• 设为首页
  • 点击收藏
  • 手机版
    手机扫一扫访问
    迪恩网络手机版
  • 关注官方公众号
    微信扫一扫关注
    迪恩网络公众号

CVE漏洞

RSS
  • CVE-2021-44381
    CVE-2021-44381
    A denial of service vulnerability exists in the cgiserver.cgi JSON command parser functionality of reolink RLC-410W v3.0.0.136_20121102. A specially-crafted HTTP request can lead to a reboot. SetPower ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 07:52 | 阅读:36 | 回复:0
  • CVE-2021-44382
    CVE-2021-44382
    A denial of service vulnerability exists in the cgiserver.cgi JSON command parser functionality of reolink RLC-410W v3.0.0.136_20121102. A specially-crafted HTTP request can lead to a reboot.SetIrLigh ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 07:52 | 阅读:25 | 回复:0
  • CVE-2021-44383
    CVE-2021-44383
    A denial of service vulnerability exists in the cgiserver.cgi JSON command parser functionality of reolink RLC-410W v3.0.0.136_20121102. A specially-crafted HTTP request can lead to a reboot. SetAutoU ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 07:52 | 阅读:43 | 回复:0
  • CVE-2021-44384
    CVE-2021-44384
    A denial of service vulnerability exists in the cgiserver.cgi JSON command parser functionality of reolink RLC-410W v3.0.0.136_20121102. A specially-crafted HTTP request can lead to a reboot. SetPtzTa ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 07:52 | 阅读:111 | 回复:0
  • CVE-2021-34865
    CVE-2021-34865
    This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of multiple NETGEAR routers. Authentication is not required to exploit this vulnerability. The s ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 07:51 | 阅读:11 | 回复:0
  • CVE-2021-34866
    CVE-2021-34866
    This vulnerability allows local attackers to escalate privileges on affected installations of Linux Kernel 5.14-rc3. An attacker must first obtain the ability to execute low-privileged code on the tar ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 07:51 | 阅读:9 | 回复:0
  • CVE-2021-34867
    CVE-2021-34867
    This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop 16.1.3-49160. An attacker must first obtain the ability to execute high-privileged code ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 07:51 | 阅读:11 | 回复:0
  • CVE-2021-34868
    CVE-2021-34868
    This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop 16.1.3-49160. An attacker must first obtain the ability to execute low-privileged code o ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 07:51 | 阅读:10 | 回复:0
  • CVE-2021-34869
    CVE-2021-34869
    This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop 16.1.3-49160. An attacker must first obtain the ability to execute low-privileged code o ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 07:51 | 阅读:11 | 回复:0
  • CVE-2021-34870
    CVE-2021-34870
    This vulnerability allows network-adjacent attackers to disclose sensitive information on affected installations of NETGEAR XR1000 1.0.0.52_1.0.38 routers. Authentication is not required to exploit th ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 07:51 | 阅读:11 | 回复:0
  • CVE-2021-43863
    CVE-2021-43863
    The Nextcloud Android app is the Android client for Nextcloud, a self-hosted productivity platform. The Nextcloud Android app uses content providers to manage its data. Prior to version 3.18.1, the pr ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 07:51 | 阅读:12 | 回复:0
  • CVE-2021-46034
    CVE-2021-46034
    A problem was found in ForestBlog, as of 2021-12-29, there is a XSS vulnerability that can be injected through the nickname input box.……
    作者:菜鸟教程小白 | 时间:2022-6-23 07:51 | 阅读:10 | 回复:0
  • CVE-2021-46083
    CVE-2021-46083
    uscat, as of 2021-12-28, is vulnerable to Cross Site Scripting (XSS) via the input box of the statistical code.……
    作者:菜鸟教程小白 | 时间:2022-6-23 07:51 | 阅读:10 | 回复:0
  • CVE-2021-46084
    CVE-2021-46084
    uscat, as of 2021-12-28, is vulnerable to Cross Site Scripting (XSS) via close registration information input box.……
    作者:菜鸟教程小白 | 时间:2022-6-23 07:51 | 阅读:10 | 回复:0
