• 设为首页
  • 点击收藏
  • 手机版
    手机扫一扫访问
    迪恩网络手机版
  • 关注官方公众号
    微信扫一扫关注
    迪恩网络公众号

CVE漏洞

RSS
  • CVE-2021-41385
    CVE-2021-41385
    The third party intelligence connector in Securonix SNYPR 6.3.1 Build 184295_0302 allows an authenticated user to obtain access to server configuration details via SSRF.……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:47 | 阅读:50 | 回复:0
  • CVE-2021-41580
    CVE-2021-41580
    ** DISPUTED ** The passport-oauth2 package before 1.6.1 for Node.js mishandles the error condition of failure to obtain an access token. This is exploitable in certain use cases where an OAuth identit ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:47 | 阅读:66 | 回复:0
  • CVE-2021-34570
    CVE-2021-34570
    Multiple Phoenix Contact PLCnext control devices in versions prior to 2021.0.5 LTS are prone to a DoS attack through special crafted JSON requests.……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:47 | 阅读:49 | 回复:0
  • CVE-2021-20317
    CVE-2021-20317
    A flaw was found in the Linux kernel. A corrupted timer tree caused the task wakeup to be missing in the timerqueue_add function in lib/timerqueue.c. This flaw allows a local attacker with special use ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:47 | 阅读:46 | 回复:0
  • CVE-2021-23054
    CVE-2021-23054
    On version 16.x before 16.1.0, 15.1.x before 15.1.4, 14.1.x before 14.1.4.4, and all versions of 13.1.x, 12.1.x, and 11.6.x, a reflected cross-site scripting (XSS) vulnerability exists in the resource ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:47 | 阅读:53 | 回复:0
  • CVE-2021-0421
    CVE-2021-0421
    In memory management driver, there is a possible information disclosure due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. U ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:47 | 阅读:26 | 回复:0
  • CVE-2021-0422
    CVE-2021-0422
    In memory management driver, there is a possible system crash due to a missing bounds check. This could lead to local denial of service with no additional execution privileges needed. User interaction ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:47 | 阅读:39 | 回复:0
  • CVE-2021-0423
    CVE-2021-0423
    In memory management driver, there is a possible information disclosure due to uninitialized data. This could lead to local information disclosure with no additional execution privileges needed. User ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:47 | 阅读:38 | 回复:0
  • CVE-2021-0424
    CVE-2021-0424
    In memory management driver, there is a possible system crash due to a missing bounds check. This could lead to local denial of service with no additional execution privileges needed. User interaction ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:47 | 阅读:44 | 回复:0
  • CVE-2021-0425
    CVE-2021-0425
    In memory management driver, there is a possible side channel information disclosure. This could lead to local information disclosure with no additional execution privileges needed. User interaction i ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:47 | 阅读:51 | 回复:0
  • CVE-2021-0610
    CVE-2021-0610
    In memory management driver, there is a possible memory corruption due to an integer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User int ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:47 | 阅读:46 | 回复:0
  • CVE-2021-0611
    CVE-2021-0611
    In m4u, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for expl ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:47 | 阅读:41 | 回复:0
  • CVE-2021-0612
    CVE-2021-0612
    In m4u, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for expl ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:47 | 阅读:37 | 回复:0
  • CVE-2021-0660
    CVE-2021-0660
    In ccu, there is a possible out of bounds read due to incorrect error handling. This could lead to information disclosure with System execution privileges needed. User interaction is not needed for ex ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:47 | 阅读:51 | 回复:0
  • CVE-2021-40097
    CVE-2021-40097
    An issue was discovered in Concrete CMS through 8.5.5. Authenticated path traversal leads to to remote code execution via uploaded PHP code, related to the bFilename parameter.……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:47 | 阅读:49 | 回复:0
  • CVE-2021-40098
    CVE-2021-40098
    An issue was discovered in Concrete CMS through 8.5.5. Path Traversal leading to RCE via external form by adding a regular expression.……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:47 | 阅读:35 | 回复:0
  • CVE-2021-40103
    CVE-2021-40103
    An issue was discovered in Concrete CMS through 8.5.5. Path Traversal can lead to Arbitrary File Reading and SSRF.……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:47 | 阅读:65 | 回复:0
  • CVE-2021-40104
    CVE-2021-40104
    An issue was discovered in Concrete CMS through 8.5.5. There is an SVG sanitizer bypass.……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:47 | 阅读:49 | 回复:0
  • CVE-2021-40105
    CVE-2021-40105
    An issue was discovered in Concrete CMS through 8.5.5. There is XSS via Markdown Comments.……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:47 | 阅读:67 | 回复:0
  • CVE-2021-40106
    CVE-2021-40106
    An issue was discovered in Concrete CMS through 8.5.5. There is unauthenticated stored XSS in blog comments via the website field.……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:47 | 阅读:51 | 回复:0
  • CVE-2021-23243
    CVE-2021-23243
