CVE漏洞

OGeek|极客世界-中国程序员成长平台 › 门户 › 漏洞›CVE漏洞

RSS

CVE-2022-22820

Due to the lack of media file checks before rendering, it was possible for an attacker to cause abnormal CPU consumption for message recipient by sending specially crafted gif image in LINE for Window ...……

作者：菜鸟教程小白 | 时间：2022-2-5 13:06 | 阅读：35 | 回复：0
CVE-2021-32039

Users with appropriate file access may be able to access unencrypted user credentials saved by MongoDB Extension for VS Code in a binary file. These credentials may be used by malicious attackers to p ...……

作者：菜鸟教程小白 | 时间：2022-2-5 13:06 | 阅读：32 | 回复：0
CVE-2022-0285

Cross-site Scripting (XSS) - Stored in Packagist pimcore/pimcore prior to 10.2.9.……

作者：菜鸟教程小白 | 时间：2022-2-5 13:06 | 阅读：37 | 回复：0
CVE-2021-44738

Buffer overflow vulnerability has been identified in Lexmark devices through 2021-12-07 in postscript interpreter.……

作者：菜鸟教程小白 | 时间：2022-2-5 13:06 | 阅读：35 | 回复：0
CVE-2021-44734

Embedded web server input sanitization vulnerability in Lexmark devices through 2021-12-07, which can which can lead to remote code execution on the device.……

作者：菜鸟教程小白 | 时间：2022-2-5 13:06 | 阅读：39 | 回复：0
CVE-2021-44735

Embedded web server command injection vulnerability in Lexmark devices through 2021-12-07.……

作者：菜鸟教程小白 | 时间：2022-2-5 13:06 | 阅读：34 | 回复：0
CVE-2021-44736

The initial admin account setup wizard on Lexmark devices allow unauthenticated access to the “out of service erase” feature.……

作者：菜鸟教程小白 | 时间：2022-2-5 13:06 | 阅读：36 | 回复：0
CVE-2021-44737

PJL directory traversal vulnerability in Lexmark devices through 2021-12-07 that can be leveraged to overwrite internal configuration files.……

作者：菜鸟教程小白 | 时间：2022-2-5 13:06 | 阅读：39 | 回复：0
CVE-2021-44829

Cross Site Scripting (XSS) vulnerability exists in index.html in AFI WebACMS through 2.1.0 via the the ID parameter.……

作者：菜鸟教程小白 | 时间：2022-2-5 13:06 | 阅读：37 | 回复：0
CVE-2022-0219

Improper Restriction of XML External Entity Reference in GitHub repository skylot/jadx prior to 1.3.2.……

作者：菜鸟教程小白 | 时间：2022-2-5 13:06 | 阅读：41 | 回复：0
CVE-2021-44091

A Cross-Site Scripting (XSS) vulnerability exists in Courcecodester Multi Restaurant Table Reservation System 1.0 in register.php via the (1) fullname, (2) phone, and (3) address parameters.……

作者：菜鸟教程小白 | 时间：2022-2-5 13:06 | 阅读：28 | 回复：0
CVE-2021-45417

AIDE before 0.17.4 allows local users to obtain root privileges via crafted file metadata (such as XFS extended attributes or tmpfs ACLs), because of a heap-based buffer overflow.……

作者：菜鸟教程小白 | 时间：2022-2-5 13:06 | 阅读：30 | 回复：0
CVE-2022-21658

Rust is a multi-paradigm, general-purpose programming language designed for performance and safety, especially safe concurrency. The Rust Security Response WG was notified that the `std::fs::remove_di ...……

作者：菜鸟教程小白 | 时间：2022-2-5 13:06 | 阅读：31 | 回复：0
CVE-2021-44090

An SQL Injection vulnerability exists in Sourcecodester Online Reviewer System 1.0 via the password parameter.……

作者：菜鸟教程小白 | 时间：2022-2-5 13:06 | 阅读：41 | 回复：0
CVE-2021-44092

An SQL Injection vulnerability exists in code-projects Pharmacy Management 1.0 via the username parameter in the administer login form.……

作者：菜鸟教程小白 | 时间：2022-2-5 13:06 | 阅读：41 | 回复：0
CVE-2021-44244

An SQL Injection vulnerabiity exists in Sourcecodester Logistic Hub Parcel's Management System 1.0 via the username parameter in login.php.……

作者：菜鸟教程小白 | 时间：2022-2-5 13:06 | 阅读：49 | 回复：0
CVE-2021-44245

An SQL Injection vulnerability exists in Courcecodester COVID 19 Testing Management System (CTMS) 1.0 via the (1) username and (2) contactno parameters.……

作者：菜鸟教程小白 | 时间：2022-2-5 13:06 | 阅读：47 | 回复：0
CVE-2022-23119

A directory traversal vulnerability in Trend Micro Deep Security and Cloud One - Workload Security Agent for Linux version 20 and below could allow an attacker to read arbitrary files from the file sy ...……

作者：菜鸟教程小白 | 时间：2022-2-5 13:06 | 阅读：30 | 回复：0
CVE-2022-23120

A code injection vulnerability in Trend Micro Deep Security and Cloud One - Workload Security Agent for Linux version 20 and below could allow an attacker to escalate privileges and run arbitrary code ...……

作者：菜鸟教程小白 | 时间：2022-2-5 13:06 | 阅读：24 | 回复：0
CVE-2021-29785

IBM Security SOAR V42 and V43could allow a remote attacker to obtain sensitive information, caused by the failure to properly enable HTTP Strict Transport Security. An attacker could exploit this vuln ...……

