• 设为首页
  • 点击收藏
  • 手机版
    手机扫一扫访问
    迪恩网络手机版
  • 关注官方公众号
    微信扫一扫关注
    迪恩网络公众号

CVE漏洞

RSS
  • CVE-2021-45342
    CVE-2021-45342
    A buffer overflow vulnerability in CDataList of the jwwlib component of LibreCAD 2.2.0-rc3 and older allows an attacker to achieve Remote Code Execution using a crafted JWW document.……
    作者:菜鸟教程小白 | 时间:2022-6-23 07:48 | 阅读:18 | 回复:0
  • CVE-2021-45343
    CVE-2021-45343
    In LibreCAD 2.2.0, a NULL pointer dereference in the HATCH handling of libdxfrw allows an attacker to crash the application using a crafted DXF document.……
    作者:菜鸟教程小白 | 时间:2022-6-23 07:48 | 阅读:13 | 回复:0
  • CVE-2021-45802
    CVE-2021-45802
    MartDevelopers iResturant 1.0 is vulnerable to SQL Injection. SQL Injection occurs because the email and phone parameter values are added to the SQL query without any verification at the time of membe ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 07:48 | 阅读:14 | 回复:0
  • CVE-2021-45803
    CVE-2021-45803
    MartDevelopers iResturant 1.0 is vulnerable to SQL Injection. SQL Injection occurs because this view parameter value is added to the SQL query without additional verification when viewing reservation.……
    作者:菜鸟教程小白 | 时间:2022-6-23 07:48 | 阅读:15 | 回复:0
  • CVE-2021-45844
    CVE-2021-45844
    Improper sanitization in the invocation of ODA File Converter from FreeCAD 0.19 allows an attacker to inject OS commands via a crafted filename.……
    作者:菜鸟教程小白 | 时间:2022-6-23 07:48 | 阅读:13 | 回复:0
  • CVE-2021-45845
    CVE-2021-45845
    The Path Sanity Check script of FreeCAD 0.19 is vulnerable to OS command injection, allowing an attacker to execute arbitrary commands via a crafted FCStd document.……
    作者:菜鸟教程小白 | 时间:2022-6-23 07:48 | 阅读:12 | 回复:0
  • CVE-2021-46113
    CVE-2021-46113
    In MartDevelopers KEA-Hotel-ERP open source as of 12-31-2021, a remote code execution vulnerability can be exploited by uploading PHP files using the file upload vulnerability in this service.……
    作者:菜鸟教程小白 | 时间:2022-6-23 07:48 | 阅读:13 | 回复:0
  • CVE-2022-23223
    CVE-2022-23223
    The HTTP response will disclose the user password. This issue affected Apache ShenYu 2.4.0 and 2.4.1.……
    作者:菜鸟教程小白 | 时间:2022-6-23 07:48 | 阅读:11 | 回复:0
  • CVE-2022-23944
    CVE-2022-23944
    User can access /plugin api without authentication. This issue affected Apache ShenYu 2.4.0 and 2.4.1.……
    作者:菜鸟教程小白 | 时间:2022-6-23 07:48 | 阅读:9 | 回复:0
  • CVE-2022-23945
    CVE-2022-23945
    Missing authentication on ShenYu Admin when register by HTTP. This issue affected Apache ShenYu 2.4.0 and 2.4.1.……
    作者:菜鸟教程小白 | 时间:2022-6-23 07:48 | 阅读:8 | 回复:0
  • CVE-2021-45846
    CVE-2021-45846
    A flaw in the AMF parser of Slic3r libslic3r 1.3.0 allows an attacker to cause an application crash using a crafted AMF document, where a metadata tag lacks a type attribute.……
    作者:菜鸟教程小白 | 时间:2022-6-23 07:48 | 阅读:8 | 回复:0
  • CVE-2021-45847
    CVE-2021-45847
    Several missing input validations in the 3MF parser component of Slic3r libslic3r 1.3.0 can each allow an attacker to cause an application crash using a crafted 3MF input file.……
    作者:菜鸟教程小白 | 时间:2022-6-23 07:48 | 阅读:6 | 回复:0
  • CVE-2022-21697
    CVE-2022-21697
    Jupyter Server Proxy is a Jupyter notebook server extension to proxy web services. Versions of Jupyter Server Proxy prior to 3.2.1 are vulnerable to Server-Side Request Forgery (SSRF). Any user deploy ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 07:48 | 阅读:8 | 回复:0
  • CVE-2022-23033
    CVE-2022-23033
