• 设为首页
  • 点击收藏
  • 手机版
    手机扫一扫访问
    迪恩网络手机版
  • 关注官方公众号
    微信扫一扫关注
    迪恩网络公众号
登陆 注册
描述文字
OGeek|极客世界-中国程序员成长平台 门户 漏洞CVE漏洞

CVE漏洞

RSS
  • CVE-2021-34599
    CVE-2021-34599
    Affected versions of CODESYS Git in Versions prior to V1.1.0.0 lack certificate validation in HTTPS handshakes. CODESYS Git does not implement certificate validation by default, so it does not verify ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 12:32 | 阅读:5 | 回复:0
  • CVE-2021-4018
    CVE-2021-4018
    snipe-it is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')……
    作者:菜鸟教程小白 | 时间:2022-2-5 12:32 | 阅读:4 | 回复:0
  • CVE-2021-4019
    CVE-2021-4019
    vim is vulnerable to Heap-based Buffer Overflow……
    作者:菜鸟教程小白 | 时间:2022-2-5 12:32 | 阅读:10 | 回复:0
  • CVE-2021-3984
    CVE-2021-3984
    vim is vulnerable to Heap-based Buffer Overflow……
    作者:菜鸟教程小白 | 时间:2022-2-5 12:32 | 阅读:15 | 回复:0
  • CVE-2021-3985
    CVE-2021-3985
    kimai2 is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')……
    作者:菜鸟教程小白 | 时间:2022-2-5 12:32 | 阅读:31 | 回复:0
  • CVE-2021-3989
    CVE-2021-3989
    showdoc is vulnerable to URL Redirection to Untrusted Site……
    作者:菜鸟教程小白 | 时间:2022-2-5 12:32 | 阅读:20 | 回复:0
  • CVE-2021-3990
    CVE-2021-3990
    showdoc is vulnerable to Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG)……
    作者:菜鸟教程小白 | 时间:2022-2-5 12:32 | 阅读:19 | 回复:0
  • CVE-2021-3992
    CVE-2021-3992
    kimai2 is vulnerable to Improper Access Control……
    作者:菜鸟教程小白 | 时间:2022-2-5 12:32 | 阅读:24 | 回复:0
  • CVE-2021-3993
    CVE-2021-3993
    showdoc is vulnerable to Cross-Site Request Forgery (CSRF)……
    作者:菜鸟教程小白 | 时间:2022-2-5 12:32 | 阅读:13 | 回复:0
  • CVE-2021-3994
    CVE-2021-3994
    django-helpdesk is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')……
    作者:菜鸟教程小白 | 时间:2022-2-5 12:32 | 阅读:11 | 回复:0
  • CVE-2021-4015
    CVE-2021-4015
    firefly-iii is vulnerable to Cross-Site Request Forgery (CSRF)……
    作者:菜鸟教程小白 | 时间:2022-2-5 12:32 | 阅读:13 | 回复:0
  • CVE-2021-4017
    CVE-2021-4017
    showdoc is vulnerable to Cross-Site Request Forgery (CSRF)……
    作者:菜鸟教程小白 | 时间:2022-2-5 12:32 | 阅读:8 | 回复:0
  • CVE-2021-32592
    CVE-2021-32592
    An unsafe search path vulnerability in FortiClientWindows 7.0.0, 6.4.6 and below, 6.2.x, 6.0.x and FortiClientEMS 7.0.0, 6.4.6 and below, 6.2.x, 6.0.x may allow an attacker to perform a DLL Hijack att ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 12:32 | 阅读:9 | 回复:0
  • CVE-2021-3964
    CVE-2021-3964
    elgg is vulnerable to Authorization Bypass Through User-Controlled Key……
    作者:菜鸟教程小白 | 时间:2022-2-5 12:32 | 阅读:4 | 回复:0
  • CVE-2021-3983
    CVE-2021-3983
    kimai2 is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')……
    作者:菜鸟教程小白 | 时间:2022-2-5 12:32 | 阅读:4 | 回复:0
  • CVE-2021-43690
    CVE-2021-43690
    YurunProxy v0.01 is affected by a Cross Site Scripting (XSS) vulnerability in src/Client.php. The exit function will terminate the script and print a message which have values from the socket_read.……
    作者:菜鸟教程小白 | 时间:2022-2-5 12:32 | 阅读:11 | 回复:0
  • CVE-2021-44280
    CVE-2021-44280
    attendance management system 1.0 is affected by a SQL injection vulnerability in admin/incFunctions.php through the makeSafe function.……
    作者:菜鸟教程小白 | 时间:2022-2-5 12:32 | 阅读:5 | 回复:0
