• 设为首页
  • 点击收藏
  • 手机版
    手机扫一扫访问
    迪恩网络手机版
  • 关注官方公众号
    微信扫一扫关注
    迪恩网络公众号

CVE漏洞

RSS
  • CVE-2021-42071
    CVE-2021-42071
    In Visual Tools DVR VX16 4.2.28.0, an unauthenticated attacker can achieve remote command execution via shell metacharacters in the cgi-bin/slogin/login.py User-Agent HTTP header.……
    作者:菜鸟教程小白 | 时间:2022-2-5 12:09 | 阅读:29 | 回复:0
  • CVE-2021-20372
    CVE-2021-20372
    IBM Sterling File Gateway 2.2.0.0 through 6.1.1.0 could allow a remote authenticated user to cause a denial of another user's service due to insufficient permission checking. IBM X-Force ID: 19551 ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 12:09 | 阅读:30 | 回复:0
  • CVE-2021-20375
    CVE-2021-20375
    IBM Sterling File Gateway 2.2.0.0 through 6.1.1.0 could allow an authenticated user to intercept and replace a message sent by another user due to improper access controls. IBM X-Force ID: 195567.……
    作者:菜鸟教程小白 | 时间:2022-2-5 12:09 | 阅读:27 | 回复:0
  • CVE-2021-20376
    CVE-2021-20376
    IBM Sterling File Gateway 2.2.0.0 through 6.1.1.0 could allow an authenticated attacker to enumerate usernames due to there being an observable discrepancy in returned messages. IBM X-Force ID: 195568 ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 12:09 | 阅读:31 | 回复:0
  • CVE-2021-20473
    CVE-2021-20473
    IBM Sterling File Gateway User Interface 2.2.0.0 through 6.1.1.0 does not invalidate session after logout which could allow an authenticated user to impersonate another user on the system. IBM X-Force ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 12:09 | 阅读:24 | 回复:0
  • CVE-2021-20481
    CVE-2021-20481
    IBM Sterling File Gateway 2.2.0.0 through 6.1.1.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended fun ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 12:09 | 阅读:27 | 回复:0
  • CVE-2021-20489
    CVE-2021-20489
    IBM Sterling File Gateway 2.2.0.0 through 6.1.1.0 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that t ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 12:09 | 阅读:33 | 回复:0
  • CVE-2021-20552
    CVE-2021-20552
    IBM Sterling File Gateway 6.0.0.0 through 6.1.1.0 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information cou ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 12:09 | 阅读:32 | 回复:0
  • CVE-2021-20561
    CVE-2021-20561
    IBM Sterling File Gateway 2.2.0.0 through 6.1.1.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended fun ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 12:09 | 阅读:28 | 回复:0
  • CVE-2021-20571
    CVE-2021-20571
    IBM Sterling B2B Integrator 5.2.0.0 through 6.1.1.0 is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the int ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 12:09 | 阅读:23 | 回复:0
  • CVE-2021-20584
    CVE-2021-20584
    IBM Sterling File Gateway 2.2.0.0 through 6.1.1.0 could allow a remote attacker to upload arbitrary files, caused by improper access controls. IBM X-Force ID: 199397.……
    作者:菜鸟教程小白 | 时间:2022-2-5 12:09 | 阅读:23 | 回复:0
  • CVE-2021-29700
    CVE-2021-29700
    IBM Sterling B2B Integrator Standard Edition 5.2.0.0 through 6.1.1.0 could allow an authneticated attacker to obtain sensitive information from configuration files that could aid in further attacks ag ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 12:09 | 阅读:34 | 回复:0
  • CVE-2021-41130
    CVE-2021-41130
    Extensible Service Proxy, a.k.a. ESP is a proxy which enables API management capabilities for JSON/REST or gRPC API services. ESPv1 can be configured to authenticate a JWT token. Its verified JWT clai ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 12:09 | 阅读:28 | 回复:0
  • CVE-2021-42092
    CVE-2021-42092
    An issue was discovered in Zammad before 4.1.1. Stored XSS may occur via an Article during addition of an attachment to a Ticket.……
