• 设为首页
  • 点击收藏
  • 手机版
    手机扫一扫访问
    迪恩网络手机版
  • 关注官方公众号
    微信扫一扫关注
    迪恩网络公众号

CVE漏洞

RSS
  • CVE-2022-21815
    CVE-2022-21815
    NVIDIA GPU Display Driver for Windows contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for private IOCTLs where a NULL pointer dereference in the kernel, created within user mo ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:27 | 阅读:14 | 回复:0
  • CVE-2022-21816
    CVE-2022-21816
    NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager (nvidia.ko), where a user in the guest OS can cause a GPU interrupt storm on the hypervisor host, leading to a denial of servic ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:27 | 阅读:15 | 回复:0
  • CVE-2021-3835
    CVE-2021-3835
    Buffer overflow in usb device class. Zephyr versions = v2.6.0 contain Heap-based Buffer Overflow (CWE-122). For more information, see https://github.com/zephyrproject-rtos/zephyr/security/advisories/G ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:27 | 阅读:15 | 回复:0
  • CVE-2021-3861
    CVE-2021-3861
    The RNDIS USB device class includes a buffer overflow vulnerability. Zephyr versions = v2.6.0 contain Heap-based Buffer Overflow (CWE-122). For more information, see https://github.com/zephyrproject-r ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:27 | 阅读:16 | 回复:0
  • CVE-2021-45281
    CVE-2021-45281
    QuickBox Pro v2.4.8 contains a cross-site scripting (XSS) vulnerability at adminuseredit.php?usertoedit=XSS, as the user supplied input for the value of this parameter is not properly sanitized.……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:27 | 阅读:15 | 回复:0
  • CVE-2022-21712
    CVE-2022-21712
    twisted is an event-driven networking engine written in Python. In affected versions twisted exposes cookies and authorization headers when following cross-origin redirects. This issue is present in t ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:27 | 阅读:14 | 回复:0
  • CVE-2022-23613
    CVE-2022-23613
    xrdp is an open source remote desktop protocol (RDP) server. In affected versions an integer underflow leading to a heap overflow in the sesman server allows any unauthenticated attacker which is able ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:27 | 阅读:14 | 回复:0
  • CVE-2022-23623
    CVE-2022-23623
    Frourio is a full stack framework, for TypeScript. Frourio users who uses frourio version prior to v0.26.0 and integration with class-validator through `validators/` folder are subject to a input vali ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:27 | 阅读:15 | 回复:0
  • CVE-2022-23624
    CVE-2022-23624
    Frourio-express is a minimal full stack framework, for TypeScript. Frourio-express users who uses frourio-express version prior to v0.26.0 and integration with class-validator through `validators/` fo ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:27 | 阅读:14 | 回复:0
  • CVE-2022-24450
    CVE-2022-24450
    NATS nats-server before 2.7.2 has Incorrect Access Control. Any authenticated user can obtain the privileges of the System account by misusing the dynamically provisioned sandbox accounts feature.……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:27 | 阅读:14 | 回复:0
  • CVE-2022-0504
    CVE-2022-0504
    Generation of Error Message Containing Sensitive Information in Packagist microweber/microweber prior to 1.2.11.……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:27 | 阅读:16 | 回复:0
  • CVE-2022-0505
    CVE-2022-0505
    Cross-Site Request Forgery (CSRF) in Packagist microweber/microweber prior to 1.2.11.……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:27 | 阅读:17 | 回复:0
  • CVE-2022-0506
    CVE-2022-0506
    Cross-site Scripting (XSS) - Stored in Packagist microweber/microweber prior to 1.2.11.……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:27 | 阅读:16 | 回复:0
  • CVE-2021-20877
    CVE-2021-20877
    Cross-site scripting vulnerability in Canon laser printers and small office multifunctional printers (LBP162L/LBP162, MF4890dw, MF269dw/MF265dw/MF264dw/MF262dw, MF249dw/MF245dw/MF244dw/MF242dw/MF232w, ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:27 | 阅读:20 | 回复:0
  • CVE-2022-0508
    CVE-2022-0508
    Server-Side Request Forgery (SSRF) in GitHub repository chocobozzz/peertube prior to f33e515991a32885622b217bf2ed1d1b0d9d6832……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:27 | 阅读:20 | 回复:0
  • CVE-2022-21173
    CVE-2022-21173
    Hidden functionality vulnerability in ELECOM LAN routers (WRH-300BK3 firmware v1.05 and earlier, WRH-300WH3 firmware v1.05 and earlier, WRH-300BK3-S firmware v1.05 and earlier, WRH-300DR3-S firmware v ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:27 | 阅读:21 | 回复:0
  • CVE-2022-21193
    CVE-2022-21193
    Directory traversal vulnerability in TransmitMail 2.5.0 to 2.6.1 allows a remote unauthenticated attacker to obtain an arbitrary file on the server via unspecified vectors.……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:27 | 阅读:14 | 回复:0
  • CVE-2022-21241
    CVE-2022-21241
    Cross-site scripting vulnerability in CSV+ prior to 0.8.1 allows a remote unauthenticated attacker to inject an arbitrary script or an arbitrary OS command via a specially crafted CSV file that contai ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:27 | 阅读:18 | 回复:0
  • CVE-2022-21799
    CVE-2022-21799
    Cross-site scripting vulnerability in ELECOM LAN router WRC-300FEBK-R firmware v1.13 and earlier allows an attacker on the adjacent network to inject an arbitrary script via unspecified vectors.……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:27 | 阅读:17 | 回复:0
