• 设为首页
  • 点击收藏
  • 手机版
    手机扫一扫访问
    迪恩网络手机版
  • 关注官方公众号
    微信扫一扫关注
    迪恩网络公众号

CVE漏洞

RSS
  • CVE-2022-0571
    CVE-2022-0571
    Cross-site Scripting (XSS) - Reflected in GitHub repository phoronix-test-suite/phoronix-test-suite prior to 10.8.2.……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:15 | 回复:0
  • CVE-2022-0572
    CVE-2022-0572
    Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2.……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:14 | 回复:0
  • CVE-2022-0575
    CVE-2022-0575
    Cross-site Scripting (XSS) - Stored in Packagist librenms/librenms prior to 22.2.0.……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:13 | 回复:0
  • CVE-2022-0576
    CVE-2022-0576
    Cross-site Scripting (XSS) - Generic in Packagist librenms/librenms prior to 22.1.0.……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:13 | 回复:0
  • CVE-2022-24110
    CVE-2022-24110
    Kiteworks MFT 7.5 may allow an unauthorized user to reset other users' passwords. This is fixed in version 7.6 and later.……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:10 | 回复:0
  • CVE-2022-24976
    CVE-2022-24976
    Atheme IRC Services before 7.2.12, when used in conjunction with InspIRCd, allows authentication bypass by ending an IRC handshake at a certain point during a challenge-response login sequence.……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:9 | 回复:0
  • CVE-2022-24977
    CVE-2022-24977
    ImpressCMS before 1.4.2 allows unauthenticated remote code execution via ...../// directory traversal in origName or imageName, leading to unsafe interaction with the CKEditor processImage.php script. ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:10 | 回复:0
  • CVE-2021-45420
    CVE-2021-45420
    ** UNSUPPORTED WHEN ASSIGNED ** Emerson Dixell XWEB-500 products are affected by arbitrary file write vulnerability in /cgi-bin/logo_extra_upload.cgi, /cgi-bin/cal_save.cgi, and /cgi-bin/lo_utils.cgi. ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:11 | 回复:0
  • CVE-2021-45421
    CVE-2021-45421
    ** UNSUPPORTED WHEN ASSIGNED ** Emerson Dixell XWEB-500 products are affected by information disclosure via directory listing. A potential attacker can use this misconfiguration to access all the file ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:14 | 回复:0
  • CVE-2022-24686
    CVE-2022-24686
    HashiCorp Nomad and Nomad Enterprise 0.3.0 through 1.0.17, 1.1.11, and 1.2.5 artifact download functionality has a race condition such that the Nomad client agent could download the wrong artifact int ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:12 | 回复:0
  • CVE-2021-46371
    CVE-2021-46371
    antd-admin 5.5.0 is affected by an incorrect access control vulnerability. Unauthorized access to some interfaces in the foreground leads to leakage of sensitive information.……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:13 | 回复:0
  • CVE-2022-0512
    CVE-2022-0512
    Authorization Bypass Through User-Controlled Key in NPM url-parse prior to 1.5.6.……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:18 | 回复:0
  • CVE-2021-45392
    CVE-2021-45392
    A Buffer Overflow vulnerability exists in Tenda Router AX12 V22.03.01.21_CN in the sub_422CE4 function in page /goform/setIPv6Status via the prefixDelegate parameter, which causes a Denial of Service.……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:15 | 回复:0
  • CVE-2021-39079
    CVE-2021-39079
    IBM Cognos Analytics Mobile for Android applications prior to version 1.1.14 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thu ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:20 | 回复:0
  • CVE-2021-39080
    CVE-2021-39080
    Due to weak obfuscation, IBM Cognos Analytics Mobile for Android application prior to version 1.1.14 , an attacker could be able to reverse engineer the codebase to gain knowledge about the programmin ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:20 | 回复:0
  • CVE-2022-22854
    CVE-2022-22854
    An access control issue in hprms/admin/?page=user/list of Hospital Patient Record Management System v1.0 allows attackers to escalate privileges via accessing and editing the user list.……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:19 | 回复:0
  • CVE-2022-23367
    CVE-2022-23367
    Fulusso v1.1 was discovered to contain a DOM-based cross-site scripting (XSS) vulnerability in /BindAccount/SuccessTips.js. This vulnerability allows attackers to inject malicious code into a victim u ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:18 | 回复:0
  • CVE-2021-45346
    CVE-2021-45346
    A Memory Leak vulnerabilty exists in SQLite Project SQLite3 3.35.1 and 3.37.0 via maliciously crafted SQL Queries (made via editing the Database File), it is possible to query a record, and leak subse ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:19 | 回复:0
  • CVE-2021-45347
    CVE-2021-45347
    An Incorrect Access Control vulnerability exists in zzcms 8.2, which lets a malicious user bypass authentication by changing the user name in the cookie to use any password.……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:16 | 回复:0
  • CVE-2022-0579
    CVE-2022-0579
    Improper Privilege Management in Packagist snipe/snipe-it prior to 5.3.9.……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:17 | 回复:0