    作者:菜鸟教程小白 | 时间:2022-2-5 12:09 | 阅读:41 | 回复:0
  • CVE-2021-42093
    CVE-2021-42093
    An issue was discovered in Zammad before 4.1.1. An admin can execute code on the server via a crafted request that manipulates triggers.……
    作者:菜鸟教程小白 | 时间:2022-2-5 12:09 | 阅读:41 | 回复:0
  • CVE-2021-42094
    CVE-2021-42094
    An issue was discovered in Zammad before 4.1.1. Command Injection can occur via custom Packages.……
    作者:菜鸟教程小白 | 时间:2022-2-5 12:09 | 阅读:42 | 回复:0
  • CVE-2020-21865
    CVE-2020-21865
    ThinkPHP50-CMS v1.0 contains a remote code execution (RCE) vulnerability in the component /public/?s=captcha.……
    作者:菜鸟教程小白 | 时间:2022-2-5 12:09 | 阅读:33 | 回复:0
  • CVE-2021-42084
    CVE-2021-42084
    An issue was discovered in Zammad before 4.1.1. An attacker with valid agent credentials may send a series of crafted requests that cause an endless loop and thus cause denial of service.……
    作者:菜鸟教程小白 | 时间:2022-2-5 12:09 | 阅读:45 | 回复:0
  • CVE-2021-42085
    CVE-2021-42085
    An issue was discovered in Zammad before 4.1.1. There is stored XSS via a custom Avatar.……
    作者:菜鸟教程小白 | 时间:2022-2-5 12:09 | 阅读:39 | 回复:0
  • CVE-2021-42086
    CVE-2021-42086
    An issue was discovered in Zammad before 4.1.1. An Agent account can modify account data, and gain admin access, via a crafted request.……
    作者:菜鸟教程小白 | 时间:2022-2-5 12:09 | 阅读:35 | 回复:0
  • CVE-2021-38104
    CVE-2021-38104
    IPPP72.FLT in Corel Presentations 2020 20.0.0.200 is affected by an Out-of-bounds Read vulnerability when parsing a crafted file. An unauthenticated attacker could leverage this vulnerability to acces ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 12:08 | 阅读:19 | 回复:0
  • CVE-2021-41845
    CVE-2021-41845
    A SQL injection issue was discovered in ThycoticCentrify Secret Server before 11.0.000007. The only affected versions are 10.9.000032 through 11.0.000006.……
    作者:菜鸟教程小白 | 时间:2022-2-5 12:08 | 阅读:27 | 回复:0
  • CVE-2020-21228
    CVE-2020-21228
    JIZHICMS 1.5.1 contains a cross-site scripting (XSS) vulnerability in the component /user/release.html, which allows attackers to arbitrarily add an administrator cookie.……
    作者:菜鸟教程小白 | 时间:2022-2-5 12:08 | 阅读:26 | 回复:0
  • CVE-2021-36298
    CVE-2021-36298
    Dell EMC InsightIQ, versions prior to 4.1.4, contain risky cryptographic algorithms in the SSH component. A remote unauthenticated attacker could potentially exploit this vulnerability leading to auth ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 12:08 | 阅读:20 | 回复:0
  • CVE-2021-36309
    CVE-2021-36309
    Dell Enterprise SONiC OS, versions 3.3.0 and earlier, contains a sensitive information disclosure vulnerability. An authenticated malicious user with access to the system may use the TACACS\Radius cre ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 12:08 | 阅读:23 | 回复:0
  • CVE-2021-38098
    CVE-2021-38098
    Corel PDF Fusion 2.6.2.0 is affected by a Heap Corruption vulnerability when parsing a crafted file. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution i ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 12:08 | 阅读:15 | 回复:0
  • CVE-2021-38100
    CVE-2021-38100
    Corel PhotoPaint Standard 2020 22.0.0.474 is affected by an Out-of-bounds Write vulnerability when parsing a crafted file. An unauthenticated attacker could leverage this vulnerability to achieve arbi ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 12:08 | 阅读:13 | 回复:0
  • CVE-2021-38101
    CVE-2021-38101
    CDRRip.dll in Corel PhotoPaint Standard 2020 22.0.0.474 is affected by an Out-of-bounds Write vulnerability when parsing a crafted file. An unauthenticated attacker could leverage this vulnerability t ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 12:08 | 阅读:27 | 回复:0
  • CVE-2021-38102
    CVE-2021-38102
