CVE漏洞

OGeek|极客世界-中国程序员成长平台 › 门户 › 漏洞›CVE漏洞

RSS

CVE-2022-21673

Grafana is an open-source platform for monitoring and observability. In affected versions when a data source has the Forward OAuth Identity feature enabled, sending a query to that datasource with an ...……

作者：菜鸟教程小白 | 时间：2022-2-5 13:04 | 阅读：23 | 回复：0
CVE-2022-21688

OnionShare is an open source tool that lets you securely and anonymously share files, host websites, and chat with friends using the Tor network. Affected versions of the desktop application were foun ...……

作者：菜鸟教程小白 | 时间：2022-2-5 13:04 | 阅读：22 | 回复：0
CVE-2022-21689

OnionShare is an open source tool that lets you securely and anonymously share files, host websites, and chat with friends using the Tor network. In affected versions the receive mode limits concurren ...……

作者：菜鸟教程小白 | 时间：2022-2-5 13:04 | 阅读：10 | 回复：0
CVE-2022-21691

OnionShare is an open source tool that lets you securely and anonymously share files, host websites, and chat with friends using the Tor network. In affected versions chat participants can spoof their ...……

作者：菜鸟教程小白 | 时间：2022-2-5 13:04 | 阅读：26 | 回复：0
CVE-2022-21693

OnionShare is an open source tool that lets you securely and anonymously share files, host websites, and chat with friends using the Tor network. In affected versions an adversary with a primitive tha ...……

作者：菜鸟教程小白 | 时间：2022-2-5 13:04 | 阅读：13 | 回复：0
CVE-2022-21695

OnionShare is an open source tool that lets you securely and anonymously share files, host websites, and chat with friends using the Tor network. In affected versions authenticated users (or unauthent ...……

作者：菜鸟教程小白 | 时间：2022-2-5 13:04 | 阅读：13 | 回复：0
CVE-2022-21690

OnionShare is an open source tool that lets you securely and anonymously share files, host websites, and chat with friends using the Tor network. In affected versions The path parameter of the request ...……

作者：菜鸟教程小白 | 时间：2022-2-5 13:04 | 阅读：25 | 回复：0
CVE-2022-21692

OnionShare is an open source tool that lets you securely and anonymously share files, host websites, and chat with friends using the Tor network. In affected versions anyone with access to the chat en ...……

作者：菜鸟教程小白 | 时间：2022-2-5 13:04 | 阅读：25 | 回复：0
CVE-2022-21694

OnionShare is an open source tool that lets you securely and anonymously share files, host websites, and chat with friends using the Tor network. The website mode of the onionshare allows to use a har ...……

作者：菜鸟教程小白 | 时间：2022-2-5 13:04 | 阅读：19 | 回复：0
CVE-2022-21700

Micronaut is a JVM-based, full stack Java framework designed for building JVM web applications with support for Java, Kotlin and the Groovy language. In affected versions sending an invalid Content Ty ...……

作者：菜鸟教程小白 | 时间：2022-2-5 13:04 | 阅读：18 | 回复：0
CVE-2022-22152

A Protection Mechanism Failure vulnerability in the REST API of Juniper Networks Contrail Service Orchestration allows one tenant on the system to view confidential configuration details of another te ...……

作者：菜鸟教程小白 | 时间：2022-2-5 13:04 | 阅读：16 | 回复：0
CVE-2022-22153

An Insufficient Algorithmic Complexity combined with an Allocation of Resources Without Limits or Throttling vulnerability in the flow processing daemon (flowd) of Juniper Networks Junos OS on SRX Ser ...……

作者：菜鸟教程小白 | 时间：2022-2-5 13:04 | 阅读：15 | 回复：0
CVE-2022-22154

In a Junos Fusion scenario an External Control of Critical State Data vulnerability in the Satellite Device (SD) control state machine of Juniper Networks Junos OS allows an attacker who is able to ma ...……

作者：菜鸟教程小白 | 时间：2022-2-5 13:04 | 阅读：15 | 回复：0
CVE-2022-22155

An Uncontrolled Resource Consumption vulnerability in the handling of IPv6 neighbor state change events in Juniper Networks Junos OS allows an adjacent attacker to cause a memory leak in the Flexible ...……

