CVE漏洞

OGeek|极客世界-中国程序员成长平台 › 门户 › 漏洞›CVE漏洞

RSS

CVE-2022-22919

Adenza AxiomSL ControllerView through 10.8.1 allows redirection for SSO login URLs.……

作者：菜鸟教程小白 | 时间：2022-2-5 13:10 | 阅读：93 | 回复：0
CVE-2022-0273

Improper Access Control in Pypi calibreweb prior to 0.6.16.……

作者：菜鸟教程小白 | 时间：2022-2-5 13:10 | 阅读：94 | 回复：0
CVE-2022-0339

Server-Side Request Forgery (SSRF) in Pypi calibreweb prior to 0.6.16.……

作者：菜鸟教程小白 | 时间：2022-2-5 13:10 | 阅读：111 | 回复：0
CVE-2022-0407

Heap-based Buffer Overflow in Conda vim prior to 8.2.……

作者：菜鸟教程小白 | 时间：2022-2-5 13:10 | 阅读：103 | 回复：0
CVE-2022-0408

Stack-based Buffer Overflow in GitHub repository vim/vim prior to 8.2.……

作者：菜鸟教程小白 | 时间：2022-2-5 13:10 | 阅读：110 | 回复：0
CVE-2022-0413

Use After Free in GitHub repository vim/vim prior to 8.2.……

作者：菜鸟教程小白 | 时间：2022-2-5 13:10 | 阅读：114 | 回复：0
CVE-2022-24130

xterm through Patch 370, when Sixel support is enabled, allows attackers to trigger a buffer overflow in set_sixel in graphics_sixel.c via crafted text.……

作者：菜鸟教程小白 | 时间：2022-2-5 13:10 | 阅读：95 | 回复：0
CVE-2021-27971

Alps Alpine Touchpad Driver 10.3201.101.215 is vulnerable to DLL Injection.……

作者：菜鸟教程小白 | 时间：2022-2-5 13:10 | 阅读：109 | 回复：0
CVE-2021-34805

An issue was discovered in FAUST iServer before 9.0.019.019.7. For each URL request, it accesses the corresponding .fau file on the operating system without preventing %2e%2e%5c directory traversal.……

作者：菜鸟教程小白 | 时间：2022-2-5 13:10 | 阅读：118 | 回复：0
CVE-2021-45079

In strongSwan before 5.9.5, a malicious responder can send an EAP-Success message too early without actually authenticating the client and (in the case of EAP methods with mutual authentication and EA ...……

作者：菜鸟教程小白 | 时间：2022-2-5 13:10 | 阅读：114 | 回复：0
CVE-2022-23409

The Logs plugin before 3.0.4 for Craft CMS allows remote attackers to read arbitrary files via input to actionStream in Controller.php.……

作者：菜鸟教程小白 | 时间：2022-2-5 13:10 | 阅读：119 | 回复：0
CVE-2021-23520

The package juce-framework/juce before 6.1.5 are vulnerable to Arbitrary File Write via Archive Extraction (Zip Slip) via the ZipFile::uncompressEntry function in juce_ZipFile.cpp. This vulnerability ...……

作者：菜鸟教程小白 | 时间：2022-2-5 13:10 | 阅读：137 | 回复：0
CVE-2021-23521

This affects the package juce-framework/JUCE before 6.1.5. This vulnerability is triggered when a malicious archive is crafted with an entry containing a symbolic link. When extracted, the symbolic li ...……

作者：菜鸟教程小白 | 时间：2022-2-5 13:10 | 阅读：98 | 回复：0
CVE-2022-0414

Business Logic Errors in Packagist dolibarr/dolibarr prior to 16.0.……

作者：菜鸟教程小白 | 时间：2022-2-5 13:10 | 阅读：102 | 回复：0
CVE-2021-44255

Authenticated remote code execution in MotionEye = 0.42.1 and MotioneEyeOS = 20200606 allows a remote attacker to upload a configuration backup file containing a malicious python pickle file which wil ...……