  • CVE-2022-25150
    CVE-2022-25150
    In Malwarebytes Binisoft Windows Firewall Control before 6.8.1.0, programs executed from the Tools tab can be used to escalate privileges.……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:19 | 回复:0
  • CVE-2019-16864
    CVE-2019-16864
    CompleteFTPService.exe in the server in EnterpriseDT CompleteFTP before 12.1.4 allows Remote Code Execution by leveraging a Windows user account that has SSH access. The exec command is always run as ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:21 | 回复:0
  • CVE-2021-43106
    CVE-2021-43106
    A Header Injection vulnerability exists in Compass Plus TranzWare Online FIMI Web Interface Tranzware Online (TWO) 5.3.33.3 F38 and FIMI 4.2.19.4 25.The HTTP host header can be manipulated and cause t ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:17 | 回复:0
  • CVE-2021-45348
    CVE-2021-45348
    An Arbitrary File Deletion vulnerability exists in SourceCodester Attendance Management System v1.0 via the csv parameter in admin/pageUploadCSV.php, which can cause a Denial of Service (crash).……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:19 | 回复:0
  • CVE-2022-24988
    CVE-2022-24988
    In galois_2p8 before 0.1.2, PrimitivePolynomialField::new has an off-by-one buffer overflow for a vector.……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:18 | 回复:0
  • CVE-2019-25057
    CVE-2019-25057
    In Corda before 4.1, the meaning of serialized data can be modified via an attacker-controlled CustomSerializer.……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:18 | 回复:0
  • CVE-2021-45310
    CVE-2021-45310
    Sangoma Technologies Corporation Switchvox Version 102409 is affected by an information disclosure vulnerability due to an improper access restriction. Users information such as first name, last name, ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:16 | 回复:0
  • CVE-2022-22295
    CVE-2022-22295
    Metinfo v7.5.0 was discovered to contain a SQL injection vulnerability in parameter_admin.class.php via the table_para parameter.……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:16 | 回复:0
  • CVE-2022-23335
    CVE-2022-23335
    Metinfo v7.5.0 was discovered to contain a SQL injection vulnerability in language_general.class.php via doModifyParameter.……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:18 | 回复:0
  • CVE-2022-23336
    CVE-2022-23336
    S-CMS v5.0 was discovered to contain a SQL injection vulnerability in member_pay.php via the O_id parameter.……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:17 | 回复:0
  • CVE-2022-23337
    CVE-2022-23337
    DedeCMS v5.7.87 was discovered to contain a SQL injection vulnerability in article_coonepage_rule.php via the ids parameter.……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:20 | 回复:0
  • CVE-2022-23389
    CVE-2022-23389
    PublicCMS v4.0 was discovered to contain a remote code execution (RCE) vulnerability via the cmdarray parameter.……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:18 | 回复:0
  • CVE-2022-23390
    CVE-2022-23390
    An issue in the getType function of BBS Forum v5.3 and below allows attackers to upload arbitrary files.……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:23 | 回复:0
  • CVE-2022-23391
    CVE-2022-23391
    A cross-site scripting (XSS) vulnerability in Pybbs v6.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload inserted into the Search box.……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:19 | 回复:0
  • CVE-2022-23637
    CVE-2022-23637
    K-Box is a web-based application to manage documents, images, videos and geodata. Prior to version 0.33.1, a stored Cross-Site-Scripting (XSS) vulnerability is present in the markdown editor used by t ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:18 | 回复:0
  • CVE-2022-23638
    CVE-2022-23638
    svg-sanitizer is a SVG/XML sanitizer written in PHP. A cross-site scripting vulnerability impacts all users of the `svg-sanitizer` library prior to version 0.15.0. This issue is fixed in version 0.15. ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:18 | 回复:0
  • CVE-2022-23902
    CVE-2022-23902
    Tongda2000 v11.10 was discovered to contain a SQL injection vulnerability in export_data.php via the d_name parameter.……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:23 | 回复:0
  • CVE-2022-24206
    CVE-2022-24206
    Tongda2000 v11.10 was discovered to contain a SQL injection vulnerability in /mobile_seal/get_seal.php via the DEVICE_LIST parameter.……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:18 | 回复:0
  • CVE-2021-45005
    CVE-2021-45005
    Artifex MuJS v1.1.3 was discovered to contain a heap buffer overflow which is caused by conflicting JumpList of nested try/finally statements.……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:22 | 回复:0
  • CVE-2021-46461
    CVE-2021-46461
    njs through 0.7.0, used in NGINX, was discovered to contain an out-of-bounds array access via njs_vmcode_typeof in /src/njs_vmcode.c.……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:22 | 回复:0

关注我们

极客给你想要的成长

关注极客中国获取最新资讯

热门推荐
专题导读
阅读排行榜

扫描微信二维码

查看手机版网站

随时了解更新最新资讯

139-2527-9053

在线客服(服务时间 9:00~18:00)

在线QQ客服
地址:深圳市南山区西丽大学城创智工业园
电邮:jeky_zhao#qq.com
移动电话:139-2527-9053

Powered by 互联科技 X3.4© 2001-2213 极客世界.|Sitemap