• 设为首页
  • 点击收藏
  • 手机版
    手机扫一扫访问
    迪恩网络手机版
  • 关注官方公众号
    微信扫一扫关注
    迪恩网络公众号

CVE漏洞

RSS
  • CVE-2021-24604
    CVE-2021-24604
    The Availability Calendar WordPress plugin before 1.2.2 does not sanitise or escape its Category Names before outputting them in page/post where the associated shortcode is embed, allowing high privil ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:45 | 阅读:25 | 回复:0
  • CVE-2021-24606
    CVE-2021-24606
    The Availability Calendar WordPress plugin before 1.2.1 does not escape the category attribute from its shortcode before using it in a SQL statement, leading to a SQL Injection issue, which can be exp ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:45 | 阅读:38 | 回复:0
  • CVE-2021-24609
    CVE-2021-24609
    The WP Mapa Politico Espana WordPress plugin before 3.7.0 does not sanitise or escape some of its settings before outputting them in attributes, allowing high privilege users to perform Cross-Site Scr ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:45 | 阅读:21 | 回复:0
  • CVE-2021-24613
    CVE-2021-24613
    The Post Views Counter WordPress plugin before 1.3.5 does not sanitise or escape its Post Views Label settings, which could allow high privilege users to perform Cross-Site Scripting attacks in the fr ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:45 | 阅读:18 | 回复:0
  • CVE-2021-24618
    CVE-2021-24618
    The Donate With QRCode WordPress plugin before 1.4.5 does not sanitise or escape its QRCode Image setting, which result into a Stored Cross-Site Scripting (XSS). Furthermore, the plugin also does not ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:45 | 阅读:16 | 回复:0
  • CVE-2021-24635
    CVE-2021-24635
    The Visual Link Preview WordPress plugin before 2.2.3 does not enforce authorisation on several AJAX actions and has the CSRF nonce displayed for all authenticated users, allowing any authenticated us ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:45 | 阅读:25 | 回复:0
  • CVE-2021-24636
    CVE-2021-24636
    The Print My Blog WordPress Plugin before 3.4.2 does not enforce nonce (CSRF) checks, which allows attackers to make logged in administrators deactivate the Print My Blog plugin and delete all saved d ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:45 | 阅读:20 | 回复:0
  • CVE-2021-24637
    CVE-2021-24637
    The Google Fonts Typography WordPress plugin before 3.0.3 does not escape and sanitise some of its block settings, allowing users with as role as low as Contributor to perform Stored Cross-Site Script ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:45 | 阅读:17 | 回复:0
  • CVE-2021-24638
    CVE-2021-24638
    The OMGF WordPress plugin before 4.5.4 does not escape or validate the handle parameter of the REST API, which allows unauthenticated users to perform path traversal and overwrite arbitrary CSS file w ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:45 | 阅读:24 | 回复:0
  • CVE-2021-24639
    CVE-2021-24639
    The OMGF WordPress plugin before 4.5.4 does not enforce path validation, authorisation and CSRF checks in the omgf_ajax_empty_dir AJAX action, which allows any authenticated users to delete arbitrary ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:45 | 阅读:27 | 回复:0
  • CVE-2021-24640
    CVE-2021-24640
    The WordPress Slider Block Gutenslider plugin before 5.2.0 does not escape the minWidth attribute of a Gutenburg block, which could allow users with a role as low as contributor to perform Cross-Site ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:45 | 阅读:10 | 回复:0
  • CVE-2021-24657
    CVE-2021-24657
    The Limit Login Attempts WordPress plugin before 4.0.50 does not escape the IP addresses (which can be controlled by attacker via headers such as X-Forwarded-For) of attempted logins before outputting ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:45 | 阅读:15 | 回复:0
  • CVE-2021-24663
    CVE-2021-24663
    The Simple Schools Staff Directory WordPress plugin through 1.1 does not validate uploaded logo pictures to ensure that are indeed images, allowing high privilege users such as admin to upload arbitra ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:45 | 阅读:27 | 回复:0
