CVE漏洞

OGeek|极客世界-中国程序员成长平台 › 门户 › 漏洞›CVE漏洞

RSS

CVE-2022-20752

A vulnerability in Cisco Unified Communications Manager (Unified CM), Cisco Unified Communications Manager Session Management Edition (Unified CM SME), and Cisco Unity Connection could allow an unauth ...……

作者：菜鸟教程小白 | 时间：2022-7-8 08:05 | 阅读：640 | 回复：0
CVE-2022-20768

A vulnerability in the logging component of Cisco TelePresence Collaboration Endpoint (CE) and RoomOS Software could allow an authenticated, remote attacker to view sensitive information in clear text ...……

作者：菜鸟教程小白 | 时间：2022-7-8 08:05 | 阅读：672 | 回复：0
CVE-2022-20791

A vulnerability in the database user privileges of Cisco Unified Communications Manager (Unified CM), Cisco Unified Communications Manager Session Management Edition (Unified CM SME), and Cisco Unifie ...……

作者：菜鸟教程小白 | 时间：2022-7-8 08:05 | 阅读：954 | 回复：0
CVE-2022-20800

A vulnerability in the web-based management interface of Cisco Unified Communications Manager (Unified CM), Cisco Unified Communications Manager Session Management Edition (Unified CM SME), Cisco Unif ...……

作者：菜鸟教程小白 | 时间：2022-7-8 08:05 | 阅读：615 | 回复：0
CVE-2022-20808

A vulnerability in Cisco Smart Software Manager On-Prem (SSM On-Prem) could allow an authenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerabili ...……

作者：菜鸟教程小白 | 时间：2022-7-8 08:05 | 阅读：529 | 回复：0
CVE-2022-20812

Multiple vulnerabilities in the API and in the web-based management interface of Cisco Expressway Series and Cisco TelePresence Video Communication Server (VCS) could allow a remote attacker to overwr ...……

作者：菜鸟教程小白 | 时间：2022-7-8 08:05 | 阅读：577 | 回复：0
CVE-2022-20813

Multiple vulnerabilities in the API and in the web-based management interface of Cisco Expressway Series and Cisco TelePresence Video Communication Server (VCS) could allow a remote attacker to overwr ...……

作者：菜鸟教程小白 | 时间：2022-7-8 08:05 | 阅读：496 | 回复：0
CVE-2022-20815

A vulnerability in the web-based management interface of Cisco Unified Communications Manager (Unified CM), Cisco Unified CM Session Management Edition (Unified CM SME), and Cisco Unified Communicatio ...……

作者：菜鸟教程小白 | 时间：2022-7-8 08:05 | 阅读：1250 | 回复：0
CVE-2022-20859

A vulnerability in the Disaster Recovery framework of Cisco Unified Communications Manager (Unified CM), Cisco Unified Communications Manager IM amp; Presence Service (Unified CM IMamp;P), and Cisco U ...……

作者：菜鸟教程小白 | 时间：2022-7-8 08:05 | 阅读：955 | 回复：0
CVE-2022-20862

A vulnerability in the web-based management interface of Cisco Unified Communications Manager (Unified CM) and Cisco Unified Communications Manager Session Management Edition (Unified CM SME) could al ...……

作者：菜鸟教程小白 | 时间：2022-7-8 08:05 | 阅读：973 | 回复：0
CVE-2022-27548

HCL Launch stores user credentials in plain clear text which can be read by a local user.……

作者：菜鸟教程小白 | 时间：2022-7-8 08:05 | 阅读：544 | 回复：0
CVE-2022-27549

HCL Launch may store certain data for recurring activities in a plain text format.……

作者：菜鸟教程小白 | 时间：2022-7-8 08:05 | 阅读：584 | 回复：0
CVE-2022-2339

With this SSRF vulnerability, an attacker can reach internal addresses to make a request as the server and read it's contents. This attack can lead to leak of sensitive information.……

作者：菜鸟教程小白 | 时间：2022-7-8 08:05 | 阅读：711 | 回复：0
CVE-2022-2342

Cross-site Scripting (XSS) - Stored in GitHub repository outline/outline prior to v0.64.4.……

作者：菜鸟教程小白 | 时间：2022-7-8 08:05 | 阅读：807 | 回复：0
CVE-2022-32567

The Appfire Jira Misc Custom Fields (JMCF) app 2.4.6 for Atlassian Jira allows XSS via a crafted project name to the Add Auto Indexing Rule function.……

作者：菜鸟教程小白 | 时间：2022-7-8 08:05 | 阅读：790 | 回复：0
CVE-2022-25046

A path traversal vulnerability in loader.php of CWP v0.9.8.1122 allows attackers to execute arbitrary code via a crafted POST request.……

作者：菜鸟教程小白 | 时间：2022-7-8 08:05 | 阅读：596 | 回复：0
CVE-2022-25047

The password reset token in CWP v0.9.8.1126 is generated using known or predictable values.……

作者：菜鸟教程小白 | 时间：2022-7-8 08:05 | 阅读：605 | 回复：0
CVE-2022-25048

Command injection vulnerability in CWP v0.9.8.1126 that allows normal users to run commands as the root user.……

作者：菜鸟教程小白 | 时间：2022-7-8 08:05 | 阅读：677 | 回复：0
CVE-2022-33996

Incorrect permission management in Devolutions Server before 2022.2 allows a new user with a preexisting username to inherit the permissions of that previous user.……