作者：菜鸟教程小白 | 时间：2022-2-5 13:04 | 阅读：31 | 回复：0
CVE-2022-22156

An Improper Certificate Validation weakness in the Juniper Networks Junos OS allows an attacker to perform Person-in-the-Middle (PitM) attacks when a system script is fetched from a remote source at a ...……

作者：菜鸟教程小白 | 时间：2022-2-5 13:04 | 阅读：17 | 回复：0
CVE-2022-22157

A traffic classification vulnerability in Juniper Networks Junos OS on the SRX Series Services Gateways may allow an attacker to bypass Juniper Deep Packet Inspection (JDPI) rules and access unauthori ...……

作者：菜鸟教程小白 | 时间：2022-2-5 13:04 | 阅读：23 | 回复：0
CVE-2022-22159

A vulnerability in the NETISR network queue functionality of Juniper Networks Junos OS kernel allows an attacker to cause a Denial of Service (DoS) by sending crafted genuine packets to a device. Duri ...……

作者：菜鸟教程小白 | 时间：2022-2-5 13:04 | 阅读：20 | 回复：0
CVE-2022-22160

An Unchecked Error Condition vulnerability in the subscriber management daemon (smgd) of Juniper Networks Junos OS allows an unauthenticated adjacent attacker to cause a crash of and thereby a Denial ...……

作者：菜鸟教程小白 | 时间：2022-2-5 13:04 | 阅读：26 | 回复：0
CVE-2022-22161

An Uncontrolled Resource Consumption vulnerability in the kernel of Juniper Networks Junos OS allows an unauthenticated network based attacker to cause 100% CPU load and the device to become unrespons ...……

作者：菜鸟教程小白 | 时间：2022-2-5 13:04 | 阅读：26 | 回复：0
CVE-2022-22162

A Generation of Error Message Containing Sensitive Information vulnerability in the CLI of Juniper Networks Junos OS allows a locally authenticated attacker with low privileges to elevate these to the ...……

作者：菜鸟教程小白 | 时间：2022-2-5 13:04 | 阅读：10 | 回复：0
CVE-2022-22163

An Improper Input Validation vulnerability in the Juniper DHCP daemon (jdhcpd) of Juniper Networks Junos OS allows an adjacent unauthenticated attacker to cause a crash of jdhcpd and thereby a Denial ...……

作者：菜鸟教程小白 | 时间：2022-2-5 13:04 | 阅读：10 | 回复：0
CVE-2022-22164

An Improper Initialization vulnerability in Juniper Networks Junos OS Evolved may cause a commit operation for disabling the telnet service to not take effect as expected, resulting in the telnet serv ...……

作者：菜鸟教程小白 | 时间：2022-2-5 13:04 | 阅读：7 | 回复：0
CVE-2022-22166

An Improper Validation of Specified Quantity in Input vulnerability in the routing protocol daemon (rpd) of Juniper Networks Junos OS allows an unauthenticated networked attacker to cause an rdp crash ...……

作者：菜鸟教程小白 | 时间：2022-2-5 13:04 | 阅读：10 | 回复：0
CVE-2022-22167

A traffic classification vulnerability in Juniper Networks Junos OS on the SRX Series Services Gateways may allow an attacker to bypass Juniper Deep Packet Inspection (JDPI) rules and access unauthori ...……

作者：菜鸟教程小白 | 时间：2022-2-5 13:04 | 阅读：25 | 回复：0
CVE-2022-22168

An Improper Validation of Specified Type of Input vulnerability in the kernel of Juniper Networks Junos OS allows an unauthenticated adjacent attacker to trigger a Missing Release of Memory after Effe ...……

作者：菜鸟教程小白 | 时间：2022-2-5 13:04 | 阅读：28 | 回复：0
CVE-2022-22169

An Improper Initialization vulnerability in the routing protocol daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows an attacker who sends specific packets in certain orders and at s ...……

