• 设为首页
  • 点击收藏
  • 手机版
    手机扫一扫访问
    迪恩网络手机版
  • 关注官方公众号
    微信扫一扫关注
    迪恩网络公众号

CVE漏洞

RSS
  • CVE-2021-46462
    CVE-2021-46462
    njs through 0.7.1, used in NGINX, was discovered to contain a segmentation violation via njs_object_set_prototype in /src/njs_object.c.……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:24 | 回复:0
  • CVE-2021-46463
    CVE-2021-46463
    njs through 0.7.1, used in NGINX, was discovered to contain a control flow hijack caused by a Type Confusion vulnerability in njs_promise_perform_then().……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:26 | 回复:0
  • CVE-2021-4201
    CVE-2021-4201
    Missing access control in ForgeRock Access Management 7.1.0 and earlier versions on all platforms allows remote unauthenticated attackers to hijack sessions, including potentially admin-level sessions ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:24 | 回复:0
  • CVE-2022-0581
    CVE-2022-0581
    Crash in the CMS protocol dissector in Wireshark 3.6.0 to 3.6.1 and 3.4.0 to 3.4.11 allows denial of service via packet injection or crafted capture file……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:40 | 回复:0
  • CVE-2022-0582
    CVE-2022-0582
    Unaligned access in the CSN.1 protocol dissector in Wireshark 3.6.0 to 3.6.1 and 3.4.0 to 3.4.11 allows denial of service via packet injection or crafted capture file……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:44 | 回复:0
  • CVE-2022-0583
    CVE-2022-0583
    Crash in the PVFS protocol dissector in Wireshark 3.6.0 to 3.6.1 and 3.4.0 to 3.4.11 allows denial of service via packet injection or crafted capture file……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:32 | 回复:0
  • CVE-2022-0586
    CVE-2022-0586
    Infinite loop in RTMPT protocol dissector in Wireshark 3.6.0 to 3.6.1 and 3.4.0 to 3.4.11 allows denial of service via packet injection or crafted capture file……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:47 | 回复:0
  • CVE-2022-23410
    CVE-2022-23410
    AXIS IP Utility before 4.18.0 allows for remote code execution and local privilege escalation by the means of DLL hijacking. IPUtility.exe would attempt to load DLLs from its current working directory ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:62 | 回复:0
  • CVE-2022-23992
    CVE-2022-23992
    XCOM Data Transport for Windows, Linux, and UNIX 11.6 releases contain a vulnerability due to insufficient input validation that could potentially allow remote attackers to execute arbitrary commands ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:56 | 回复:0
  • CVE-2022-24704
    CVE-2022-24704
    The rad_packet_recv function in opt/src/accel-pppd/radius/packet.c suffers from a buffer overflow vulnerability, whereby user input len is copied into a fixed buffer attr-val.integer without any bound ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:44 | 回复:0
  • CVE-2022-24705
    CVE-2022-24705
    The rad_packet_recv function in radius/packet.c suffers from a memcpy buffer overflow, resulting in an overly-large recvfrom into a fixed buffer that causes a buffer overflow and overwrites arbitrary ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:47 | 回复:0
  • CVE-2022-25139
    CVE-2022-25139
    njs through 0.7.0, used in NGINX, was discovered to contain a heap use-after-free in njs_await_fulfilled.……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:39 | 回复:0
  • CVE-2022-0580
    CVE-2022-0580
    Improper Access Control in Packagist librenms/librenms prior to 22.2.0.……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:30 | 回复:0
  • CVE-2022-21818
    CVE-2022-21818
    NVIDIA License System contains a vulnerability in the installation scripts for the DLS virtual appliance, where a user on a network after signing in to the portal can access other users’ credentials, ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:30 | 回复:0
  • CVE-2021-43952
    CVE-2021-43952
    Affected versions of Atlassian Jira Server and Data Center allow unauthenticated remote attackers to restore the default configuration of fields via a Cross-Site Request Forgery (CSRF) vulnerability i ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:28 | 回复:0
  • CVE-2021-43950
    CVE-2021-43950
    Affected versions of Atlassian Jira Service Management Server and Data Center allow authenticated remote attackers to view import source configuration information via a Broken Access Control vulnerabi ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:35 | 回复:0
  • CVE-2021-43953
    CVE-2021-43953
    Affected versions of Atlassian Jira Server and Data Center allow unauthenticated remote attackers to toggle the Thread Contention and CPU monitoring settings via a Cross-Site Request Forgery (CSRF) vu ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:75 | 回复:0
  • CVE-2021-43940
    CVE-2021-43940
    Affected versions of Atlassian Confluence Server and Data Center allow authenticated local attackers to achieve elevated privileges on the local system via a DLL Hijacking vulnerability in the Conflue ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:36 | 回复:0
  • CVE-2021-43941
    CVE-2021-43941
    Affected versions of Atlassian Jira Server and Data Center allow remote attackers to modify several resources (including CsvFieldMappingsPage.jspa and ImporterValueMappingsPage.jspa) via a Cross-Site ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:57 | 回复:0