  • CVE-2021-46085
    CVE-2021-46085
    OneBlog = 2.2.8 is vulnerable to Insecure Permissions. Low level administrators can delete high-level administrators beyond their authority.……
    作者:菜鸟教程小白 | 时间:2022-6-23 07:51 | 阅读:13 | 回复:0
  • CVE-2021-46086
    CVE-2021-46086
    xzs-mysql = t3.4.0 is vulnerable to Insecure Permissions. The front end of this open source system is an online examination system. There is an unsafe vulnerability in the functional method of submitt ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 07:51 | 阅读:14 | 回复:0
  • CVE-2021-46087
    CVE-2021-46087
    In jfinal_cms = 5.1 0, there is a storage XSS vulnerability in the background system of CMS. Because developers do not filter the parameters submitted by the user input form, any user with background ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 07:51 | 阅读:13 | 回复:0
  • CVE-2021-39031
    CVE-2021-39031
    IBM WebSphere Application Server - Liberty 17.0.0.3 through 22.0.0.1 could allow a remote authenticated attacker to conduct an LDAP injection. By using a specially crafted request, an attacker could e ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 07:51 | 阅读:15 | 回复:0
  • CVE-2022-0351
    CVE-2022-0351
    Access of Memory Location Before Start of Buffer in GitHub repository vim/vim prior to 8.2.……
    作者:菜鸟教程小白 | 时间:2022-6-23 07:51 | 阅读:16 | 回复:0
  • CVE-2021-38129
    CVE-2021-38129
    Escalation of privileges vulnerability in Micro Focus in Micro Focus Operations Agent, affecting versions 12.x up to and including 12.21. The vulnerability could be exploited by a non-privileged local ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 07:51 | 阅读:15 | 回复:0
  • CVE-2021-40158
    CVE-2021-40158
    A maliciously crafted JT file in Autodesk Inventor 2022, 2021, 2020, 2019 may be forced to read beyond allocated boundaries when parsing the JT file. This vulnerability can be exploited to execute arb ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 07:51 | 阅读:15 | 回复:0
  • CVE-2021-40159
    CVE-2021-40159
    An Information Disclosure vulnerability for JT files in Autodesk Inventor 2022, 2021, 2020, 2019 may lead to code execution through maliciously crafted JT files.……
    作者:菜鸟教程小白 | 时间:2022-6-23 07:51 | 阅读:15 | 回复:0
  • CVE-2021-40167
    CVE-2021-40167
    A malicious crafted dwf file when consumed through DesignReview.exe application could lead to memory corruption vulnerability by read access violation. This vulnerability in conjunction with other vul ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 07:51 | 阅读:15 | 回复:0
  • CVE-2021-40337
    CVE-2021-40337
    Cross-site Scripting (XSS) vulnerability in Hitachi Energy LinkOne allows an attacker that manages to exploit the vulnerability can take advantage to exploit multiple web attacks and stole sensitive i ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 07:51 | 阅读:14 | 回复:0
  • CVE-2021-41598
    CVE-2021-41598
    A UI misrepresentation vulnerability was identified in GitHub Enterprise Server that allowed more permissions to be granted during a GitHub App's user-authorization web flow than was displayed to ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 07:51 | 阅读:16 | 回复:0
  • CVE-2021-43298
    CVE-2021-43298
    The code that performs password matching when using 'Basic' HTTP authentication does not use a constant-time memcmp and has no rate-limiting. This means that an unauthenticated network attacke ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 07:51 | 阅读:18 | 回复:0
  • CVE-2021-45729
    CVE-2021-45729
    The Privilege Escalation vulnerability discovered in the WP Google Map WordPress plugin (versions = 1.8.0) allows authenticated low-role users to create, edit, and delete maps.……
    作者:菜鸟教程小白 | 时间:2022-6-23 07:51 | 阅读:18 | 回复:0
  • CVE-2021-4133
    CVE-2021-4133
    A flaw was found in Keycloak in versions from 12.0.0 and before 15.1.1 which allows an attacker with any existing user account to create new default user accounts via the administrative REST API even ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 07:51 | 阅读:18 | 回复:0
