• 设为首页
  • 点击收藏
  • 手机版
    手机扫一扫访问
    迪恩网络手机版
  • 关注官方公众号
    微信扫一扫关注
    迪恩网络公众号

CVE漏洞

RSS
  • CVE-2021-46025
    CVE-2021-46025
    A Cross SIte Scripting (XSS) vulnerability exists in OneBlog = 2.2.8. via the add function in the operation tab list in the background.……
    作者:菜鸟教程小白 | 时间:2022-6-22 22:08 | 阅读:43 | 回复:0
  • CVE-2021-46027
    CVE-2021-46027
    mysiteforme, as of 19-12-2022, has a CSRF vulnerability in the background blog management. The attacker constructs a CSRF load. Once the administrator clicks a malicious link, a blog tag will be added……
    作者:菜鸟教程小白 | 时间:2022-6-22 22:08 | 阅读:49 | 回复:0
  • CVE-2021-4143
    CVE-2021-4143
    Cross-site Scripting (XSS) - Generic in GitHub repository bigbluebutton/bigbluebutton prior to 2.4.0.……
    作者:菜鸟教程小白 | 时间:2022-6-22 22:08 | 阅读:58 | 回复:0
  • CVE-2022-21704
    CVE-2022-21704
    log4js-node is a port of log4js to node.js. In affected versions default file permissions for log files created by the file, fileSync and dateFile appenders are world-readable (in unix). This could ca ...……
    作者:菜鸟教程小白 | 时间:2022-6-22 22:08 | 阅读:48 | 回复:0
  • CVE-2021-46026
    CVE-2021-46026
    mysiteforme, as of 19-12-2022, is vulnerable to Cross Site Scripting (XSS) via the add blog tag function in the blog tag in the background blog management.……
    作者:菜鸟教程小白 | 时间:2022-6-22 22:08 | 阅读:43 | 回复:0
  • CVE-2021-46028
    CVE-2021-46028
    In mblog = 3.5.0 there is a CSRF vulnerability in the background article management. The attacker constructs a CSRF load. Once the administrator clicks a malicious link, the article will be deleted.……
    作者:菜鸟教程小白 | 时间:2022-6-22 22:08 | 阅读:82 | 回复:0
  • CVE-2021-43269
    CVE-2021-43269
    In Code42 app before 8.8.0, eval injection allows an attacker to change a device’s proxy configuration to use a malicious proxy auto-config (PAC) file, leading to arbitrary code execution. This affec ...……
    作者:菜鸟教程小白 | 时间:2022-6-22 22:08 | 阅读:50 | 回复:0
  • CVE-2022-0277
    CVE-2022-0277
    Improper Access Control in Packagist microweber/microweber prior to 1.2.11.……
    作者:菜鸟教程小白 | 时间:2022-6-22 22:08 | 阅读:51 | 回复:0
  • CVE-2022-0278
    CVE-2022-0278
    Cross-site Scripting (XSS) - Stored in Packagist microweber/microweber prior to 1.2.11.……
    作者:菜鸟教程小白 | 时间:2022-6-22 22:08 | 阅读:70 | 回复:0
  • CVE-2021-3866
    CVE-2021-3866
    Cross-site Scripting (XSS) - Stored in GitHub repository zulip/zulip more than and including 44f935695d452cc3fb16845a0c6af710438b153d and prior to 3eb2791c3e9695f7d37ffe84e0c2184fae665cb6.……
    作者:菜鸟教程小白 | 时间:2022-6-22 22:08 | 阅读:77 | 回复:0
  • CVE-2021-45230
    CVE-2021-45230
    In Apache Airflow prior to 2.2.0. This CVE applies to a specific case where a User who has can_create permissions on DAG Runs can create Dag Runs for dags that they don't have edit permissions for ...……
    作者:菜鸟教程小白 | 时间:2022-6-22 22:08 | 阅读:109 | 回复:0
  • CVE-2022-0281
    CVE-2022-0281
    Exposure of Sensitive Information to an Unauthorized Actor in Packagist microweber/microweber prior to 1.2.11.……
    作者:菜鸟教程小白 | 时间:2022-6-22 22:08 | 阅读:135 | 回复:0
  • CVE-2022-22733
    CVE-2022-22733
    Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Apache ShardingSphere ElasticJob-UI allows an attacker who has guest account to do privilege escalation. This issue affects ...……
    作者:菜鸟教程小白 | 时间:2022-6-22 22:08 | 阅读:110 | 回复:0
  • CVE-2021-34600
