• 设为首页
  • 点击收藏
  • 手机版
    手机扫一扫访问
    迪恩网络手机版
  • 关注官方公众号
    微信扫一扫关注
    迪恩网络公众号

CVE漏洞

RSS
  • CVE-2021-28975
    CVE-2021-28975
    WP Mailster 1.6.18.0 allows XSS when a victim opens a mail server's details in the mst_servers page, for a crafted server_host, server_name, or connection_parameter parameter.……
    作者:菜鸟教程小白 | 时间:2022-2-5 12:14 | 阅读:9 | 回复:0
  • CVE-2020-14263
    CVE-2020-14263
    HCL Traveler Companion is vulnerable to an iOS weak cryptographic process vulnerability via the included MobileIron AppConnect SDK……
    作者:菜鸟教程小白 | 时间:2022-2-5 12:14 | 阅读:16 | 回复:0
  • CVE-2021-20120
    CVE-2021-20120
    The administration web interface for the Arris Surfboard SB8200 lacks any protections against cross-site request forgery attacks. This means that an attacker could make configuration changes (such as ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 12:14 | 阅读:6 | 回复:0
  • CVE-2021-28496
    CVE-2021-28496
    On systems running Arista EOS and CloudEOS with the affected release version, when using shared secret profiles the password configured for use by BiDirectional Forwarding Detection (BFD) will be leak ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 12:14 | 阅读:14 | 回复:0
  • CVE-2021-29873
    CVE-2021-29873
    IBM Flash System 900 could allow an authenticated attacker to obtain sensitive information and cause a denial of service due to a restricted shell escape vulnerability. IBM X-Force ID: 206229.……
    作者:菜鸟教程小白 | 时间:2022-2-5 12:14 | 阅读:6 | 回复:0
  • CVE-2021-29883
    CVE-2021-29883
    IBM Standards Processing Engine (IBM Transformation Extender Advanced 9.0 and 10.0) does not set the secure attribute on authorization tokens or session cookies. Attackers may be able to get the cooki ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 12:14 | 阅读:21 | 回复:0
  • CVE-2021-42327
    CVE-2021-42327
    dp_link_settings_write in drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm_debugfs.c in the Linux kernel through 5.14.14 allows a heap-based buffer overflow by an attacker who can write a string to the ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 12:14 | 阅读:10 | 回复:0
  • CVE-2021-35225
    CVE-2021-35225
    Each authenticated Orion Platform user in a MSP (Managed Service Provider) environment can view and browse all NetPath Services from all that MSP's customers. This can lead to any user having a li ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 12:14 | 阅读:35 | 回复:0
  • CVE-2021-35227
    CVE-2021-35227
    The HTTP interface was enabled for RabbitMQ Plugin in ARM 2020.2.6 and the ability to configure HTTPS was not available.……
    作者:菜鸟教程小白 | 时间:2022-2-5 12:14 | 阅读:14 | 回复:0
  • CVE-2021-30849
    CVE-2021-30849
    Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 14.8 and iPadOS 14.8, watchOS 8, Safari 15, tvOS 15, iOS 15 and iPadOS 15, iTunes 12.12 for W ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 12:13 | 阅读:29 | 回复:0
  • CVE-2021-30850
    CVE-2021-30850
    An access issue was addressed with improved access restrictions. This issue is fixed in Security Update 2021-005 Catalina, macOS Big Sur 11.6, tvOS 15. A user may gain access to protected parts of the ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 12:13 | 阅读:20 | 回复:0
  • CVE-2011-1075
    CVE-2011-1075
    FreeBSD's crontab calculates the MD5 sum of the previous and new cronjob to determine if any changes have been made before copying the new version in. In particular, it uses the MD5File() function ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 12:13 | 阅读:17 | 回复:0
  • CVE-2021-26589
    CVE-2021-26589
    A potential security vulnerability has been identified in HPE Superdome Flex Servers. The vulnerability could be remotely exploited to allow Cross Site Scripting (XSS) because the Session Cookie is mi ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 12:13 | 阅读:25 | 回复:0
  • CVE-2021-27001
    CVE-2021-27001
    Clustered Data ONTAP versions 9.x prior to 9.5P18, 9.6P16, 9.7P16, 9.8P7 and 9.9.1P2 are susceptible to a vulnerability which could allow an authenticated privileged local attacker to arbitrarily modi ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 12:13 | 阅读:28 | 回复:0