作者：菜鸟教程小白 | 时间：2022-2-5 13:04 | 阅读：24 | 回复：0
CVE-2022-22170

A Missing Release of Resource after Effective Lifetime vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS allows an unauthenticated networked attacker to cause a Denial o ...……

作者：菜鸟教程小白 | 时间：2022-2-5 13:04 | 阅读：25 | 回复：0
CVE-2022-22171

An Improper Check for Unusual or Exceptional Conditions vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS allows an unauthenticated networked attacker to cause a Denial ...……

作者：菜鸟教程小白 | 时间：2022-2-5 13:04 | 阅读：31 | 回复：0
CVE-2022-22172

A Missing Release of Memory after Effective Lifetime vulnerability in the Layer-2 control protocols daemon (l2cpd) of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated adjacent ...……

作者：菜鸟教程小白 | 时间：2022-2-5 13:04 | 阅读：50 | 回复：0
CVE-2022-22173

A Missing Release of Memory after Effective Lifetime vulnerability in the Public Key Infrastructure daemon (pkid) of Juniper Networks Junos OS allows an unauthenticated networked attacker to cause Den ...……

作者：菜鸟教程小白 | 时间：2022-2-5 13:04 | 阅读：45 | 回复：0
CVE-2022-22174

A vulnerability in the processing of inbound IPv6 packets in Juniper Networks Junos OS on QFX5000 Series and EX4600 switches may cause the memory to not be freed, leading to a packet DMA memory leak, ...……

作者：菜鸟教程小白 | 时间：2022-2-5 13:04 | 阅读：30 | 回复：0
CVE-2022-22175

An Improper Locking vulnerability in the SIP ALG of Juniper Networks Junos OS on MX Series and SRX Series allows an unauthenticated networked attacker to cause a flowprocessing daemon (flowd) crash an ...……

作者：菜鸟教程小白 | 时间：2022-2-5 13:04 | 阅读：29 | 回复：0
CVE-2022-22176

An Improper Validation of Syntactic Correctness of Input vulnerability in the Juniper DHCP daemon (jdhcpd) of Juniper Networks Junos OS allows an adjacent unauthenticated attacker sending a malformed ...……

作者：菜鸟教程小白 | 时间：2022-2-5 13:04 | 阅读：26 | 回复：0
CVE-2022-22177

A release of illegal memory vulnerability in the snmpd daemon of Juniper Networks Junos OS, Junos OS Evolved allows an attacker to halt the snmpd daemon causing a sustained Denial of Service (DoS) to ...……

作者：菜鸟教程小白 | 时间：2022-2-5 13:04 | 阅读：30 | 回复：0
CVE-2022-22178

A Stack-based Buffer Overflow vulnerability in the flow processing daemon (flowd) of Juniper Networks Junos OS on MX Series and SRX series allows an unauthenticated networked attacker to cause a flowd ...……

作者：菜鸟教程小白 | 时间：2022-2-5 13:04 | 阅读：11 | 回复：0
CVE-2022-22179

A Improper Validation of Specified Index, Position, or Offset in Input vulnerability in the Juniper DHCP daemon (jdhcpd) of Juniper Networks Junos OS allows an adjacent unauthenticated attacker to cau ...……

作者：菜鸟教程小白 | 时间：2022-2-5 13:04 | 阅读：18 | 回复：0
CVE-2022-22180

An Improper Check for Unusual or Exceptional Conditions vulnerability in the processing of specific IPv6 packets on certain EX Series devices may lead to exhaustion of DMA memory causing a Denial of S ...……

作者：菜鸟教程小白 | 时间：2022-2-5 13:04 | 阅读：13 | 回复：0
CVE-2022-23435

decoding.c in android-gif-drawable before 1.2.24 does not limit the maximum length of a comment, leading to denial of service.……

作者：菜鸟教程小白 | 时间：2022-2-5 13:04 | 阅读：24 | 回复：0
CVE-2021-26041

** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2021. Notes: none.……

作者：菜鸟教程小白 | 时间：2022-2-5 13:04 | 阅读：17 | 回复：0
CVE-2021-26042

** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2021. Notes: none.……

作者：菜鸟教程小白 | 时间：2022-2-5 13:04 | 阅读：29 | 回复：0