• 设为首页
  • 点击收藏
  • 手机版
    手机扫一扫访问
    迪恩网络手机版
  • 关注官方公众号
    微信扫一扫关注
    迪恩网络公众号

CVE漏洞

RSS
  • CVE-2021-38560
    CVE-2021-38560
    Ivanti Service Manager 2021.1 allows reflected XSS via the appName parameter associated with ConfigDB calls, such as in RelocateAttachments.aspx.……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:26 | 阅读:22 | 回复:0
  • CVE-2021-46093
    CVE-2021-46093
    eliteCMS v1.0 is vulnerable to Insecure Permissions via manage_uploads.php.……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:26 | 阅读:30 | 回复:0
  • CVE-2022-24218
    CVE-2022-24218
    An issue in /admin/delete_image.php of eliteCMS v1.0 allows attackers to delete arbitrary files.……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:26 | 阅读:19 | 回复:0
  • CVE-2022-24219
    CVE-2022-24219
    eliteCMS v1.0 was discovered to contain a SQL injection vulnerability via /admin/edit_page.php.……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:26 | 阅读:17 | 回复:0
  • CVE-2022-24220
    CVE-2022-24220
    eliteCMS v1.0 was discovered to contain a SQL injection vulnerability via /admin/edit_post.php.……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:26 | 阅读:17 | 回复:0
  • CVE-2022-24221
    CVE-2022-24221
    eliteCMS v1.0 was discovered to contain a SQL injection vulnerability via /admin/functions/functions.php.……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:26 | 阅读:17 | 回复:0
  • CVE-2022-24222
    CVE-2022-24222
    eliteCMS v1.0 was discovered to contain a SQL injection vulnerability via /admin/edit_user.php.……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:26 | 阅读:17 | 回复:0
  • CVE-2022-24223
    CVE-2022-24223
    AtomCMS v2.0 was discovered to contain a SQL injection vulnerability via /admin/login.php.……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:26 | 阅读:15 | 回复:0
  • CVE-2022-24196
    CVE-2022-24196
    iText v7.1.17 was discovered to contain an out-of-memory error via the component readStreamBytesRaw, which allows attackers to cause a Denial of Service (DoS) via a crafted PDF file.……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:26 | 阅读:15 | 回复:0
  • CVE-2022-24197
    CVE-2022-24197
    iText v7.1.17 was discovered to contain a stack-based buffer overflow via the component ByteBuffer.append, which allows attackers to cause a Denial of Service (DoS) via a crafted PDF file.……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:26 | 阅读:15 | 回复:0
  • CVE-2022-24198
    CVE-2022-24198
    iText v7.1.17 was discovered to contain an out-of-bounds exception via the component ARCFOUREncryption.encryptARCFOUR, which allows attackers to cause a Denial of Service (DoS) via a crafted PDF file.……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:26 | 阅读:14 | 回复:0
  • CVE-2021-42638
    CVE-2021-42638
    PrinterLogic Web Stack versions 19.1.1.13 SP9 and below do not sanitize user input resulting in pre-auth remote code execution.……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:26 | 阅读:14 | 回复:0
  • CVE-2022-24300
    CVE-2022-24300
    Minetest before 5.4.0 allows attackers to add or modify arbitrary meta fields of the same item stack as saved user input, aka ItemStack meta injection.……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:26 | 阅读:14 | 回复:0
  • CVE-2022-24301
    CVE-2022-24301
    In Minetest before 5.4.0, players can add or subtract items from a different player's inventory.……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:26 | 阅读:14 | 回复:0
  • CVE-2021-36177
    CVE-2021-36177
    An improper access control vulnerability in FortiAuthenticator HA service 6.3.2 and below, 6.2.x, 6.1.x, 6.0.x may allow an attacker on the same vlan as the HA management interface to make an unauthe ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:26 | 阅读:15 | 回复:0
  • CVE-2021-41016
    CVE-2021-41016
    A improper neutralization of special elements used in a command ('command injection') in Fortinet FortiExtender version 7.0.1 and below, 4.2.3 and below, 4.1.7 and below allows an authenticate ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:26 | 阅读:15 | 回复:0
  • CVE-2021-42753
    CVE-2021-42753
    An improper limitation of a pathname to a restricted directory ('Path Traversal') vulnerability in FortiWeb management interface 6.4.1 and below, 6.3.15 and below, 6.2.x, 6.1.x, 6.0.x, 5.9.x ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:26 | 阅读:12 | 回复:0
  • CVE-2021-43062
    CVE-2021-43062
    A improper neutralization of input during web page generation ('cross-site scripting') in Fortinet FortiMail version 7.0.1 and 7.0.0, version 6.4.5 and below, version 6.3.7 and below, version ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:26 | 阅读:9 | 回复:0
  • CVE-2021-43073
    CVE-2021-43073
    A improper neutralization of special elements used in an os command ('os command injection') in Fortinet FortiWeb version 6.4.1 and 6.4.0, version 6.3.15 and below, version 6.2.6 and below all ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:26 | 阅读:9 | 回复:0
  • CVE-2020-26208
    CVE-2020-26208
    JHEAD is a simple command line tool for displaying and some manipulation of EXIF header data embedded in Jpeg images from digital cameras. In affected versions there is a heap-buffer-overflow on jhead ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:26 | 阅读:10 | 回复:0
  • CVE-2021-24043
    CVE-2021-24043
    A missing bound check in RTCP flag parsing code prior to WhatsApp for Android v2.21.23.2, WhatsApp Business for Android v2.21.23.2, WhatsApp for iOS v2.21.230.6, WhatsApp Business for iOS 2.21.230.7, ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:26 | 阅读:9 | 回复:0
