• 设为首页
  • 点击收藏
  • 手机版
    手机扫一扫访问
    迪恩网络手机版
  • 关注官方公众号
    微信扫一扫关注
    迪恩网络公众号
登陆 注册
描述文字
OGeek|极客世界-中国程序员成长平台 门户 漏洞CVE漏洞

CVE漏洞

RSS
  • CVE-2021-46164
    CVE-2021-46164
    Zoho ManageEngine Desktop Central before 10.0.662 allows remote code execution by an authenticated user who has complete access to the Reports module.……
    作者:菜鸟教程小白 | 时间:2022-6-22 22:00 | 阅读:104 | 回复:0
  • CVE-2021-46165
    CVE-2021-46165
    Zoho ManageEngine Desktop Central before 10.0.662, during startup, launches an executable file from the batch files, but this file's path might not be properly defined.……
    作者:菜鸟教程小白 | 时间:2022-6-22 22:00 | 阅读:92 | 回复:0
  • CVE-2021-46166
    CVE-2021-46166
    Zoho ManageEngine Desktop Central before 10.0.662 allows authenticated users to obtain sensitive information from the database by visiting the Reports page.……
    作者:菜鸟教程小白 | 时间:2022-6-22 22:00 | 阅读:70 | 回复:0
  • CVE-2022-0132
    CVE-2022-0132
    peertube is vulnerable to Server-Side Request Forgery (SSRF)……
    作者:菜鸟教程小白 | 时间:2022-6-22 22:00 | 阅读:55 | 回复:0
  • CVE-2022-0133
    CVE-2022-0133
    peertube is vulnerable to Improper Access Control……
    作者:菜鸟教程小白 | 时间:2022-6-22 22:00 | 阅读:58 | 回复:0
  • CVE-2022-21667
    CVE-2022-21667
    soketi is an open-source WebSockets server. There is an unhandled case when reading POST requests which results in the server crashing if it could not read the body of a request. In the event that a P ...……
    作者:菜鸟教程小白 | 时间:2022-6-22 22:00 | 阅读:43 | 回复:0
  • CVE-2022-21823
    CVE-2022-21823
    A insecure storage of sensitive information vulnerability exists in Ivanti Workspace Control 2021.2 (10.7.30.0) that could allow an attacker with locally authenticated low privileges to obtain key inf ...……
    作者:菜鸟教程小白 | 时间:2022-6-22 22:00 | 阅读:55 | 回复:0
  • CVE-2022-22263
    CVE-2022-22263
    Unprotected dynamic receiver in SecSettings prior to SMR Jan-2022 Release 1 allows untrusted applications to launch arbitrary activity.……
    作者:菜鸟教程小白 | 时间:2022-6-22 22:00 | 阅读:41 | 回复:0
  • CVE-2022-22264
    CVE-2022-22264
    Improper sanitization of incoming intent in Dressroom prior to SMR Jan-2022 Release 1 allows local attackers to read and write arbitrary files without permission.……
    作者:菜鸟教程小白 | 时间:2022-6-22 22:00 | 阅读:37 | 回复:0
  • CVE-2022-22265
    CVE-2022-22265
    An improper check or handling of exceptional conditions in NPU driver prior to SMR Jan-2022 Release 1 allows arbitrary memory write and code execution.……
    作者:菜鸟教程小白 | 时间:2022-6-22 22:00 | 阅读:56 | 回复:0
  • CVE-2022-22266
    CVE-2022-22266
    (Applicable to China models only) Unprotected WifiEvaluationService in TencentWifiSecurity application prior to SMR Jan-2022 Release 1 allows untrusted applications to get WiFi information without pro ...……
    作者:菜鸟教程小白 | 时间:2022-6-22 22:00 | 阅读:47 | 回复:0
  • CVE-2022-22267
    CVE-2022-22267
    Implicit Intent hijacking vulnerability in ActivityMetricsLogger prior to SMR Jan-2022 Release 1 allows attackers to get running application information.……
    作者:菜鸟教程小白 | 时间:2022-6-22 22:00 | 阅读:40 | 回复:0
  • CVE-2022-22268
    CVE-2022-22268
    Incorrect implementation of Knox Guard prior to SMR Jan-2022 Release 1 allows physically proximate attackers to temporary unlock the Knox Guard via Samsung DeX mode.……