    arm: guest_physmap_remove_page not removing the p2m mappings The functions to remove one or more entries from a guest p2m pagetable on Arm (p2m_remove_mapping, guest_physmap_remove_page, and p2m_set_e ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 07:48 | 阅读:8 | 回复:0
  • CVE-2022-23034
    CVE-2022-23034
    A PV guest could DoS Xen while unmapping a grant To address XSA-380, reference counting was introduced for grant mappings for the case where a PV guest would have the IOMMU enabled. PV guests can requ ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 07:48 | 阅读:7 | 回复:0
  • CVE-2022-23035
    CVE-2022-23035
    Insufficient cleanup of passed-through device IRQs The management of IRQs associated with physical devices exposed to x86 HVM guests involves an iterative operation in particular when cleaning up afte ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 07:48 | 阅读:8 | 回复:0
  • CVE-2021-3850
    CVE-2021-3850
    Authentication Bypass by Primary Weakness in GitHub repository adodb/adodb prior to 5.20.21.……
    作者:菜鸟教程小白 | 时间:2022-6-23 07:48 | 阅读:9 | 回复:0
  • CVE-2021-46033
    CVE-2021-46033
    In ForestBlog, as of 2021-12-28, File upload can bypass verification.……
    作者:菜鸟教程小白 | 时间:2022-6-23 07:48 | 阅读:10 | 回复:0
  • CVE-2021-46089
    CVE-2021-46089
    In JeecgBoot 3.0, there is a SQL injection vulnerability that can operate the database with root privileges.……
    作者:菜鸟教程小白 | 时间:2022-6-23 07:48 | 阅读:10 | 回复:0
  • CVE-2022-21711
    CVE-2022-21711
    elfspirit is an ELF static analysis and injection framework that parses, manipulates, and camouflages ELF files. When analyzing the ELF file format in versions prior to 1.1, there is an out-of-bounds ...……
    作者:菜鸟教程小白 | 时间:2022-6-22 22:10 | 阅读:23 | 回复:0
  • CVE-2022-21715
    CVE-2022-21715
    CodeIgniter4 is the 4.x branch of CodeIgniter, a PHP full-stack web framework. A cross-site scripting (XSS) vulnerability was found in `API\ResponseTrait` in Codeigniter4 prior to version 4.1.8. Attac ...……
    作者:菜鸟教程小白 | 时间:2022-6-22 22:10 | 阅读:45 | 回复:0
  • CVE-2022-22554
    CVE-2022-22554
    Dell EMC System Update, version 1.9.2 and prior, contain an Unprotected Storage of Credentials vulnerability. A local attacker with user privleges could potentially exploit this vulnerability leading ...……
    作者:菜鸟教程小白 | 时间:2022-6-22 22:10 | 阅读:29 | 回复:0
  • CVE-2022-0177
    CVE-2022-0177
    ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. Reason: This CVE has been rejected as it was incorrectly assigned. All references and descriptions in this candidate have been removed to prevent acciden ...……
    作者:菜鸟教程小白 | 时间:2022-6-22 22:10 | 阅读:36 | 回复:0
  • CVE-2022-22928
    CVE-2022-22928
    MCMS v5.2.4 was discovered to have a hardcoded shiro-key, allowing attackers to exploit the key and execute arbitrary code.……
    作者:菜鸟教程小白 | 时间:2022-6-22 22:09 | 阅读:19 | 回复:0
  • CVE-2022-22930
    CVE-2022-22930
    A remote code execution (RCE) vulnerability in the Template Management function of MCMS v5.2.4 allows attackers to execute arbitrary code via a crafted payload.……
    作者:菜鸟教程小白 | 时间:2022-6-22 22:09 | 阅读:15 | 回复:0
  • CVE-2022-23314
    CVE-2022-23314
    MCMS v5.2.4 was discovered to contain a SQL injection vulnerability via /ms/mdiy/model/importJson.do.……
    作者:菜鸟教程小白 | 时间:2022-6-22 22:09 | 阅读:13 | 回复:0
  • CVE-2022-23315
    CVE-2022-23315
    MCMS v5.2.4 was discovered to contain an arbitrary file upload vulnerability via the component /ms/template/writeFileContent.do.……