    CVE-2021-34600
    Telenot CompasX versions prior to 32.0 use a weak seed for random number generation leading to predictable AES keys used in the NFC tags used for local authorization of users. This may lead to total l ...……
    作者:菜鸟教程小白 | 时间:2022-6-22 22:08 | 阅读:76 | 回复:0
  • CVE-2022-0282
    CVE-2022-0282
    Code Injection in Packagist microweber/microweber prior to 1.2.11.……
    作者:菜鸟教程小白 | 时间:2022-6-22 22:08 | 阅读:38 | 回复:0
  • CVE-2022-22820
    CVE-2022-22820
    Due to the lack of media file checks before rendering, it was possible for an attacker to cause abnormal CPU consumption for message recipient by sending specially crafted gif image in LINE for Window ...……
    作者:菜鸟教程小白 | 时间:2022-6-22 22:08 | 阅读:47 | 回复:0
  • CVE-2021-32039
    CVE-2021-32039
    Users with appropriate file access may be able to access unencrypted user credentials saved by MongoDB Extension for VS Code in a binary file. These credentials may be used by malicious attackers to p ...……
    作者:菜鸟教程小白 | 时间:2022-6-22 22:08 | 阅读:44 | 回复:0
  • CVE-2022-0285
    CVE-2022-0285
    Cross-site Scripting (XSS) - Stored in Packagist pimcore/pimcore prior to 10.2.9.……
    作者:菜鸟教程小白 | 时间:2022-6-22 22:08 | 阅读:30 | 回复:0
  • CVE-2021-44738
    CVE-2021-44738
    Buffer overflow vulnerability has been identified in Lexmark devices through 2021-12-07 in postscript interpreter.……
    作者:菜鸟教程小白 | 时间:2022-6-22 22:08 | 阅读:28 | 回复:0
  • CVE-2021-44734
    CVE-2021-44734
    Embedded web server input sanitization vulnerability in Lexmark devices through 2021-12-07, which can which can lead to remote code execution on the device.……
    作者:菜鸟教程小白 | 时间:2022-6-22 22:08 | 阅读:32 | 回复:0
  • CVE-2021-44735
    CVE-2021-44735
    Embedded web server command injection vulnerability in Lexmark devices through 2021-12-07.……
    作者:菜鸟教程小白 | 时间:2022-6-22 22:08 | 阅读:30 | 回复:0
  • CVE-2021-44736
    CVE-2021-44736
    The initial admin account setup wizard on Lexmark devices allow unauthenticated access to the “out of service erase” feature.……
    作者:菜鸟教程小白 | 时间:2022-6-22 22:08 | 阅读:22 | 回复:0
  • CVE-2021-44737
    CVE-2021-44737
    PJL directory traversal vulnerability in Lexmark devices through 2021-12-07 that can be leveraged to overwrite internal configuration files.……
    作者:菜鸟教程小白 | 时间:2022-6-22 22:08 | 阅读:18 | 回复:0
  • CVE-2021-44829
    CVE-2021-44829
    Cross Site Scripting (XSS) vulnerability exists in index.html in AFI WebACMS through 2.1.0 via the the ID parameter.……
    作者:菜鸟教程小白 | 时间:2022-6-22 22:08 | 阅读:19 | 回复:0
  • CVE-2022-0219
    CVE-2022-0219
    Improper Restriction of XML External Entity Reference in GitHub repository skylot/jadx prior to 1.3.2.……
    作者:菜鸟教程小白 | 时间:2022-6-22 22:08 | 阅读:14 | 回复:0
  • CVE-2021-44091
    CVE-2021-44091
    A Cross-Site Scripting (XSS) vulnerability exists in Courcecodester Multi Restaurant Table Reservation System 1.0 in register.php via the (1) fullname, (2) phone, and (3) address parameters.……
    作者:菜鸟教程小白 | 时间:2022-6-22 22:08 | 阅读:14 | 回复:0
  • CVE-2021-45417
    CVE-2021-45417
    AIDE before 0.17.4 allows local users to obtain root privileges via crafted file metadata (such as XFS extended attributes or tmpfs ACLs), because of a heap-based buffer overflow.……
    作者:菜鸟教程小白 | 时间:2022-6-22 22:08 | 阅读:15 | 回复:0
  • CVE-2022-21658
    CVE-2022-21658