  • CVE-2021-36193
    CVE-2021-36193
    Multiple stack-based buffer overflows in the command line interpreter of FortiWeb before 6.4.2 may allow an authenticated attacker to achieve arbitrary code execution via specially crafted commands.……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:26 | 阅读:10 | 回复:0
  • CVE-2021-39044
    CVE-2021-39044
    IBM Financial Transaction Manager 3.2.4 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:26 | 阅读:10 | 回复:0
  • CVE-2021-39066
    CVE-2021-39066
    IBM Financial Transaction Manager 3.2.4 does not invalidate session any existing session identifier gives an attacker the opportunity to steal authenticated sessions. IBM X-Force ID: 215040.……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:26 | 阅读:9 | 回复:0
  • CVE-2021-39070
    CVE-2021-39070
    IBM Security Verify Access 10.0.0.0, 10.0.1.0 and 10.0.2.0 with the advanced access control authentication service enabled could allow an attacker to authenticate as any user on the system. IBM X-Forc ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:26 | 阅读:9 | 回复:0
  • CVE-2021-41018
    CVE-2021-41018
    A improper neutralization of special elements used in an os command ('os command injection') in Fortinet FortiWeb version 6.4.1 and below, 6.3.15 and below allows attacker to execute unauthori ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:26 | 阅读:9 | 回复:0
  • CVE-2022-0366
    CVE-2022-0366
    An authenticated and authorized agent user could potentially gain administrative access via an SQLi vulnerability to Capsule8 Console between versions 4.6.0 and 4.9.1.……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:26 | 阅读:9 | 回复:0
  • CVE-2022-21724
    CVE-2022-21724
    pgjdbc is the offical PostgreSQL JDBC Driver. A security hole was found in the jdbc driver for postgresql database while doing security research. The system using the postgresql library will be attack ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:26 | 阅读:10 | 回复:0
  • CVE-2022-21817
    CVE-2022-21817
    NVIDIA Omniverse Launcher contains a Cross-Origin Resource Sharing (CORS) vulnerability which can allow an unprivileged remote attacker, if they can get user to browse malicious site, to acquire acces ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:26 | 阅读:13 | 回复:0
  • CVE-2022-22509
    CVE-2022-22509
    In Phoenix Contact FL SWITCH Series 2xxx in version 3.00 an incorrect privilege assignment allows an low privileged user to enable full access to the device configuration.……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:26 | 阅读:17 | 回复:0
  • CVE-2022-22510
    CVE-2022-22510
    Codesys Profinet in version V4.2.0.0 is prone to null pointer dereference that allows a denial of service (DoS) attack of an unauthenticated user via SNMP.……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:26 | 阅读:17 | 回复:0
  • CVE-2021-42633
    CVE-2021-42633
    PrinterLogic Web Stack versions 19.1.1.13 SP9 and below are vulnerable to SQL Injection, which may allow an attacker to access additional audit records.……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:26 | 阅读:24 | 回复:0
  • CVE-2021-42637
    CVE-2021-42637
    PrinterLogic Web Stack versions 19.1.1.13 SP9 and below use user-controlled input to craft a URL, resulting in a Server Side Request Forgery (SSRF) vulnerability.……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:26 | 阅读:21 | 回复:0
  • CVE-2021-42639
    CVE-2021-42639
    PrinterLogic Web Stack versions 19.1.1.13 SP9 and below are vulnerable to multiple reflected cross site scripting vulnerabilities. Attacker controlled input is reflected back in the page without sanit ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:26 | 阅读:36 | 回复:0
  • CVE-2021-42640
    CVE-2021-42640
    PrinterLogic Web Stack versions 19.1.1.13 SP9 and below are vulnerable to an Insecure Direct Object Reference (IDOR) vulnerability that allows an unauthenticated attacker to reassign drivers for any p ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:26 | 阅读:48 | 回复:0
  • CVE-2021-42641
    CVE-2021-42641
    PrinterLogic Web Stack versions 19.1.1.13 SP9 and below are vulnerable to an Insecure Direct Object Reference (IDOR) vulnerability that allows an unauthenticated attacker to disclose the username and ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:26 | 阅读:52 | 回复:0
  • CVE-2021-42642
    CVE-2021-42642
    PrinterLogic Web Stack versions 19.1.1.13 SP9 and below are vulnerable to an Insecure Direct Object Reference (IDOR) vulnerability that allows an unauthenticated attacker to disclose the plaintext con ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:26 | 阅读:40 | 回复:0
  • CVE-2021-39021
    CVE-2021-39021
    IBM Guardium Data Encryption (GDE) 5.0.0.2 behaves differently or sends different responses under different circumstances in a way that is observable to an unauthorized actor, which could facilitate u ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:26 | 阅读:47 | 回复:0
  • CVE-2022-0443
    CVE-2022-0443
    Use After Free in GitHub repository vim/vim prior to 8.2.……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:26 | 阅读:66 | 回复:0
  • CVE-2022-0432
    CVE-2022-0432
    Prototype Pollution in GitHub repository mastodon/mastodon prior to 3.5.0.……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:26 | 阅读:146 | 回复:0

关注我们

极客给你想要的成长

关注极客中国获取最新资讯

热门推荐
专题导读
阅读排行榜

扫描微信二维码

查看手机版网站

随时了解更新最新资讯

139-2527-9053

在线客服(服务时间 9:00~18:00)

在线QQ客服
地址:深圳市南山区西丽大学城创智工业园
电邮:jeky_zhao#qq.com
移动电话:139-2527-9053

Powered by 互联科技 X3.4© 2001-2213 极客世界.|Sitemap