• 设为首页
  • 点击收藏
  • 手机版
    手机扫一扫访问
    迪恩网络手机版
  • 关注官方公众号
    微信扫一扫关注
    迪恩网络公众号
登陆 注册
描述文字
OGeek|极客世界-中国程序员成长平台 门户 漏洞CVE漏洞

CVE漏洞

RSS
  • CVE-2022-34889
    CVE-2022-34889
    This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop 17.1.1 (51537). An attacker must first obtain the ability to execute high-privileged cod ...……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:16 | 阅读:617 | 回复:0
  • CVE-2022-34890
    CVE-2022-34890
    This vulnerability allows local attackers to disclose sensitive information on affected installations of Parallels Desktop 17.1.1 (51537). An attacker must first obtain the ability to execute low-priv ...……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:16 | 阅读:829 | 回复:0
  • CVE-2022-34891
    CVE-2022-34891
    This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop Parallels Desktop 17.1.1. An attacker must first obtain the ability to execute low-privi ...……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:16 | 阅读:629 | 回复:0
  • CVE-2022-34892
    CVE-2022-34892
    This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop Parallels Desktop 17.1.1. An attacker must first obtain the ability to execute low-privi ...……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:16 | 阅读:514 | 回复:0
  • CVE-2022-34899
    CVE-2022-34899
    This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Access 6.5.4 (39316) Agent. An attacker must first obtain the ability to execute low-privileged ...……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:16 | 阅读:1858 | 回复:0
  • CVE-2022-34900
    CVE-2022-34900
    This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Access 6.5.3 (39313) Agent. An attacker must first obtain the ability to execute low-privileged ...……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:16 | 阅读:568 | 回复:0
  • CVE-2022-34901
    CVE-2022-34901
    This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Access 6.5.4 (39316) Agent. An attacker must first obtain the ability to execute low-privileged ...……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:16 | 阅读:564 | 回复:0
  • CVE-2022-34902
    CVE-2022-34902
    This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Access 6.5.4 (39316) Agent. An attacker must first obtain the ability to execute low-privileged ...……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:16 | 阅读:579 | 回复:0
  • CVE-2022-35741
    CVE-2022-35741
    Apache CloudStack version 4.5.0 and later has a SAML 2.0 authentication Service Provider plugin which is found to be vulnerable to XML external entity (XXE) injection. This plugin is not enabled by de ...……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:16 | 阅读:1001 | 回复:0
  • CVE-2021-42755
    CVE-2021-42755
    An integer overflow / wraparound vulnerability in FortiSwitch 7.0.2 and below, 6.4.9 and below, 6.2.x, 6.0.x; FortiRecorder 6.4.2 and below, 6.0.10 and below; FortiOS 7.0.2 and below, 6.4.8 and below ...……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:16 | 阅读:1077 | 回复:0
  • CVE-2021-44170
    CVE-2021-44170
    A stack-based buffer overflow vulnerability in the command line interpreter of FortiOS before 7.0.4 and FortiProxy before 2.0.8 may allow an authenticated attacker to execute unauthorized code or com ...……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:16 | 阅读:717 | 回复:0
  • CVE-2022-1565
    CVE-2022-1565
    The plugin WP All Import is vulnerable to arbitrary file uploads due to missing file type validation via the wp_all_import_get_gz.php file in versions up to, and including, 3.6.7. This makes it possib ...……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:16 | 阅读:864 | 回复:0
  • CVE-2022-1912
    CVE-2022-1912
    The Button Widget Smartsoft plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.0.1. This is due to missing nonce validation on the smartsoftbutton_set ...……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:16 | 阅读:984 | 回复:0
  • CVE-2022-22304
    CVE-2022-22304
    An improper neutralization of input during web page generation vulnerability in FortiAuthenticator OWA Agent for Microsoft version 2.2 and 2.1 may allow an unauthenticated attacker to perform an XSS ...……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:16 | 阅读:515 | 回复:0
  • CVE-2022-23745
    CVE-2022-23745
    A potential memory corruption issue was found in Capsule Workspace Android app (running on GrapheneOS). This could result in application crashing but could not be used to gather any sensitive informat ...……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:16 | 阅读:1068 | 回复:0
  • CVE-2022-2001
    CVE-2022-2001
    The DX Share Selection plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including 1.4. This is due to missing nonce protection on the dxss_admin_page() function ...……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:16 | 阅读:606 | 回复:0
  • CVE-2022-2039
    CVE-2022-2039
    The Free Live Chat Support plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including 1.0.11. This is due to missing nonce protection on the livesupporti_setting ...……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:16 | 阅读:686 | 回复:0
  • CVE-2022-2101
    CVE-2022-2101
    The Download Manager plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the `file` parameter in versions up to, and including, 3.2.46 due to insufficient input sanitization and outp ...……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:16 | 阅读:543 | 回复:0
  • CVE-2022-2108
    CVE-2022-2108
    The plugin Wbcom Designs – BuddyPress Group Reviews for WordPress is vulnerable to unauthorized settings changes and review modification due to missing capability checks and improper nonce checks in ...……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:16 | 阅读:557 | 回复:0
  • CVE-2022-2117
    CVE-2022-2117
    The GiveWP plugin for WordPress is vulnerable to Sensitive Information Disclosure in versions up to, and including, 2.20.2 via the /donor-wall REST-API endpoint which provides unauthenticated users wi ...……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:16 | 阅读:538 | 回复:0
  • CVE-2022-2223