  • CVE-2021-43948
    CVE-2021-43948
    Affected versions of Atlassian Jira Service Management Server and Data Center allow authenticated remote attackers to view the names of private objects via an Improper Authorization vulnerability in t ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:50 | 回复:0
  • CVE-2022-0587
    CVE-2022-0587
    Improper Authorization in Packagist librenms/librenms prior to 22.2.0.……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:44 | 回复:0
  • CVE-2022-0588
    CVE-2022-0588
    Exposure of Sensitive Information to an Unauthorized Actor in Packagist librenms/librenms prior to 22.2.0.……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:39 | 回复:0
  • CVE-2022-0589
    CVE-2022-0589
    Cross-site Scripting (XSS) - Stored in Packagist librenms/librenms prior to 22.1.0.……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:41 | 回复:0
  • CVE-2021-46557
    CVE-2021-46557
    Vicidial 2.14-783a was discovered to contain a cross-site scripting (XSS) vulnerability via the input tabs.……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:55 | 回复:0
  • CVE-2021-46558
    CVE-2021-46558
    Multiple cross-site scripting (XSS) vulnerabilities in the Add User module of Issabel PBX 20200102 allows attackers to execute arbitrary web scripts or HTML via a crafted payload inserted into the use ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:94 | 回复:0
  • CVE-2022-23317
    CVE-2022-23317
    CobaltStrike =4.5 HTTP(S) listener does not determine whether the request URL begins with /, and attackers can obtain relevant information by specifying the URL.……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:56 | 回复:0
  • CVE-2022-23384
    CVE-2022-23384
    YzmCMS v6.3 is affected by Cross Site Request Forgery (CSRF) in /admin.add……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:45 | 回复:0
  • CVE-2021-41552
    CVE-2021-41552
    CommScope SURFboard SBG6950AC2 9.1.103AA23 devices allow Command Injection.……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:43 | 回复:0
  • CVE-2021-42712
    CVE-2021-42712
    Splashtop Streamer through 3.4.8.3 creates a Temporary File in a Directory with Insecure Permissions.……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:34 | 回复:0
  • CVE-2021-43734
    CVE-2021-43734
    kkFileview v4.0.0 has arbitrary file read through a directory traversal vulnerability which may lead to sensitive file leak on related host.……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:24 | 回复:0
  • CVE-2022-0596
    CVE-2022-0596
    Business Logic Errors in Packagist microweber/microweber prior to 1.2.11.……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:33 | 回复:0
  • CVE-2022-0597
    CVE-2022-0597
    Open Redirect in Packagist microweber/microweber prior to 1.2.11.……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:29 | 回复:0
  • CVE-2022-24586
    CVE-2022-24586
    A stored cross-site scripting (XSS) vulnerability in the component /core/admin/categories.php of PluXml v5.8.7 allows attackers to execute arbitrary web scripts or HTML via a crafted payload in the co ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:21 | 回复:0
  • CVE-2022-24227
    CVE-2022-24227
    A cross-site scripting (XSS) vulnerability in BoltWire v7.10 allows attackers to execute arbitrary web scripts or HTML via a crafted payload in the name and lastname parameters.……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:20 | 回复:0
  • CVE-2022-24684
    CVE-2022-24684
    HashiCorp Nomad and Nomad Enterprise before 1.0.17, 1.1.x before 1.1.12, and 1.2.x before 1.2.6 has Uncontrolled Resource Consumption.……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:20 | 回复:0
  • CVE-2021-44960
    CVE-2021-44960
    In SVGPP SVG++ library 1.3.0, the XMLDocument::getRoot function in the renderDocument function handled the XMLDocument object improperly, returning a null pointer in advance at the second if, resultin ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:18 | 回复:0
  • CVE-2022-21698
    CVE-2022-21698
    client_golang is the instrumentation library for Go applications in Prometheus, and the promhttp package in client_golang provides tooling around HTTP servers and clients. In client_golang prior to ve ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:17 | 回复:0
  • CVE-2022-23604
    CVE-2022-23604
    x26-Cogs is a repository of cogs made by Twentysix for the Red Discord bot. Among these cogs is the Defender cog, a tool for Discord server moderation. A vulnerability in the Defender cog prior to ver ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:17 | 回复:0
  • CVE-2022-24226
    CVE-2022-24226
    Hospital Management System v4.0 was discovered to contain a blind SQL injection vulnerability via the register function in func2.php.……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:10 | 回复:0
  • CVE-2022-24585
    CVE-2022-24585
    A stored cross-site scripting (XSS) vulnerability in the component /core/admin/comment.php of PluXml v5.8.7 allows attackers to execute arbitrary web scripts or HTML via a crafted payload in the autho ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:8 | 回复:0

关注我们

极客给你想要的成长

关注极客中国获取最新资讯

热门推荐
专题导读
阅读排行榜

扫描微信二维码

查看手机版网站

随时了解更新最新资讯

139-2527-9053

在线客服(服务时间 9:00~18:00)

在线QQ客服
地址:深圳市南山区西丽大学城创智工业园
电邮:jeky_zhao#qq.com
移动电话:139-2527-9053

Powered by 互联科技 X3.4© 2001-2213 极客世界.|Sitemap