    作者:菜鸟教程小白 | 时间:2022-6-22 22:00 | 阅读:47 | 回复:0
  • CVE-2022-22269
    CVE-2022-22269
    Keeping sensitive data in unprotected BluetoothSettingsProvider prior to SMR Jan-2022 Release 1 allows untrusted applications to get a local Bluetooth MAC address.……
    作者:菜鸟教程小白 | 时间:2022-6-22 22:00 | 阅读:43 | 回复:0
  • CVE-2022-22270
    CVE-2022-22270
    An implicit Intent hijacking vulnerability in Dialer prior to SMR Jan-2022 Release 1 allows unprivileged applications to access contact information.……
    作者:菜鸟教程小白 | 时间:2022-6-22 22:00 | 阅读:40 | 回复:0
  • CVE-2022-22271
    CVE-2022-22271
    A missing input validation before memory copy in TIMA trustlet prior to SMR Jan-2022 Release 1 allows attackers to copy data from arbitrary memory.……
    作者:菜鸟教程小白 | 时间:2022-6-22 22:00 | 阅读:35 | 回复:0
  • CVE-2022-22272
    CVE-2022-22272
    Improper authorization in TelephonyManager prior to SMR Jan-2022 Release 1 allows attackers to get IMSI without READ_PRIVILEGED_PHONE_STATE permission……
    作者:菜鸟教程小白 | 时间:2022-6-22 22:00 | 阅读:35 | 回复:0
  • CVE-2022-22283
    CVE-2022-22283
    Improper session management vulnerability in Samsung Health prior to 6.20.1.005 prevents logging out from Samsung Health App.……
    作者:菜鸟教程小白 | 时间:2022-6-22 22:00 | 阅读:42 | 回复:0
  • CVE-2022-22284
    CVE-2022-22284
    Improper authentication vulnerability in Samsung Internet prior to 16.0.2.19 allows attackers to bypass secret mode password authentication……
    作者:菜鸟教程小白 | 时间:2022-6-22 22:00 | 阅读:39 | 回复:0
  • CVE-2022-22285
    CVE-2022-22285
    A vulnerability using PendingIntent in Reminder prior to version 12.2.05.0 in Android R(11.0) and 12.3.02.1000 in Android S(12.0) allows attackers to execute privileged action by hijacking and modifyi ...……
    作者:菜鸟教程小白 | 时间:2022-6-22 22:00 | 阅读:36 | 回复:0
  • CVE-2022-22286
    CVE-2022-22286
    A vulnerability using PendingIntent in Bixby Routines prior to version 3.1.21.8 in Android R(11.0) and 2.6.30.5 in Android Q(10.0) allows attackers to execute privileged action by hijacking and modify ...……
    作者:菜鸟教程小白 | 时间:2022-6-22 22:00 | 阅读:45 | 回复:0
  • CVE-2022-22287
    CVE-2022-22287
    Abitrary file access vulnerability in Samsung Email prior to 6.1.60.16 allows attacker to read isolated data in sandbox.……
    作者:菜鸟教程小白 | 时间:2022-6-22 22:00 | 阅读:45 | 回复:0
  • CVE-2022-22288
    CVE-2022-22288
    Improper authorization vulnerability in Galaxy Store prior to 4.5.36.5 allows remote app installation of the allowlist.……
    作者:菜鸟教程小白 | 时间:2022-6-22 22:00 | 阅读:30 | 回复:0
  • CVE-2022-22289
    CVE-2022-22289
    Improper access control vulnerability in S Assistant prior to version 7.5 allows attacker to remotely get senstive information.……
    作者:菜鸟教程小白 | 时间:2022-6-22 22:00 | 阅读:42 | 回复:0
  • CVE-2022-22701
    CVE-2022-22701
    PartKeepr versions up to v1.4.0, loads attachments using a URL while creating a part and allows the use of the 'file://' URI scheme, allowing an authenticated user to read local files.……
    作者:菜鸟教程小白 | 时间:2022-6-22 22:00 | 阅读:29 | 回复:0
  • CVE-2022-22702
    CVE-2022-22702
    PartKeepr versions up to v1.4.0, in the functionality to upload attachments using a URL when creating a part does not validate that requests can be made to local ports, allowing an authenticated user ...……