  • CVE-2022-21805
    CVE-2022-21805
    Reflected cross-site scripting vulnerability in the attached file name of php_mailform versions prior to Version 1.40 allows a remote unauthenticated attacker to inject an arbitrary script via unspeci ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:27 | 阅读:17 | 回复:0
  • CVE-2022-22142
    CVE-2022-22142
    Reflected cross-site scripting vulnerability in the checkbox of php_mailform versions prior to Version 1.40 allows a remote unauthenticated attacker to inject an arbitrary script via unspecified vecto ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:27 | 阅读:18 | 回复:0
  • CVE-2022-22146
    CVE-2022-22146
    Cross-site scripting vulnerability in TransmitMail 2.5.0 to 2.6.1 allows a remote unauthenticated attacker to inject an arbitrary script via unspecified vectors.……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:27 | 阅读:15 | 回复:0
  • CVE-2022-0509
    CVE-2022-0509
    Cross-site Scripting (XSS) - Stored in Packagist pimcore/pimcore prior to 10.3.1.……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:27 | 阅读:17 | 回复:0
  • CVE-2022-23331
    CVE-2022-23331
    In DataEase v1.6.1, an authenticated user can gain unauthorized access to all user information and can change the administrator password.……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:27 | 阅读:18 | 回复:0
  • CVE-2022-23340
    CVE-2022-23340
    Joplin 2.6.10 allows remote attackers to execute system commands through malicious code in user search results.……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:27 | 阅读:20 | 回复:0
  • CVE-2021-44864
    CVE-2021-44864
    TP-Link WR886N 3.0 1.0.1 Build 150127 Rel.34123n is vulnerable to Buffer Overflow. Authenticated attackers can crash router httpd services via /userRpm/PingIframeRpm.htm request which contains redunda ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:27 | 阅读:18 | 回复:0
  • CVE-2021-44956
    CVE-2021-44956
    Two Heap based buffer overflow vulnerabilities exist in ffjpeg through 01.01.2021. It is similar to CVE-2020-23852. Issues that are in the jfif_decode function at ffjpeg/src/jfif.c (line 552) could ca ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:27 | 阅读:17 | 回复:0
  • CVE-2021-44957
    CVE-2021-44957
    Global buffer overflow vulnerability exist in ffjpeg through 01.01.2021. It is similar to CVE-2020-23705. Issue is in the jfif_encode function at ffjpeg/src/jfif.c (line 708) could cause a Denial of S ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:27 | 阅读:16 | 回复:0
  • CVE-2021-45325
    CVE-2021-45325
    Server Side Request Forgery (SSRF) vulneraility exists in Gitea before 1.7.0 using the OpenID URL.……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:27 | 阅读:16 | 回复:0
  • CVE-2021-45326
    CVE-2021-45326
    Cross Site Request Forgery (CSRF) vulnerability exists in Gitea before 1.5.2 via API routes.This can be dangerous especially with state altering POST requests.……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:27 | 阅读:19 | 回复:0
  • CVE-2021-45327
    CVE-2021-45327
    Gitea before 1.11.2 is affected by Trusting HTTP Permission Methods on the Server Side when referencing the vulnerable admin or user API. which could let a remote malisious user execute arbitrary code ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:27 | 阅读:20 | 回复:0
  • CVE-2022-0510
    CVE-2022-0510
    Cross-site Scripting (XSS) - Reflected in Packagist pimcore/pimcore prior to 10.3.1.……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:27 | 阅读:26 | 回复:0
  • CVE-2021-45328
    CVE-2021-45328
    Gitea before 1.4.3 is affected by URL Redirection to Untrusted Site ('Open Redirect') via internal URLs.……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:27 | 阅读:34 | 回复:0
  • CVE-2022-0139
    CVE-2022-0139
    Use After Free in GitHub repository radareorg/radare2 prior to 5.6.0.……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:27 | 阅读:32 | 回复:0
  • CVE-2022-21702
    CVE-2022-21702
    Grafana is an open-source platform for monitoring and observability. In affected versions an attacker could serve HTML content thru the Grafana datasource or plugin proxy and trick a user to visit thi ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:27 | 阅读:37 | 回复:0
  • CVE-2022-0518
    CVE-2022-0518
    Heap-based Buffer Overflow in GitHub repository radareorg/radare2 prior to 5.6.2.……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:27 | 阅读:43 | 回复:0
  • CVE-2022-0519
    CVE-2022-0519
    Buffer Access with Incorrect Length Value in GitHub repository radareorg/radare2 prior to 5.6.2.……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:27 | 阅读:59 | 回复:0
  • CVE-2022-0520
    CVE-2022-0520
    Use After Free in NPM radare2.js prior to 5.6.2.……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:27 | 阅读:59 | 回复:0
  • CVE-2022-0521
    CVE-2022-0521
    Access of Memory Location After End of Buffer in GitHub repository radareorg/radare2 prior to 5.6.2.……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:27 | 阅读:53 | 回复:0
  • CVE-2022-0522
    CVE-2022-0522
    Access of Memory Location Before Start of Buffer in NPM radare2.js prior to 5.6.2.……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:27 | 阅读:76 | 回复:0

关注我们

极客给你想要的成长

关注极客中国获取最新资讯

热门推荐
专题导读
阅读排行榜

扫描微信二维码

查看手机版网站

随时了解更新最新资讯

139-2527-9053

在线客服(服务时间 9:00~18:00)

在线QQ客服
地址:深圳市南山区西丽大学城创智工业园
电邮:jeky_zhao#qq.com
移动电话:139-2527-9053

Powered by 互联科技 X3.4© 2001-2213 极客世界.|Sitemap