  • CVE-2021-25967
    CVE-2021-25967
    In CKAN, versions 2.9.0 to 2.9.3 are affected by a stored XSS vulnerability via SVG file upload of users’ profile picture. This allows low privileged application users to store malicious scripts in t ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 12:32 | 阅读:6 | 回复:0
  • CVE-2021-44277
    CVE-2021-44277
    Librenms 21.11.0 is affected by a Cross Site Scripting (XSS) vulnerability in includes/html/common/alert-log.inc.php.……
    作者:菜鸟教程小白 | 时间:2022-2-5 12:32 | 阅读:5 | 回复:0
  • CVE-2021-44279
    CVE-2021-44279
    Librenms 21.11.0 is affected by a Cross Site Scripting (XSS) vulnerability in includes/html/forms/poller-groups.inc.php.……
    作者:菜鸟教程小白 | 时间:2022-2-5 12:32 | 阅读:14 | 回复:0
  • CVE-2021-40154
    CVE-2021-40154
    NXP LPC55S69 devices before A3 have a buffer over-read via a crafted wlength value in a GET Descriptor Configuration request during use of USB In-System Programming (ISP) mode. This discloses protecte ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 12:32 | 阅读:4 | 回复:0
  • CVE-2021-43689
    CVE-2021-43689
    manage (last update Oct 24, 2017) is affected by a Cross Site Scripting (XSS) vulnerability in Application/Home/Controller/GoodsController.class.php. The exit function will terminate the script and pr ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 12:32 | 阅读:7 | 回复:0
  • CVE-2021-44479
    CVE-2021-44479
    NXP Kinetis K82 devices have a buffer over-read via a crafted wlength value in a GET Status-Other request during use of USB In-System Programming (ISP) mode. This discloses protected flash memory.……
    作者:菜鸟教程小白 | 时间:2022-2-5 12:32 | 阅读:7 | 回复:0
  • CVE-2020-10627
    CVE-2020-10627
    Insulet Omnipod Insulin Management System insulin pump product ID 19191 and 40160 is designed to communicate using a wireless RF with an Insulet manufactured Personal Diabetes Manager device. This wir ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 12:32 | 阅读:18 | 回复:0
  • CVE-2021-20609
    CVE-2021-20609
    Uncontrolled Resource Consumption vulnerability in MELSEC iQ-R Series R00/01/02CPU Firmware versions 24 and prior, MELSEC iQ-R Series R04/08/16/32/120(EN)CPU Firmware versions 57 and prior, MELSEC iQ- ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 12:32 | 阅读:10 | 回复:0
  • CVE-2021-20610
    CVE-2021-20610
    Improper Handling of Length Parameter Inconsistency vulnerability in MELSEC iQ-R Series R00/01/02CPU Firmware versions 24 and prior, MELSEC iQ-R Series R04/08/16/32/120(EN)CPU Firmware versions 57 and ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 12:32 | 阅读:23 | 回复:0
  • CVE-2021-20611
    CVE-2021-20611
    Improper Input Validation vulnerability in MELSEC iQ-R Series R00/01/02CPU Firmware versions 24 and prior, MELSEC iQ-R Series R04/08/16/32/120(EN)CPU Firmware versions 57 and prior, MELSEC iQ-R Series ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 12:32 | 阅读:13 | 回复:0
  • CVE-2021-26334
    CVE-2021-26334
    The AMDPowerProfiler.sys driver of AMD ?Prof tool may allow lower privileged users to access MSRs in kernel which may lead to privilege escalation and ring-0 code execution by the lower privileged use ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 12:32 | 阅读:17 | 回复:0
  • CVE-2021-43685
