.cgi of WAVLINK AERIAL X 1200M M79X3.V5030.180719 allows attackers to execute arbitrary commands via a crafted POST request.……

作者：菜鸟教程小白 | 时间：2022-6-23 09:05 | 阅读：5 | 回复：0
CVE-2022-31845

A vulnerability in live_check.shtml of WAVLINK WN535 G3 M35G3R.V5030.180927 allows attackers to obtain sensitive router information via execution of the exec cmd function.……

作者：菜鸟教程小白 | 时间：2022-6-23 09:05 | 阅读：5 | 回复：0