作者：菜鸟教程小白 | 时间：2022-2-5 13:10 | 阅读：136 | 回复：0
CVE-2020-36056

Beetel 777VR1-DI Hardware Version REV.1.01 Firmware Version V01.00.09_55 was discovered to contain a cross-site scripting (XSS) vulnerability via the Ping diagnostic option.……

作者：菜鸟教程小白 | 时间：2022-2-5 13:10 | 阅读：113 | 回复：0
CVE-2020-36064

Online Course Registration v1.0 was discovered to contain hardcoded credentials in the source code which allows attackers access to the control panel if compromised.……

作者：菜鸟教程小白 | 时间：2022-2-5 13:10 | 阅读：116 | 回复：0
CVE-2021-46101

In Git for windows through 2.34.1 when using git pull to update the local warehouse, git.cmd can be run directly.……

作者：菜鸟教程小白 | 时间：2022-2-5 13:10 | 阅读：115 | 回复：0
CVE-2021-28962

Stormshield Network Security (SNS) before 4.2.2 allows a read-only administrator to gain privileges via CLI commands.……

作者：菜鸟教程小白 | 时间：2022-2-5 13:10 | 阅读：113 | 回复：0
CVE-2021-31617

In ASQ in Stormshield Network Security (SNS) 1.0.0 through 2.7.8, 2.8.0 through 2.16.0, 3.0.0 through 3.7.20, 3.8.0 through 3.11.8, and 4.0.1 through 4.2.2, mishandling of memory management can lead t ...……

作者：菜鸟教程小白 | 时间：2022-2-5 13:10 | 阅读：112 | 回复：0
CVE-2021-40033

There is an information exposure vulnerability on several Huawei Products. The vulnerability is due to that the software does not properly protect certain information. Successful exploit could cause i ...……

作者：菜鸟教程小白 | 时间：2022-2-5 13:10 | 阅读：137 | 回复：0
CVE-2021-46492

Jsish v3.5.0 was discovered to contain a SEGV vulnerability via Jsi_FunctionInvoke at src/jsiFunc.c. This vulnerability can lead to a Denial of Service (DoS).……

作者：菜鸟教程小白 | 时间：2022-2-5 13:09 | 阅读：86 | 回复：0
CVE-2021-46494

Jsish v3.5.0 was discovered to contain a heap-use-after-free via jsi_ValueLookupBase in src/jsiValue.c. This vulnerability can lead to a Denial of Service (DoS).……

作者：菜鸟教程小白 | 时间：2022-2-5 13:09 | 阅读：75 | 回复：0
CVE-2021-46495

Jsish v3.5.0 was discovered to contain a heap-use-after-free via DeleteTreeValue in src/jsiObj.c. This vulnerability can lead to a Denial of Service (DoS).……

作者：菜鸟教程小白 | 时间：2022-2-5 13:09 | 阅读：87 | 回复：0
CVE-2021-46496

Jsish v3.5.0 was discovered to contain a heap-use-after-free via Jsi_ObjFree in src/jsiObj.c. This vulnerability can lead to a Denial of Service (DoS).……

作者：菜鸟教程小白 | 时间：2022-2-5 13:09 | 阅读：84 | 回复：0
CVE-2021-46497

Jsish v3.5.0 was discovered to contain a heap-use-after-free via jsi_UserObjDelete in src/jsiUserObj.c. This vulnerability can lead to a Denial of Service (DoS).……

作者：菜鸟教程小白 | 时间：2022-2-5 13:09 | 阅读：90 | 回复：0
CVE-2021-46498

Jsish v3.5.0 was discovered to contain a heap-use-after-free via jsi_wswebsocketObjFree in src/jsiWebSocket.c. This vulnerability can lead to a Denial of Service (DoS).……