  • CVE-2021-36832
    CVE-2021-36832
    WordPress Popups, Welcome Bar, Optins and Lead Generation Plugin – Icegram (versions = 2.0.2) vulnerable at Headline (message_data) input.……
    作者:菜鸟教程小白 | 时间:2022-2-5 12:13 | 阅读:23 | 回复:0
  • CVE-2021-37136
    CVE-2021-37136
    The Bzip2 decompression decoder function doesn't allow setting size restrictions on the decompressed output data (which affects the allocation size used during decompression). All users of Bzip2De ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 12:13 | 阅读:20 | 回复:0
  • CVE-2021-37137
    CVE-2021-37137
    The Snappy frame decoder function doesn't restrict the chunk length which may lead to excessive memory usage. Beside this it also may buffer reserved skippable chunks until the whole chunk was rec ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 12:13 | 阅读:37 | 回复:0
  • CVE-2021-39329
    CVE-2021-39329
    The JobBoardWP WordPress plugin is vulnerable to Stored Cross-Site Scripting due to insufficient input validation and sanitization via several parameters found in the ~/includes/admin/class-metabox.ph ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 12:13 | 阅读:30 | 回复:0
  • CVE-2021-39343
    CVE-2021-39343
    The MPL-Publisher WordPress plugin is vulnerable to Stored Cross-Site Scripting due to insufficient input validation and sanitization via several parameters found in the ~/libs/PublisherController.php ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 12:13 | 阅读:20 | 回复:0
  • CVE-2021-39355
    CVE-2021-39355
    The Indeed Job Importer WordPress plugin is vulnerable to Stored Cross-Site Scripting due to insufficient input validation and sanitization via several parameters found in the ~/indeed-job-importer/tr ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 12:13 | 阅读:27 | 回复:0
  • CVE-2021-3746
    CVE-2021-3746
    A flaw was found in the libtpms code that may cause access beyond the boundary of internal buffers. The vulnerability is triggered by specially-crafted TPM2 command packets that then trigger the issue ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 12:13 | 阅读:15 | 回复:0
  • CVE-2020-12141
    CVE-2020-12141
    An out-of-bounds read in the SNMP stack in Contiki-NG 4.4 and earlier allows an attacker to cause a denial of service and potentially disclose information via crafted SNMP packets to snmp_ber_decode_s ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 12:13 | 阅读:28 | 回复:0
  • CVE-2021-29912
    CVE-2021-29912
    IBM Security Risk Manager on CP4S 1.7.0.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionali ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 12:13 | 阅读:16 | 回复:0
  • CVE-2021-38911
    CVE-2021-38911
    IBM Security Risk Manager on CP4S 1.7.0.0 stores user credentials in plain clear text which can be read by a an authenticatedl privileged user. IBM X-Force ID: 209940.……
    作者:菜鸟教程小白 | 时间:2022-2-5 12:13 | 阅读:19 | 回复:0
  • CVE-2021-33988
    CVE-2021-33988
    Cross Site Scripting (XSS). vulnerability exists in Microweber CMS 1.2.7 via the Login form, which could let a malicious user execute Javascript by Inserting code in the request form.……
    作者:菜鸟教程小白 | 时间:2022-2-5 12:13 | 阅读:27 | 回复:0
  • CVE-2021-32663
    CVE-2021-32663
    iTop is an open source web based IT Service Management tool. In affected versions an attacker can call the system setup without authentication. Given specific parameters this can lead to SSRF. This is ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 12:13 | 阅读:25 | 回复:0
  • CVE-2021-32664
    CVE-2021-32664
    Combodo iTop is an open source web based IT Service Management tool. In affected versions there is a XSS vulnerability on run query page when logged as administrator. This has been resolved in version ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 12:13 | 阅读:26 | 回复:0
  • CVE-2021-35323
    CVE-2021-35323
    Cross Site Scripting (XSS) vulnerability exists in bludit 3-13-1 via the username in admin/login.……