    CVE-2022-2223
    The WordPress plugin Image Slider is vulnerable to Cross-Site Request Forgery in versions up to, and including 1.1.121 due to failure to properly check for the existence of a nonce in the function ewi ...……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:16 | 阅读:1291 | 回复:0
  • CVE-2022-2224
    CVE-2022-2224
    The WordPress plugin Gallery for Social Photo is vulnerable to Cross-Site Request Forgery in versions up to, and including 1.0.0.27 due to failure to properly check for the existence of a nonce in the ...……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:16 | 阅读:1670 | 回复:0
  • CVE-2022-2435
    CVE-2022-2435
    The AnyMind Widget plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including 1.1. This is due to missing nonce protection on the createDOMStructure() function f ...……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:16 | 阅读:1020 | 回复:0
  • CVE-2022-2437
    CVE-2022-2437
    The Feed Them Social – for Twitter feed, Youtube and more plugin for WordPress is vulnerable to deserialization of untrusted input via the 'fts_url' parameter in versions up to, and including ...……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:16 | 阅读:578 | 回复:0
  • CVE-2022-2443
    CVE-2022-2443
    The FreeMind WP Browser plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including 1.2. This is due to missing nonce protection on the FreemindOptions() function ...……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:16 | 阅读:808 | 回复:0
  • CVE-2022-2444
    CVE-2022-2444
    The Visualizer: Tables and Charts Manager for WordPress plugin for WordPress is vulnerable to deserialization of untrusted input via the 'remote_data' parameter in versions up to, and includin ...……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:16 | 阅读:569 | 回复:0
  • CVE-2022-32387
    CVE-2022-32387
    In Kentico before 13.0.66, attackers can achieve Denial of Service via a crafted request to the GetResource handler.……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:16 | 阅读:522 | 回复:0
  • CVE-2021-22131
    CVE-2021-22131
    A improper validation of certificate with host mismatch in Fortinet FortiTokenAndroid version 5.0.3 and below, Fortinet FortiTokeniOS version 5.2.0 and below, Fortinet FortiTokenWinApp version 4.0.3 a ...……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:16 | 阅读:465 | 回复:0
  • CVE-2021-29788
    CVE-2021-29788
    IBM Engineering Requirements Quality Assistant On-Premises (All versions) is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus a ...……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:16 | 阅读:530 | 回复:0
  • CVE-2021-29790
    CVE-2021-29790
    IBM Engineering Requirements Quality Assistant On-Premises (All versions) is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus a ...……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:16 | 阅读:598 | 回复:0
  • CVE-2021-29799
    CVE-2021-29799
    IBM Engineering Requirements Quality Assistant On-Premises (All versions) could allow an authenticated user to obtain sensitive information due to improper client side validation. IBM X-Force ID: 2037 ...……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:16 | 阅读:569 | 回复:0
  • CVE-2021-38868
    CVE-2021-38868
    IBM Engineering Requirements Quality Assistant On-Premises (All versions) is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transm ...……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:16 | 阅读:588 | 回复:0
  • CVE-2021-41031
    CVE-2021-41031
    A relative path traversal vulnerability in FortiClient for Windows versions 7.0.2 and prior, 6.4.6 and prior and 6.2.9 and below may allow a local unprivileged attacker to escalate their privileges t ...……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:16 | 阅读:627 | 回复:0
  • CVE-2022-22445
    CVE-2022-22445
    An attacker that gains service access to the FSP (POWER9 only) or gains admin authority to a partition can compromise partition firmware.……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:16 | 阅读:650 | 回复:0
  • CVE-2022-23438
    CVE-2022-23438
    An improper neutralization of input during web page generation ('Cross-site Scripting') vulnerability in FortiOS version 7.0.5 and prior and 6.4.9 and prior may allow an unauthenticated remot ...……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:16 | 阅读:601 | 回复:0
  • CVE-2022-26117
    CVE-2022-26117
    An empty password in configuration file vulnerability in FortiNAC version 8.3.7 and below, 8.5.2 and below, 8.5.4, 8.6.0, 8.6.5 and below, 8.7.6 and below, 8.8.11 and below, 9.1.5 and below, 9.2.3 an ...……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:16 | 阅读:944 | 回复:0
  • CVE-2022-26118
    CVE-2022-26118
    A privilege chaining vulnerability in FortiManager and FortiAnalyzer 6.0.x, 6.2.x, 6.4.0 through 6.4.7, 7.0.0 through 7.0.3 may allow a local and authenticated attacker with a restricted shell to esc ...……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:16 | 阅读:894 | 回复:0
  • CVE-2022-26120
    CVE-2022-26120
    Multiple improper neutralization of special elements used in an SQL Command ('SQL Injection') vulnerabilities in FortiADC management interface 7.0.0 through 7.0.1, 5.0.0 through 6.2.2 may all ...……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:16 | 阅读:521 | 回复:0
  • CVE-2022-28669
    CVE-2022-28669
    This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader 11.2.1.53537. User interaction is required to exploit this vulnerability in that the ...……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:16 | 阅读:1086 | 回复:0
  • CVE-2022-28670
    CVE-2022-28670
    This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Reader 11.2.1.53537. User interaction is required to exploit this vulnerability in t ...……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:16 | 阅读:563 | 回复:0

关注我们

极客给你想要的成长

关注极客中国获取最新资讯

加入Q群 官方微博
热门推荐
More+
专题导读
More+
热门话题
More+
阅读排行榜

扫描微信二维码

查看手机版网站

随时了解更新最新资讯

139-2527-9053

在线客服(服务时间 9:00~18:00)

在线QQ客服
地址:深圳市南山区西丽大学城创智工业园
电邮:jeky_zhao#qq.com
移动电话:139-2527-9053

Powered by 互联科技 X3.4© 2001-2213 极客世界.|Sitemap