作者：菜鸟教程小白 | 时间：2022-7-8 08:05 | 阅读：1963 | 回复：0
CVE-2022-34007

EQS Integrity Line through 2022-07-01 allows a stored XSS via a crafted whistleblower entry.……

作者：菜鸟教程小白 | 时间：2022-7-8 08:05 | 阅读：1282 | 回复：0
CVE-2015-1784

In nextgen-galery wordpress plugin before 2.0.77.3 there are two vulnerabilities which can allow an attacker to gain full access over the web application. The vulnerabilities lie in how the applicatio ...……

作者：菜鸟教程小白 | 时间：2022-7-8 08:05 | 阅读：765 | 回复：0
CVE-2015-1785

In nextgen-galery wordpress plugin before 2.0.77.3 there are two vulnerabilities which can allow an attacker to gain full access over the web application. The vulnerabilities lie in how the applicatio ...……

作者：菜鸟教程小白 | 时间：2022-7-8 08:05 | 阅读：1117 | 回复：0
CVE-2015-3207

In Openshift Origin 3 the cookies being set in console have no 'secure', 'HttpOnly' attributes.……

作者：菜鸟教程小白 | 时间：2022-7-8 08:05 | 阅读：524 | 回复：0
CVE-2022-31854

Codoforum v5.1 was discovered to contain an arbitrary file upload vulnerability via the logo change option in the admin panel.……

作者：菜鸟教程小白 | 时间：2022-7-8 08:05 | 阅读：506 | 回复：0
CVE-2022-32205

A malicious server can serve excessive amounts of `Set-Cookie:` headers in a HTTP response to curl and curl 7.84.0 stores all of them. A sufficiently large amount of (big) cookies make subsequent HTT ...……

作者：菜鸟教程小白 | 时间：2022-7-8 08:05 | 阅读：1255 | 回复：0
CVE-2022-32206

curl 7.84.0 supports chained HTTP compression algorithms, meaning that a serverresponse can be compressed multiple times and potentially with different algorithms. The number of acceptable links in t ...……

作者：菜鸟教程小白 | 时间：2022-7-8 08:05 | 阅读：551 | 回复：0
CVE-2022-32207

When curl 7.84.0 saves cookies, alt-svc and hsts data to local files, it makes the operation atomic by finalizing the operation with a rename from a temporary name to the final target file name.In th ...……

作者：菜鸟教程小白 | 时间：2022-7-8 08:05 | 阅读：773 | 回复：0
CVE-2022-32208

When curl 7.84.0 does FTP transfers secured by krb5, it handles message verification failures wrongly. This flaw makes it possible for a Man-In-The-Middle attack to go unnoticed and even allows it to ...……

作者：菜鸟教程小白 | 时间：2022-7-8 08:05 | 阅读：915 | 回复：0
CVE-2022-32441

A memory corruption in Hex Rays Ida Pro v6.6 allows attackers to cause a Denial of Service (DoS) via a crafted file. Related to Data from Faulting Address controls subsequent Write Address starting at ...……

作者：菜鸟教程小白 | 时间：2022-7-8 08:05 | 阅读：505 | 回复：0
CVE-2014-0024

** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Notes: none.……

作者：菜鸟教程小白 | 时间：2022-7-8 08:05 | 阅读：1007 | 回复：0
CVE-2014-1926

** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Notes: none.……

作者：菜鸟教程小白 | 时间：2022-7-8 08:05 | 阅读：425 | 回复：0
CVE-2014-2887

** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Notes: none.……

作者：菜鸟教程小白 | 时间：2022-7-8 08:05 | 阅读：445 | 回复：0
CVE-2014-2895

** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Notes: none.……

作者：菜鸟教程小白 | 时间：2022-7-8 08:05 | 阅读：480 | 回复：0
CVE-2014-3516

** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Notes: none.……

作者：菜鸟教程小白 | 时间：2022-7-8 08:05 | 阅读：454 | 回复：0
CVE-2014-3588

** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Notes: none.……

作者：菜鸟教程小白 | 时间：2022-7-8 08:05 | 阅读：479 | 回复：0
CVE-2015-5236

It was discovered that the IcedTea-Web used codebase attribute of the applet tag on the HTML page that hosts Java applet in the Same Origin Policy (SOP) checks. As the specified codebase does not have ...……

作者：菜鸟教程小白 | 时间：2022-7-8 08:05 | 阅读：528 | 回复：0
CVE-2021-46825

Symantec Advanced Secure Gateway (ASG) and ProxySG are susceptible to an HTTP desync vulnerability. When a remote unauthenticated attacker and other web clients communicate through the proxy with the ...……

作者：菜鸟教程小白 | 时间：2022-7-8 08:05 | 阅读：766 | 回复：0
CVE-2022-23744

Check Point Endpoint Security Client E83 through E86 before E86.50 does not protect against a specific registry modification, and thus allows a local administrator to disable endpoint protection.……

作者：菜鸟教程小白 | 时间：2022-7-8 08:05 | 阅读：736 | 回复：0
CVE-2014-3644

** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Notes: none.……

作者：菜鸟教程小白 | 时间：2022-7-8 08:05 | 阅读：464 | 回复：0
CVE-2014-3658

** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Notes: none.……

作者：菜鸟教程小白 | 时间：2022-7-8 08:05 | 阅读：537 | 回复：0