  • CVE-2021-24741
    CVE-2021-24741
    The Support Board WordPress plugin before 3.3.4 does not escape multiple POST parameters (such as status_code, department, user_id, conversation_id, conversation_status_code, and recipient_id) before ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:45 | 阅读:27 | 回复:0
  • CVE-2019-16651
    CVE-2019-16651
    An issue was discovered on Virgin Media Super Hub 3 (based on ARRIS TG2492) devices. Because their SNMP commands have insufficient protection mechanisms, it is possible to use JavaScript and DNS rebin ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:45 | 阅读:13 | 回复:0
  • CVE-2020-21913
    CVE-2020-21913
    International Components for Unicode (ICU-20850) v66.1 was discovered to contain a use after free bug in the pkg_createWithAssemblyCode function in the file tools/pkgdata/pkgdata.cpp.……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:45 | 阅读:12 | 回复:0
  • CVE-2021-39402
    CVE-2021-39402
    MaianAffiliate v.1.0 is suffers from code injection by adding a new product via the admin panel. The injected payload is reflected on the affiliate main page for all authenticated and unauthenticated ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:45 | 阅读:14 | 回复:0
  • CVE-2021-40674
    CVE-2021-40674
    An SQL injection vulnerability exists in Wuzhi CMS v4.1.0 via the KeyValue parameter in coreframe/app/order/admin/index.php.……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:45 | 阅读:16 | 回复:0
  • CVE-2020-20891
    CVE-2020-20891
    Buffer Overflow vulnerability in function config_input in libavfilter/vf_gblur.c in Ffmpeg 4.2.1, allows attackers to cause a Denial of Service or other unspecified impacts.……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:45 | 阅读:19 | 回复:0
  • CVE-2020-20892
    CVE-2020-20892
    An issue was discovered in function filter_frame in libavfilter/vf_lenscorrection.c in Ffmpeg 4.2.1, allows attackers to cause a Denial of Service or other unspecified impacts due to a division by zer ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:45 | 阅读:21 | 回复:0
  • CVE-2020-20893
    CVE-2020-20893
    ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2020-22030. Reason: This candidate is a duplicate of CVE-2020-22030. Notes: All CVE users should reference CVE-2020-22030 instead of this ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:45 | 阅读:15 | 回复:0
  • CVE-2020-20894
    CVE-2020-20894
    ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2020-22025. Reason: This candidate is a duplicate of CVE-2020-22025. Notes: All CVE users should reference CVE-2020-22025 instead of this ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:45 | 阅读:12 | 回复:0
  • CVE-2020-20895
    CVE-2020-20895
    ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2020-22028. Reason: This candidate is a duplicate of CVE-2020-22028. Notes: All CVE users should reference CVE-2020-22028 instead of this ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:45 | 阅读:25 | 回复:0
  • CVE-2020-20896
    CVE-2020-20896
    An issue was discovered in function latm_write_packet in libavformat/latmenc.c in Ffmpeg 4.2.1, allows attackers to cause a Denial of Service or other unspecified impacts due to a Null pointer derefer ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:45 | 阅读:22 | 回复:0
  • CVE-2020-20897
    CVE-2020-20897
    ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2020-22035. Reason: This candidate is a duplicate of CVE-2020-22035. Notes: All CVE users should reference CVE-2020-22035 instead of this ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:45 | 阅读:17 | 回复:0
  • CVE-2020-20898
    CVE-2020-20898
    Integer Overflow vulnerability in function filter16_prewitt in libavfilter/vf_convolution.c in Ffmpeg 4.2.1, allows attackers to cause a Denial of Service or other unspecified impacts.……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:45 | 阅读:29 | 回复:0
  • CVE-2020-20899
    CVE-2020-20899
    ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2020-22036. Reason: This candidate is a duplicate of CVE-2020-22036. Notes: All CVE users should reference CVE-2020-22036 instead of this ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:45 | 阅读:21 | 回复:0