    In Oppo's battery application, the third-party SDK provides the function of loading a third-party Provider, which can be used.……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:47 | 阅读:57 | 回复:0
  • CVE-2021-3799
    CVE-2021-3799
    grav-plugin-admin is vulnerable to Improper Restriction of Rendered UI Layers or Frames……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:47 | 阅读:33 | 回复:0
  • CVE-2021-3818
    CVE-2021-3818
    grav is vulnerable to Reliance on Cookies without Validation and Integrity Checking……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:47 | 阅读:32 | 回复:0
  • CVE-2021-3819
    CVE-2021-3819
    firefly-iii is vulnerable to Cross-Site Request Forgery (CSRF)……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:47 | 阅读:30 | 回复:0
  • CVE-2021-3820
    CVE-2021-3820
    inflect is vulnerable to Inefficient Regular Expression Complexity……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:47 | 阅读:42 | 回复:0
  • CVE-2021-3822
    CVE-2021-3822
    jsoneditor is vulnerable to Inefficient Regular Expression Complexity……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:47 | 阅读:36 | 回复:0
  • CVE-2021-3828
    CVE-2021-3828
    nltk is vulnerable to Inefficient Regular Expression Complexity……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:47 | 阅读:48 | 回复:0
  • CVE-2021-40108
    CVE-2021-40108
    An issue was discovered in Concrete CMS through 8.5.5. The Calendar is vulnerable to CSRF. ccm_token is not verified on the ccm/calendar/dialogs/event/add/save endpoint.……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:47 | 阅读:50 | 回复:0
  • CVE-2021-40109
    CVE-2021-40109
    A SSRF issue was discovered in Concrete CMS through 8.5.5. Users can access forbidden files on their local network. A user with permissions to upload files from external sites can upload a URL that re ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:47 | 阅读:39 | 回复:0
  • CVE-2021-22272
    CVE-2021-22272
    The vulnerability origins in the commissioning process where an attacker of the ControlTouch can enter a serial number in a specific way to transfer the device virtually into her/his my.busch-jaeger.d ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:47 | 阅读:47 | 回复:0
  • CVE-2021-33907
    CVE-2021-33907
    The Zoom Client for Meetings for Windows in all versions before 5.3.0 fails to properly validate the certificate information used to sign .msi files when performing an update of the client. This could ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:47 | 阅读:38 | 回复:0
  • CVE-2021-34408
    CVE-2021-34408
    The Zoom Client for Meetings for Windows in all versions before version 5.3.2 writes log files to a user writable directory as a privileged user during the installation or update of the client. This c ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:47 | 阅读:36 | 回复:0
  • CVE-2021-34409
    CVE-2021-34409
    It was discovered that the installation packages of the Zoom Client for Meetings for MacOS (Standard and for IT Admin) installation before version 5.2.0, Zoom Client Plugin for Sharing iPhone/iPad bef ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:47 | 阅读:38 | 回复:0
  • CVE-2021-34410
    CVE-2021-34410
    A user-writable application bundle unpacked during the install for all versions of the Zoom Plugin for Microsoft Outlook for Mac before 5.0.25611.0521 allows for privilege escalation to root.……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:47 | 阅读:40 | 回复:0
  • CVE-2021-34411
    CVE-2021-34411
    During the installation process forZoom Rooms for Conference Room for Windows before version 5.3.0 it is possible to launch Internet Explorer with elevated privileges. If the installer was launched wi ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:47 | 阅读:40 | 回复:0
  • CVE-2021-34412
    CVE-2021-34412
    During the installation process for all versions of the Zoom Client for Meetings for Windows before 5.4.0, it is possible to launch Internet Explorer. If the installer was launched with elevated privi ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:47 | 阅读:44 | 回复:0
  • CVE-2021-34413
    CVE-2021-34413
    All versions of the Zoom Plugin for Microsoft Outlook for MacOS before 5.3.52553.0918 contain a Time-of-check Time-of-use (TOC/TOU) vulnerability during the plugin installation process. This could all ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:47 | 阅读:35 | 回复:0
  • CVE-2021-34414
    CVE-2021-34414
    The network proxy page on the web portal for the Zoom on-premise Meeting Connector Controller before version 4.6.348.20201217, Zoom on-premise Meeting Connector MMR before version 4.6.348.20201217, Zo ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:47 | 阅读:36 | 回复:0
  • CVE-2021-34415
    CVE-2021-34415
    The Zone Controller service in the Zoom On-Premise Meeting Connector Controller before version 4.6.358.20210205 does not verify the cnt field sent in incoming network packets, which leads to exhaustio ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:47 | 阅读:34 | 回复:0
  • CVE-2021-34416
    CVE-2021-34416
    The network address administrative settings web portal for the Zoom on-premise Meeting Connector before version 4.6.360.20210325, Zoom on-premise Meeting Connector MMR before version 4.6.360.20210325, ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:47 | 阅读:33 | 回复:0

关注我们

极客给你想要的成长

关注极客中国获取最新资讯

热门推荐
专题导读
阅读排行榜

扫描微信二维码

查看手机版网站

随时了解更新最新资讯

139-2527-9053

在线客服(服务时间 9:00~18:00)

在线QQ客服
地址:深圳市南山区西丽大学城创智工业园
电邮:jeky_zhao#qq.com
移动电话:139-2527-9053

Powered by 互联科技 X3.4© 2001-2213 极客世界.|Sitemap