  • CVE-2021-4145
    CVE-2021-4145
    A NULL pointer dereference issue was found in the block mirror layer of QEMU in versions prior to 6.2.0. The `self` pointer is dereferenced in mirror_wait_on_conflicts() without ensuring that it's ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 07:51 | 阅读:20 | 回复:0
  • CVE-2022-0270
    CVE-2022-0270
    Prior to v0.6.1, bored-agent failed to sanitize incoming kubernetes impersonation headers allowing a user to override assigned user name and groups.……
    作者:菜鸟教程小白 | 时间:2022-6-23 07:51 | 阅读:24 | 回复:0
  • CVE-2022-0332
    CVE-2022-0332
    A flaw was found in Moodle in versions 3.11 to 3.11.4. An SQL injection risk was identified in the h5p activity web service responsible for fetching user attempt data.……
    作者:菜鸟教程小白 | 时间:2022-6-23 07:51 | 阅读:24 | 回复:0
  • CVE-2022-0333
    CVE-2022-0333
    A flaw was found in Moodle in versions 3.11 to 3.11.4, 3.10 to 3.10.8, 3.9 to 3.9.11 and earlier unsupported versions. The calendar:manageentries capability allowed managers to access or modify any ca ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 07:51 | 阅读:29 | 回复:0
  • CVE-2022-0334
    CVE-2022-0334
    A flaw was found in Moodle in versions 3.11 to 3.11.4, 3.10 to 3.10.8, 3.9 to 3.9.11 and earlier unsupported versions. Insufficient capability checks could lead to users accessing their grade report f ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 07:51 | 阅读:28 | 回复:0
  • CVE-2022-0335
    CVE-2022-0335
    A flaw was found in Moodle in versions 3.11 to 3.11.4, 3.10 to 3.10.8, 3.9 to 3.9.11 and earlier unsupported versions. The delete badge alignment functionality did not include the necessary token chec ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 07:51 | 阅读:28 | 回复:0
  • CVE-2022-22789
    CVE-2022-22789
    Charactell - FormStorm Enterprise Account takeover – An attacker can modify (add, remove and update) passwords file for all the users. The xx_users.ini file in the FormStorm folder contains usernames ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 07:51 | 阅读:30 | 回复:0
  • CVE-2022-23008
    CVE-2022-23008
    On NGINX Controller API Management versions 3.18.0-3.19.0, an authenticated attacker with access to the user or admin role can use undisclosed API endpoints on NGINX Controller API Management to injec ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 07:51 | 阅读:28 | 回复:0
  • CVE-2022-23009
    CVE-2022-23009
    On BIG-IQ Centralized Management 8.x before 8.1.0, an authenticated administrative role user on a BIG-IQ managed BIG-IP device can access other BIG-IP devices managed by the same BIG-IQ system. Note: ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 07:51 | 阅读:28 | 回复:0
  • CVE-2022-23010
    CVE-2022-23010
    On BIG-IP versions 16.x before 16.1.0, 15.1.x before 15.1.4.1, 14.1.x before 14.1.4.4, and all versions of 13.1.x, 12.1.x, and 11.6.x, when a FastL4 profile and an HTTP profile are configured on a vir ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 07:51 | 阅读:22 | 回复:0
  • CVE-2022-23011
    CVE-2022-23011
    On certain hardware BIG-IP platforms, in version 15.1.x before 15.1.4 and 14.1.x before 14.1.3, virtual servers may stop responding while processing TCP traffic due to an issue in the SYN Cookie Prote ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 07:51 | 阅读:25 | 回复:0
  • CVE-2022-23012
    CVE-2022-23012
    On BIG-IP versions 15.1.x before 15.1.4.1 and 14.1.x before 14.1.4.5, when the HTTP/2 profile is configured on a virtual server, undisclosed requests can cause the Traffic Management Microkernel (TMM) ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 07:51 | 阅读:22 | 回复:0

关注我们

极客给你想要的成长

关注极客中国获取最新资讯

热门推荐
专题导读
阅读排行榜

扫描微信二维码

查看手机版网站

随时了解更新最新资讯

139-2527-9053

在线客服(服务时间 9:00~18:00)

在线QQ客服
地址:深圳市南山区西丽大学城创智工业园
电邮:jeky_zhao#qq.com
移动电话:139-2527-9053

Powered by 互联科技 X3.4© 2001-2213 极客世界.|Sitemap