    作者:菜鸟教程小白 | 时间:2022-2-5 12:13 | 阅读:23 | 回复:0
  • CVE-2021-41131
    CVE-2021-41131
    python-tuf is a Python reference implementation of The Update Framework (TUF). In both clients (`tuf/client` and `tuf/ngclient`), there is a path traversal vulnerability that in the worst case can ove ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 12:13 | 阅读:18 | 回复:0
  • CVE-2021-41140
    CVE-2021-41140
    Discourse-reactions is a plugin for the Discourse platform that allows user to add their reactions to the post. In affected versions reactions given by user to secure topics and private messages are v ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 12:13 | 阅读:27 | 回复:0
  • CVE-2021-41149
    CVE-2021-41149
    Tough provides a set of Rust libraries and tools for using and generating the update framework (TUF) repositories. The tough library, prior to 0.12.0, does not properly sanitize target names when cach ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 12:13 | 阅读:30 | 回复:0
  • CVE-2021-0296
    CVE-2021-0296
    The Juniper Networks CTPView server is not enforcing HTTP Strict Transport Security (HSTS). HSTS is an optional response header which allows servers to indicate that content from the requested domain ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 12:13 | 阅读:23 | 回复:0
  • CVE-2021-0297
    CVE-2021-0297
    A vulnerability in the processing of TCP MD5 authentication in Juniper Networks Junos OS Evolved may allow a BGP or LDP session configured with MD5 authentication to succeed, even if the peer does not ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 12:13 | 阅读:21 | 回复:0
  • CVE-2021-0298
    CVE-2021-0298
    A Race Condition in the 'show chassis pic' command in Juniper Networks Junos OS Evolved may allow an attacker to crash the port interface concentrator daemon (picd) process on the FPC, if the ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 12:13 | 阅读:16 | 回复:0
  • CVE-2021-0299
    CVE-2021-0299
    An Improper Handling of Exceptional Conditions vulnerability in the processing of a transit or directly received malformed IPv6 packet in Juniper Networks Junos OS results in a kernel crash, causing t ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 12:13 | 阅读:23 | 回复:0
  • CVE-2021-31349
    CVE-2021-31349
    The usage of an internal HTTP header created an authentication bypass vulnerability (CWE-287), allowing an attacker to view internal files, change settings, manipulate services and execute arbitrary c ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 12:13 | 阅读:13 | 回复:0
  • CVE-2021-31350
    CVE-2021-31350
    An Improper Privilege Management vulnerability in the gRPC framework, used by the Juniper Extension Toolkit (JET) API on Juniper Networks Junos OS and Junos OS Evolved, allows a network-based, low-pri ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 12:13 | 阅读:16 | 回复:0
  • CVE-2021-31351
    CVE-2021-31351
    An Improper Check for Unusual or Exceptional Conditions in packet processing on the MS-MPC/MS-MIC utilized by Juniper Networks Junos OS allows a malicious attacker to send a specific packet, triggerin ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 12:13 | 阅读:18 | 回复:0
  • CVE-2021-31352
    CVE-2021-31352
    An Information Exposure vulnerability in Juniper Networks SRC Series devices configured for NETCONF over SSH permits the negotiation of weak ciphers, which could allow a remote attacker to obtain sens ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 12:13 | 阅读:16 | 回复:0
  • CVE-2021-31353
    CVE-2021-31353
    An Improper Handling of Exceptional Conditions vulnerability in Juniper Networks Junos OS and Junos OS Evolved allows an attacker to inject a specific BGP update, causing the routing protocol daemon ( ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 12:13 | 阅读:20 | 回复:0

关注我们

极客给你想要的成长

关注极客中国获取最新资讯

热门推荐
专题导读
阅读排行榜

扫描微信二维码

查看手机版网站

随时了解更新最新资讯

139-2527-9053

在线客服(服务时间 9:00~18:00)

在线QQ客服
地址:深圳市南山区西丽大学城创智工业园
电邮:jeky_zhao#qq.com
移动电话:139-2527-9053

Powered by 互联科技 X3.4© 2001-2213 极客世界.|Sitemap