作者：菜鸟教程小白 | 时间：2022-2-5 13:06 | 阅读：35 | 回复：0
CVE-2021-46061

An SQL Injection vulnerability exists in Sourcecodester Computer and Mobile Repair Shop Management system (RSMS) 1.0 via the code parameter in /rsms/ node app.……

作者：菜鸟教程小白 | 时间：2022-2-5 13:06 | 阅读：31 | 回复：0
CVE-2020-23315

There is an ASSERTION (pFuncBody-GetYieldRegister() == oldYieldRegister) failed in Js::DebugContext::RundownSourcesAndReparse in ChakraCore version 1.12.0.0-beta.……

作者：菜鸟教程小白 | 时间：2022-2-5 13:06 | 阅读：39 | 回复：0
CVE-2021-46322

Duktape v2.99.99 was discovered to contain a SEGV vulnerability via the component duk_push_tval in duktape/duk_api_stack.c.……

作者：菜鸟教程小白 | 时间：2022-2-5 13:06 | 阅读：43 | 回复：0
CVE-2021-46323

Espruino 2v11.251 was discovered to contain a SEGV vulnerability via src/jsinteractive.c in jsiGetDeviceFromClass.……

作者：菜鸟教程小白 | 时间：2022-2-5 13:06 | 阅读：54 | 回复：0
CVE-2021-46324

Espruino 2v11.251 was discovered to contain a stack buffer overflow via src/jsvar.c in jsvNewFromString.……

作者：菜鸟教程小白 | 时间：2022-2-5 13:06 | 阅读：34 | 回复：0
CVE-2021-46325

Espruino 2v10.246 was discovered to contain a stack buffer overflow via src/jsutils.c in vcbprintf.……

作者：菜鸟教程小白 | 时间：2022-2-5 13:06 | 阅读：27 | 回复：0
CVE-2021-46326

Moddable SDK v11.5.0 was discovered to contain a heap-buffer-overflow via the component __asan_memcpy.……

作者：菜鸟教程小白 | 时间：2022-2-5 13:06 | 阅读：22 | 回复：0
CVE-2021-46327

Moddable SDK v11.5.0 was discovered to contain a SEGV vulnerability via xs/sources/xsArray.c in fx_Array_prototype_sort.……

作者：菜鸟教程小白 | 时间：2022-2-5 13:06 | 阅读：29 | 回复：0
CVE-2021-46328

Moddable SDK v11.5.0 was discovered to contain a heap-buffer-overflow via the component __libc_start_main.……

作者：菜鸟教程小白 | 时间：2022-2-5 13:06 | 阅读：36 | 回复：0
CVE-2021-46329

Moddable SDK v11.5.0 was discovered to contain a SEGV vulnerability via the component _fini.……

作者：菜鸟教程小白 | 时间：2022-2-5 13:06 | 阅读：40 | 回复：0
CVE-2021-46330

Moddable SDK v11.5.0 was discovered to contain a SEGV vulnerability via xs/sources/xsDataView.c in fx_ArrayBuffer_prototype_concat.……

作者：菜鸟教程小白 | 时间：2022-2-5 13:06 | 阅读：32 | 回复：0
CVE-2021-46331

Moddable SDK v11.5.0 was discovered to contain a SEGV vulnerability via xs/sources/xsProxy.c in fxProxyGetPrototype.……

作者：菜鸟教程小白 | 时间：2022-2-5 13:06 | 阅读：25 | 回复：0
CVE-2021-46332

Moddable SDK v11.5.0 was discovered to contain a heap-buffer-overflow via xs/sources/xsDataView.c in fxUint8Getter.……

作者：菜鸟教程小白 | 时间：2022-2-5 13:06 | 阅读：26 | 回复：0
CVE-2021-46333

Moddable SDK v11.5.0 was discovered to contain an invalid memory access vulnerability via the component __asan_memmove.……

作者：菜鸟教程小白 | 时间：2022-2-5 13:06 | 阅读：17 | 回复：0
CVE-2021-46334

Moddable SDK v11.5.0 was discovered to contain a stack buffer overflow via the component __interceptor_strcat.……

作者：菜鸟教程小白 | 时间：2022-2-5 13:06 | 阅读：23 | 回复：0
CVE-2021-46335

Moddable SDK v11.5.0 was discovered to contain a NULL pointer dereference in the component fx_Function_prototype_hasInstance.……

作者：菜鸟教程小白 | 时间：2022-2-5 13:06 | 阅读：26 | 回复：0
CVE-2021-46336

There is an Assertion 'opts PARSER_CLASS_LITERAL_CTOR_PRESENT' failed at /parser/js/js-parser-expr.c(parser_parse_class_body) in JerryScript 3.0.0.……

作者：菜鸟教程小白 | 时间：2022-2-5 13:06 | 阅读：21 | 回复：0
CVE-2021-46337

There is an Assertion 'page_p != NULL' failed at /parser/js/js-parser-mem.c(parser_list_get) in JerryScript 3.0.0.……

作者：菜鸟教程小白 | 时间：2022-2-5 13:06 | 阅读：24 | 回复：0
CVE-2021-46338

There is an Assertion 'ecma_is_lexical_environment (object_p)' failed at /base/ecma-helpers.c(ecma_get_lex_env_type) in JerryScript 3.0.0.……

作者：菜鸟教程小白 | 时间：2022-2-5 13:06 | 阅读：26 | 回复：0
CVE-2021-46339

There is an Assertion 'lit_is_valid_cesu8_string (string_p, string_size)' failed at /base/ecma-helpers-string.c(ecma_new_ecma_string_from_utf8) in JerryScript 3.0.0.……

作者：菜鸟教程小白 | 时间：2022-2-5 13:06 | 阅读：29 | 回复：0