  • CVE-2020-20900
    CVE-2020-20900
    ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2020-22032. Reason: This candidate is a duplicate of CVE-2020-22032. Notes: All CVE users should reference CVE-2020-22032 instead of this ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:45 | 阅读:21 | 回复:0
  • CVE-2020-20901
    CVE-2020-20901
    ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2020-22022. Reason: This candidate is a duplicate of CVE-2020-22022. Notes: All CVE users should reference CVE-2020-22022 instead of this ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:45 | 阅读:20 | 回复:0
  • CVE-2020-20902
    CVE-2020-20902
    A CWE-125: Out-of-bounds read vulnerability exists in long_term_filter function in g729postfilter.c in FFmpeg 4.2.1 during computation of the denominator of pseudo-normalized correlation R'(0), th ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:45 | 阅读:21 | 回复:0
  • CVE-2020-21468
    CVE-2020-21468
    ** DISPUTED ** A segmentation fault in the redis-server component of Redis 5.0.7 leads to a denial of service (DOS). NOTE: the vendor cannot reproduce this issue in a released version, such as 5.0.7.……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:45 | 阅读:19 | 回复:0
  • CVE-2021-32265
    CVE-2021-32265
    An issue was discovered in Bento4 through v1.6.0-637. A global-buffer-overflow exists in the function AP4_MemoryByteStream::WritePartial() located in Ap4ByteStream.cpp. It allows an attacker to cause ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:45 | 阅读:22 | 回复:0
  • CVE-2021-32268
    CVE-2021-32268
    Buffer overflow vulnerability in function gf_fprintf in os_file.c in gpac before 1.0.1 allows attackers to execute arbitrary code. The fixed version is 1.0.1.……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:45 | 阅读:34 | 回复:0
  • CVE-2021-32269
    CVE-2021-32269
    An issue was discovered in gpac through 20200801. A NULL pointer dereference exists in the function ilst_item_box_dump located in box_dump.c. It allows an attacker to cause Denial of Service.……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:45 | 阅读:15 | 回复:0
  • CVE-2021-32270
    CVE-2021-32270
    An issue was discovered in gpac through 20200801. A NULL pointer dereference exists in the function vwid_box_del located in box_code_base.c. It allows an attacker to cause Denial of Service.……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:45 | 阅读:17 | 回复:0
  • CVE-2021-32271
    CVE-2021-32271
    An issue was discovered in gpac through 20200801. A stack-buffer-overflow exists in the function DumpRawUIConfig located in odf_dump.c. It allows an attacker to cause code Execution.……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:45 | 阅读:18 | 回复:0
  • CVE-2021-32272
    CVE-2021-32272
    An issue was discovered in faad2 before 2.10.0. A heap-buffer-overflow exists in the function stszin located in mp4read.c. It allows an attacker to cause Code Execution.……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:45 | 阅读:22 | 回复:0
  • CVE-2021-32273
    CVE-2021-32273
    An issue was discovered in faad2 through 2.10.0. A stack-buffer-overflow exists in the function ftypin located in mp4read.c. It allows an attacker to cause Code Execution.……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:45 | 阅读:27 | 回复:0
  • CVE-2021-32274
    CVE-2021-32274
    An issue was discovered in faad2 through 2.10.0. A heap-buffer-overflow exists in the function sbr_qmf_synthesis_64 located in sbr_qmf.c. It allows an attacker to cause code Execution.……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:45 | 阅读:16 | 回复:0
  • CVE-2021-32275
    CVE-2021-32275
    An issue was discovered in faust through v2.30.5. A NULL pointer dereference exists in the function CosPrim::computeSigOutput() located in cosprim.hh. It allows an attacker to cause Denial of Service.……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:45 | 阅读:18 | 回复:0

关注我们

极客给你想要的成长

关注极客中国获取最新资讯

热门推荐
专题导读
阅读排行榜

扫描微信二维码

查看手机版网站

随时了解更新最新资讯

139-2527-9053

在线客服(服务时间 9:00~18:00)

在线QQ客服
地址:深圳市南山区西丽大学城创智工业园
电邮:jeky_zhao#qq.com
移动电话:139-2527-9053

Powered by 互联科技 X3.4© 2001-2213 极客世界.|Sitemap