    CVE-2021-43685
    libretime hv3.0.0-alpha.10 is affected by a path manipulation vulnerability in /blob/master/legacy/application/modules/rest/controllers/ShowImageController.php through the rename function.……
    作者:菜鸟教程小白 | 时间:2022-2-5 12:32 | 阅读:8 | 回复:0
  • CVE-2021-43687
    CVE-2021-43687
    chamilo-lms v1.11.14 is affected by a Cross Site Scripting (XSS) vulnerability in /plugin/jcapture/applet.php if an attacker passes a message hex2bin in the cookie.……
    作者:菜鸟教程小白 | 时间:2022-2-5 12:32 | 阅读:9 | 回复:0
  • CVE-2021-44480
    CVE-2021-44480
    Wokka Lokka Q50 devices through 2021-11-30 allow remote attackers (who know the SIM phone number and password) to listen to a device's surroundings via a callback in an SMS command, as demonstrate ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 12:32 | 阅读:10 | 回复:0
  • CVE-2021-20400
    CVE-2021-20400
    IBM QRadar SIEM 7.3 and 7.4 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 196074.……
    作者:菜鸟教程小白 | 时间:2022-2-5 12:32 | 阅读:28 | 回复:0
  • CVE-2021-29779
    CVE-2021-29779
    IBM QRadar SIEM 7.3 and 7.4 could allow an attacker to obtain sensitive information due to the server performing key exchange without entity authentication on inter-host communications using man in th ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 12:32 | 阅读:23 | 回复:0
  • CVE-2021-29849
    CVE-2021-29849
    IBM QRadar SIEM 7.3 and 7.4 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 12:32 | 阅读:24 | 回复:0
  • CVE-2021-29863
    CVE-2021-29863
    IBM QRadar SIEM 7.3 and 7.4 is vulnerable to server side request forgery (SSRF). This may allow an authenticated attacker to send unauthorized requests from the system, potentially leading to network ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 12:32 | 阅读:33 | 回复:0
  • CVE-2021-42776
    CVE-2021-42776
    CloverDX Server before 5.11.2 and and 5.12.x before 5.12.1 allows XXE during configuration import.……
    作者:菜鸟教程小白 | 时间:2022-2-5 12:32 | 阅读:19 | 回复:0
  • CVE-2021-38575
    CVE-2021-38575
    NetworkPkg/IScsiDxe has remotely exploitable buffer overflows.……
    作者:菜鸟教程小白 | 时间:2022-2-5 12:32 | 阅读:22 | 回复:0
  • CVE-2021-43451
    CVE-2021-43451
    SQL Injection vulnerability exists in PHPGURUKUL Employee Record Management System 1.2 via the Email POST parameter in /forgetpassword.php.……
    作者:菜鸟教程小白 | 时间:2022-2-5 12:32 | 阅读:10 | 回复:0
  • CVE-2021-41039
    CVE-2021-41039
    In versions 1.6 to 2.0.11 of Eclipse Mosquitto, an MQTT v5 client connecting with a large number of user-property properties could cause excessive CPU usage, leading to a loss of performance and possi ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 12:32 | 阅读:7 | 回复:0
  • CVE-2021-43137
    CVE-2021-43137
    Cross-Site Scripting (XSS) and Cross-Site Request Forgery (CSRF) vulnerability exits in hostel management system 2.1 via the name field in my-profile.php. Chaining to this both vulnerabilities leads t ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 12:32 | 阅读:9 | 回复:0

关注我们

极客给你想要的成长

关注极客中国获取最新资讯

加入Q群 官方微博
热门推荐
More+
专题导读
More+
热门话题
More+
阅读排行榜

扫描微信二维码

查看手机版网站

随时了解更新最新资讯

139-2527-9053

在线客服(服务时间 9:00~18:00)

在线QQ客服
地址:深圳市南山区西丽大学城创智工业园
电邮:jeky_zhao#qq.com
移动电话:139-2527-9053

Powered by 互联科技 X3.4© 2001-2213 极客世界.|Sitemap