    Rust is a multi-paradigm, general-purpose programming language designed for performance and safety, especially safe concurrency. The Rust Security Response WG was notified that the `std::fs::remove_di ...……
    作者:菜鸟教程小白 | 时间:2022-6-22 22:08 | 阅读:14 | 回复:0
  • CVE-2021-44090
    CVE-2021-44090
    An SQL Injection vulnerability exists in Sourcecodester Online Reviewer System 1.0 via the password parameter.……
    作者:菜鸟教程小白 | 时间:2022-6-22 22:08 | 阅读:13 | 回复:0
  • CVE-2021-44092
    CVE-2021-44092
    An SQL Injection vulnerability exists in code-projects Pharmacy Management 1.0 via the username parameter in the administer login form.……
    作者:菜鸟教程小白 | 时间:2022-6-22 22:08 | 阅读:14 | 回复:0
  • CVE-2021-44244
    CVE-2021-44244
    An SQL Injection vulnerabiity exists in Sourcecodester Logistic Hub Parcel's Management System 1.0 via the username parameter in login.php.……
    作者:菜鸟教程小白 | 时间:2022-6-22 22:08 | 阅读:14 | 回复:0
  • CVE-2021-44245
    CVE-2021-44245
    An SQL Injection vulnerability exists in Courcecodester COVID 19 Testing Management System (CTMS) 1.0 via the (1) username and (2) contactno parameters.……
    作者:菜鸟教程小白 | 时间:2022-6-22 22:08 | 阅读:14 | 回复:0
  • CVE-2022-23119
    CVE-2022-23119
    A directory traversal vulnerability in Trend Micro Deep Security and Cloud One - Workload Security Agent for Linux version 20 and below could allow an attacker to read arbitrary files from the file sy ...……
    作者:菜鸟教程小白 | 时间:2022-6-22 22:08 | 阅读:13 | 回复:0
  • CVE-2022-23120
    CVE-2022-23120
    A code injection vulnerability in Trend Micro Deep Security and Cloud One - Workload Security Agent for Linux version 20 and below could allow an attacker to escalate privileges and run arbitrary code ...……
    作者:菜鸟教程小白 | 时间:2022-6-22 22:08 | 阅读:14 | 回复:0
  • CVE-2021-29785
    CVE-2021-29785
    IBM Security SOAR V42 and V43could allow a remote attacker to obtain sensitive information, caused by the failure to properly enable HTTP Strict Transport Security. An attacker could exploit this vuln ...……
    作者:菜鸟教程小白 | 时间:2022-6-22 22:08 | 阅读:13 | 回复:0
  • CVE-2021-46061
    CVE-2021-46061
    An SQL Injection vulnerability exists in Sourcecodester Computer and Mobile Repair Shop Management system (RSMS) 1.0 via the code parameter in /rsms/ node app.……
    作者:菜鸟教程小白 | 时间:2022-6-22 22:08 | 阅读:14 | 回复:0
  • CVE-2020-23315
    CVE-2020-23315
    There is an ASSERTION (pFuncBody-GetYieldRegister() == oldYieldRegister) failed in Js::DebugContext::RundownSourcesAndReparse in ChakraCore version 1.12.0.0-beta.……
    作者:菜鸟教程小白 | 时间:2022-6-22 22:08 | 阅读:13 | 回复:0
  • CVE-2021-46322
    CVE-2021-46322
    Duktape v2.99.99 was discovered to contain a SEGV vulnerability via the component duk_push_tval in duktape/duk_api_stack.c.……
    作者:菜鸟教程小白 | 时间:2022-6-22 22:08 | 阅读:14 | 回复:0
  • CVE-2021-46323
    CVE-2021-46323
    Espruino 2v11.251 was discovered to contain a SEGV vulnerability via src/jsinteractive.c in jsiGetDeviceFromClass.……
    作者:菜鸟教程小白 | 时间:2022-6-22 22:08 | 阅读:14 | 回复:0
  • CVE-2021-46324
    CVE-2021-46324
    Espruino 2v11.251 was discovered to contain a stack buffer overflow via src/jsvar.c in jsvNewFromString.……
    作者:菜鸟教程小白 | 时间:2022-6-22 22:08 | 阅读:14 | 回复:0

关注我们

极客给你想要的成长

关注极客中国获取最新资讯

热门推荐
专题导读
阅读排行榜

扫描微信二维码

查看手机版网站

随时了解更新最新资讯

139-2527-9053

在线客服(服务时间 9:00~18:00)

在线QQ客服
地址:深圳市南山区西丽大学城创智工业园
电邮:jeky_zhao#qq.com
移动电话:139-2527-9053

Powered by 互联科技 X3.4© 2001-2213 极客世界.|Sitemap