    作者:菜鸟教程小白 | 时间:2022-6-22 22:00 | 阅读:29 | 回复:0
  • CVE-2022-22815
    CVE-2022-22815
    path_getbbox in path.c in Pillow before 9.0.0 improperly initializes ImagePath.Path.……
    作者:菜鸟教程小白 | 时间:2022-6-22 22:00 | 阅读:38 | 回复:0
  • CVE-2022-22816
    CVE-2022-22816
    path_getbbox in path.c in Pillow before 9.0.0 has a buffer over-read during initialization of ImagePath.Path.……
    作者:菜鸟教程小白 | 时间:2022-6-22 22:00 | 阅读:34 | 回复:0
  • CVE-2022-22817
    CVE-2022-22817
    PIL.ImageMath.eval in Pillow before 9.0.0 allows evaluation of arbitrary expressions, such as ones that use the Python exec method. A lambda expression could also be used,……
    作者:菜鸟教程小白 | 时间:2022-6-22 22:00 | 阅读:29 | 回复:0
  • CVE-2022-22821
    CVE-2022-22821
    NVIDIA NeMo before 1.6.0 contains a vulnerability in ASR WebApp, in which ../ Path Traversal may lead to deletion of any directory when admin privileges are available.……
    作者:菜鸟教程小白 | 时间:2022-6-22 22:00 | 阅读:22 | 回复:0
  • CVE-2022-22822
    CVE-2022-22822
    addBinding in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an integer overflow.……
    作者:菜鸟教程小白 | 时间:2022-6-22 22:00 | 阅读:51 | 回复:0
  • CVE-2022-22823
    CVE-2022-22823
    build_model in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an integer overflow.……
    作者:菜鸟教程小白 | 时间:2022-6-22 22:00 | 阅读:31 | 回复:0
  • CVE-2022-22824
    CVE-2022-22824
    defineAttribute in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an integer overflow.……
    作者:菜鸟教程小白 | 时间:2022-6-22 22:00 | 阅读:29 | 回复:0
  • CVE-2022-22825
    CVE-2022-22825
    lookup in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an integer overflow.……
    作者:菜鸟教程小白 | 时间:2022-6-22 22:00 | 阅读:23 | 回复:0
  • CVE-2022-22826
    CVE-2022-22826
    nextScaffoldPart in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an integer overflow.……
    作者:菜鸟教程小白 | 时间:2022-6-22 22:00 | 阅读:19 | 回复:0
  • CVE-2022-22827
    CVE-2022-22827
    storeAtts in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an integer overflow.……
    作者:菜鸟教程小白 | 时间:2022-6-22 22:00 | 阅读:17 | 回复:0
  • CVE-2022-22836
    CVE-2022-22836
    CoreFTP Server before 727 allows directory traversal (for file creation) by an authenticated attacker via ../ in an HTTP PUT request.……
    作者:菜鸟教程小白 | 时间:2022-6-22 22:00 | 阅读:19 | 回复:0
  • CVE-2022-22844
    CVE-2022-22844
    LibTIFF 4.3.0 has an out-of-bounds read in _TIFFmemcpy in tif_unix.c in certain situations involving a custom tag and 0x0200 as the second word of the DE field.……
    作者:菜鸟教程小白 | 时间:2022-6-22 22:00 | 阅读:30 | 回复:0
  • CVE-2022-22845
    CVE-2022-22845
    QXIP SIPCAPTURE homer-app before 1.4.28 for HOMER 7.x has the same 167f0db2-f83e-4baa-9736-d56064a5b415 JWT secret key across different customers' installations.……
    作者:菜鸟教程小白 | 时间:2022-6-22 22:00 | 阅读:26 | 回复:0
  • CVE-2022-22846
    CVE-2022-22846
    The dnslib package through 0.9.16 for Python does not verify that the ID value in a DNS reply matches an ID value in a query.……
    作者:菜鸟教程小白 | 时间:2022-6-22 22:00 | 阅读:26 | 回复:0

关注我们

极客给你想要的成长

关注极客中国获取最新资讯

加入Q群 官方微博
热门推荐
More+
专题导读
More+
热门话题
More+
阅读排行榜

扫描微信二维码

查看手机版网站

随时了解更新最新资讯

139-2527-9053

在线客服(服务时间 9:00~18:00)

在线QQ客服
地址:深圳市南山区西丽大学城创智工业园
电邮:jeky_zhao#qq.com
移动电话:139-2527-9053

Powered by 互联科技 X3.4© 2001-2213 极客世界.|Sitemap