    作者:菜鸟教程小白 | 时间:2022-6-22 22:09 | 阅读:10 | 回复:0
  • CVE-2022-0326
    CVE-2022-0326
    NULL Pointer Dereference in Homebrew mruby prior to 3.2.……
    作者:菜鸟教程小白 | 时间:2022-6-22 22:09 | 阅读:14 | 回复:0
  • CVE-2022-21933
    CVE-2022-21933
    ASUS VivoMini/Mini PC device has an improper input validation vulnerability. A local attacker with system privilege can use system management interrupt (SMI) to modify memory, resulting in arbitrary c ...……
    作者:菜鸟教程小白 | 时间:2022-6-22 22:09 | 阅读:17 | 回复:0
  • CVE-2022-0329
    CVE-2022-0329
    ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. Reason: This CVE has been rejected as it was incorrectly assigned. All references and descriptions in this candidate have been removed to prevent acciden ...……
    作者:菜鸟教程小白 | 时间:2022-6-22 22:09 | 阅读:10 | 回复:0
  • CVE-2022-0318
    CVE-2022-0318
    Heap-based Buffer Overflow in vim/vim prior to 8.2.……
    作者:菜鸟教程小白 | 时间:2022-6-22 22:09 | 阅读:12 | 回复:0
  • CVE-2020-19858
    CVE-2020-19858
    Platinum Upnp SDK through 1.2.0 has a directory traversal vulnerability. The attack could remote attack victim by sending http://ip:port/../privacy.avi URL to compromise a victim's privacy.……
    作者:菜鸟教程小白 | 时间:2022-6-22 22:09 | 阅读:15 | 回复:0
  • CVE-2020-19860
    CVE-2020-19860
    When ldns version 1.7.1 verifies a zone file, the ldns_rr_new_frm_str_internal function has a heap out of bounds read vulnerability. An attacker can leak information on the heap by constructing a zone ...……
    作者:菜鸟教程小白 | 时间:2022-6-22 22:09 | 阅读:7 | 回复:0
  • CVE-2022-0319
    CVE-2022-0319
    Out-of-bounds Read in vim/vim prior to 8.2.……
    作者:菜鸟教程小白 | 时间:2022-6-22 22:09 | 阅读:19 | 回复:0
  • CVE-2020-19861
    CVE-2020-19861
    When a zone file in ldns 1.7.1 is parsed, the function ldns_nsec3_salt_data is too trusted for the length value obtained from the zone file. When the memcpy is copied, the 0xfe - ldns_rdf_size(salt_rd ...……
    作者:菜鸟教程小白 | 时间:2022-6-22 22:09 | 阅读:15 | 回复:0
  • CVE-2021-35003
    CVE-2021-35003
    This vulnerability allows remote attackers to execute arbitrary code on affected installations of TP-Link Archer C90 1.0.6 Build 20200114 rel.73164(5553) routers. Authentication is not required to exp ...……
    作者:菜鸟教程小白 | 时间:2022-6-22 22:09 | 阅读:12 | 回复:0
  • CVE-2021-35004
    CVE-2021-35004
    This vulnerability allows remote attackers to execute arbitrary code on affected installations of TP-Link TL-WA1201 1.0.1 Build 20200709 rel.66244(5553) wireless access points. Authentication is not r ...……
    作者:菜鸟教程小白 | 时间:2022-6-22 22:09 | 阅读:14 | 回复:0
  • CVE-2021-40855
    CVE-2021-40855
    The EU Technical Specifications for Digital COVID Certificates before 1.1 mishandle certificate governance. A non-production public key certificate could have been used in production.……
    作者:菜鸟教程小白 | 时间:2022-6-22 22:09 | 阅读:15 | 回复:0
  • CVE-2021-46198
    CVE-2021-46198
    An SQL Injection vulnerability exists in Sourceodester Courier Management System 1.0 via the email parameter in /cms/ajax.php app.……
    作者:菜鸟教程小白 | 时间:2022-6-22 22:09 | 阅读:14 | 回复:0
  • CVE-2021-46200
    CVE-2021-46200
    An SQL Injection vulnerability exists in Sourcecodester Simple Music Clour Community System 1.0 via the email parameter in /music/ajax.php.……
    作者:菜鸟教程小白 | 时间:2022-6-22 22:09 | 阅读:20 | 回复:0

关注我们

极客给你想要的成长

关注极客中国获取最新资讯

热门推荐
专题导读
阅读排行榜

扫描微信二维码

查看手机版网站

随时了解更新最新资讯

139-2527-9053

在线客服(服务时间 9:00~18:00)

在线QQ客服
地址:深圳市南山区西丽大学城创智工业园
电邮:jeky_zhao#qq.com
移动电话:139-2527-9053

Powered by 互联科技 X3.4© 2001-2213 极客世界.|Sitemap