作者：菜鸟教程小白 | 时间：2022-2-5 13:09 | 阅读：83 | 回复：0
CVE-2021-46499

Jsish v3.5.0 was discovered to contain a heap-use-after-free via jsi_ValueCopyMove in src/jsiValue.c. This vulnerability can lead to a Denial of Service (DoS).……

作者：菜鸟教程小白 | 时间：2022-2-5 13:09 | 阅读：120 | 回复：0
CVE-2021-46500

Jsish v3.5.0 was discovered to contain a heap-use-after-free via jsi_ArgTypeCheck in src/jsiFunc.c. This vulnerability can lead to a Denial of Service (DoS).……

作者：菜鸟教程小白 | 时间：2022-2-5 13:09 | 阅读：74 | 回复：0
CVE-2021-46501

Jsish v3.5.0 was discovered to contain a heap-use-after-free via SortSubCmd in src/jsiArray.c. This vulnerability can lead to a Denial of Service (DoS).……

作者：菜鸟教程小白 | 时间：2022-2-5 13:09 | 阅读：86 | 回复：0
CVE-2021-46502

Jsish v3.5.0 was discovered to contain a heap-use-after-free via /usr/lib/x86_64-linux-gnu/libasan.so.4+0x5166d. This vulnerability can lead to a Denial of Service (DoS).……

作者：菜鸟教程小白 | 时间：2022-2-5 13:09 | 阅读：90 | 回复：0
CVE-2021-46503

Jsish v3.5.0 was discovered to contain a heap-use-after-free via /usr/lib/x86_64-linux-gnu/libasan.so.4+0x79732. This vulnerability can lead to a Denial of Service (DoS).……

作者：菜鸟教程小白 | 时间：2022-2-5 13:09 | 阅读：103 | 回复：0
CVE-2021-46504

There is an Assertion 'vp != resPtr' failed at jsiEval.c in Jsish v3.5.0.……

作者：菜鸟教程小白 | 时间：2022-2-5 13:09 | 阅读：111 | 回复：0
CVE-2021-46505

Jsish v3.5.0 was discovered to contain a stack overflow via /usr/lib/x86_64-linux-gnu/libasan.so.4+0x5b1e5.……

作者：菜鸟教程小白 | 时间：2022-2-5 13:09 | 阅读：81 | 回复：0
CVE-2021-46506

There is an Assertion 'v-d.lval != v' failed at src/jsiValue.c in Jsish v3.5.0.……

作者：菜鸟教程小白 | 时间：2022-2-5 13:09 | 阅读：74 | 回复：0
CVE-2021-46507

Jsish v3.5.0 was discovered to contain a stack overflow via Jsi_LogMsg at src/jsiUtils.c.……

作者：菜鸟教程小白 | 时间：2022-2-5 13:09 | 阅读：97 | 回复：0
CVE-2021-46508

There is an Assertion `i parts_cnt' failed at src/mjs_bcode.c in Cesanta MJS v2.20.0.……

作者：菜鸟教程小白 | 时间：2022-2-5 13:09 | 阅读：110 | 回复：0
CVE-2021-46509

Cesanta MJS v2.20.0 was discovered to contain a stack overflow via snquote at mjs/src/mjs_json.c.……

作者：菜鸟教程小白 | 时间：2022-2-5 13:09 | 阅读：89 | 回复：0
CVE-2021-46510

There is an Assertion `s mjs-owned_strings.buf + mjs-owned_strings.len' failed at src/mjs_gc.c in Cesanta MJS v2.20.0.……

作者：菜鸟教程小白 | 时间：2022-2-5 13:09 | 阅读：96 | 回复：0
CVE-2021-46511

There is an Assertion `m-len = sizeof(v)' failed at src/mjs_core.c in Cesanta MJS v2.20.0.……

作者：菜鸟教程小白 | 时间：2022-2-5 13:09 | 阅读：80 | 回复：0