    IPPP82.FLT in Corel Presentations 2020 20.0.0.200 is affected by an Out-of-bounds Read vulnerability when parsing a crafted file. An unauthenticated attacker could leverage this vulnerability to acces ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 12:08 | 阅读:12 | 回复:0
  • CVE-2021-38105
    CVE-2021-38105
    IPPP82.FLT in Corel Presentations 2020 20.0.0.200 is affected by an Out-of-bounds Read vulnerability when parsing a crafted file. An unauthenticated attacker could leverage this vulnerability to acces ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 12:08 | 阅读:7 | 回复:0
  • CVE-2021-38106
    CVE-2021-38106
    UAX200.dll in Corel Presentations 2020 20.0.0.200 is affected by an Out-of-bounds Read vulnerability when parsing a crafted file. An unauthenticated attacker could leverage this vulnerability to acces ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 12:08 | 阅读:9 | 回复:0
  • CVE-2021-38110
    CVE-2021-38110
    Word97Import200.dll in Corel WordPerfect 2020 20.0.0.200 is affected by an Out-of-bounds Write vulnerability when parsing a crafted file. An unauthenticated attacker could leverage this vulnerability ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 12:08 | 阅读:7 | 回复:0
  • CVE-2021-41847
    CVE-2021-41847
    An issue was discovered in 3xLogic Infinias Access Control through 6.7.10708.0, affecting physical security. Users with login credentials assigned to a specific zone can send modified HTTP GET and POS ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 12:08 | 阅读:10 | 回复:0
  • CVE-2021-38107
    CVE-2021-38107
    CdrCore.dll in Corel DrawStandard 2020 22.0.0.474 is affected by an Out-of-bounds Read vulnerability when parsing a crafted file. An unauthenticated attacker could leverage this vulnerability to acces ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 12:08 | 阅读:16 | 回复:0
  • CVE-2021-38108
    CVE-2021-38108
    Word97Import200.dll in Corel WordPerfect 2020 20.0.0.200 is affected by an Out-of-bounds Read vulnerability when parsing a crafted file. An unauthenticated attacker could leverage this vulnerability t ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 12:08 | 阅读:30 | 回复:0
  • CVE-2021-38109
    CVE-2021-38109
    Corel DrawStandard 2020 22.0.0.474 is affected by an Out-of-bounds Read vulnerability when parsing a crafted file. An unauthenticated attacker could leverage this vulnerability to access unauthorized ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 12:08 | 阅读:25 | 回复:0
  • CVE-2021-41862
    CVE-2021-41862
    AviatorScript through 5.2.7 allows code execution via an expression that is encoded with Byte Code Engineering Library (BCEL).……
    作者:菜鸟教程小白 | 时间:2022-2-5 12:08 | 阅读:383 | 回复:0
  • CVE-2021-41864
    CVE-2021-41864
    prealloc_elems_and_freelist in kernel/bpf/stackmap.c in the Linux kernel through 5.14.9 allows unprivileged users to trigger an eBPF multiplication integer overflow with a resultant out-of-bounds writ ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 12:08 | 阅读:18 | 回复:0
  • CVE-2021-41861
    CVE-2021-41861
    The Telegram application 7.5.0 through 7.8.0 for Android does not properly implement image self-destruction, a different vulnerability than CVE-2019-16248. After approximately two to four uses of the ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 12:08 | 阅读:27 | 回复:0
  • CVE-2021-21704
    CVE-2021-21704
    In PHP versions 7.3.x below 7.3.29, 7.4.x below 7.4.21 and 8.0.x below 8.0.8, when using Firebird PDO driver extension, a malicious database server could cause crashes in various database functions, s ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 12:08 | 阅读:21 | 回复:0

关注我们

极客给你想要的成长

关注极客中国获取最新资讯

热门推荐
专题导读
阅读排行榜

扫描微信二维码

查看手机版网站

随时了解更新最新资讯

139-2527-9053

在线客服(服务时间 9:00~18:00)

在线QQ客服
地址:深圳市南山区西丽大学城创智工业园
电邮:jeky_zhao#qq.com
移动电话:139-2527-9053

Powered by 互联科技 X3.4© 2001-2213 极客世界.|Sitemap