• 设为首页
  • 点击收藏
  • 手机版
    手机扫一扫访问
    迪恩网络手机版
  • 关注官方公众号
    微信扫一扫关注
    迪恩网络公众号

CVE漏洞

RSS
  • CVE-2021-39817
    CVE-2021-39817
    Adobe Bridge version 11.1 (and earlier) is affected by a memory corruption vulnerability due to insecure handling of a malicious Bridge file, potentially resulting in arbitrary code execution in the c ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:38 | 阅读:14 | 回复:0
  • CVE-2021-39847
    CVE-2021-39847
    XMP Toolkit SDK version 2020.1 (and earlier) is affected by a stack-based buffer overflow vulnerability potentially resulting in arbitrary code execution in the context of the current user. Exploitati ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:38 | 阅读:12 | 回复:0
  • CVE-2021-40350
    CVE-2021-40350
    webctrl.cgi.elf on Christie Digital DWU850-GS V06.46 devices allows attackers to perform any desired action via a crafted query containing an unspecified Cookie header. Authentication bypass can be ac ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:38 | 阅读:12 | 回复:0
  • CVE-2021-29851
    CVE-2021-29851
    IBM Planning Analytics 2.0 could allow a remote attacker to obtain sensitive information when a stack trace is returned in the browser. IBM X-Force ID: 205527.……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:38 | 阅读:32 | 回复:0
  • CVE-2021-29852
    CVE-2021-29852
    IBM Planning Analytics 2.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:38 | 阅读:24 | 回复:0
  • CVE-2021-29853
    CVE-2021-29853
    IBM Planning Analytics 2.0 could expose information that could be used to to create attacks by not validating the return values from some methods or functions. IBM X-Force ID: 205529.……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:38 | 阅读:15 | 回复:0
  • CVE-2021-23436
    CVE-2021-23436
    This affects the package immer before 9.0.6. A type confusion vulnerability can lead to a bypass of CVE-2020-28477 when the user-provided keys used in the path parameter are arrays. In particular, thi ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:38 | 阅读:17 | 回复:0
  • CVE-2021-30354
    CVE-2021-30354
    Amazon Kindle e-reader prior to and including version 5.13.4 contains an Integer Overflow that leads to a Heap-Based Buffer Overflow in function CJBig2Image::expand() and results in a memory corruptio ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:38 | 阅读:23 | 回复:0
  • CVE-2021-34435
    CVE-2021-34435
    In Eclipse Theia 0.3.9 to 1.8.1, the mini-browser extension allows a user to preview HTML files in an iframe inside the IDE. But with the way it is made it is possible for a previewed HTML file to tri ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:38 | 阅读:20 | 回复:0
  • CVE-2021-40378
    CVE-2021-40378
    An issue was discovered on Compro IP70 2.08_7130218, IP570 2.08_7130520, IP60, and TN540 devices. /cgi-bin/support/killps.cgi deletes all data from the device.……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:38 | 阅读:11 | 回复:0
  • CVE-2021-40379
    CVE-2021-40379
    An issue was discovered on Compro IP70 2.08_7130218, IP570 2.08_7130520, IP60, and TN540 devices. rstp://.../medias2 does not require authorization.……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:38 | 阅读:21 | 回复:0
  • CVE-2021-40380
    CVE-2021-40380
    An issue was discovered on Compro IP70 2.08_7130218, IP570 2.08_7130520, IP60, and TN540 devices. cameralist.cgi and setcamera.cgi disclose credentials.……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:38 | 阅读:24 | 回复:0
  • CVE-2021-40381
    CVE-2021-40381
    An issue was discovered on Compro IP70 2.08_7130218, IP570 2.08_7130520, IP60, and TN540 devices. index_MJpeg.cgi allows video access.……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:38 | 阅读:16 | 回复:0
  • CVE-2021-40382
    CVE-2021-40382
    An issue was discovered on Compro IP70 2.08_7130218, IP570 2.08_7130520, IP60, and TN540 devices. mjpegStreamer.cgi allows video screenshot access.……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:38 | 阅读:27 | 回复:0
  • CVE-2021-23438
    CVE-2021-23438
    This affects the package mpath before 0.8.4. A type confusion vulnerability can lead to a bypass of CVE-2018-16490. In particular, the condition ignoreProperties.indexOf(parts) !== -1 returns -1 if pa ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:38 | 阅读:23 | 回复:0
  • CVE-2021-30355
    CVE-2021-30355
    Amazon Kindle e-reader prior to and including version 5.13.4 improperly manages privileges, allowing the framework user to elevate privileges to root.……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:38 | 阅读:20 | 回复:0
  • CVE-2020-20340
    CVE-2020-20340
    A SQL injection vulnerability in the 4.edu.php\conn\function.php component of S-CMS v1.0 allows attackers to access sensitive database information.……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:38 | 阅读:29 | 回复:0
  • CVE-2020-20341
    CVE-2020-20341
    YzmCMS v5.5 contains a server-side request forgery (SSRF) in the grab_image() function.……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:38 | 阅读:18 | 回复:0
  • CVE-2021-39181
    CVE-2021-39181
    OpenOlat is a web-based learning management system (LMS). Prior to version 15.3.18, 15.5.3, and 16.0.0, using a prepared import XML file (e.g. a course) any class on the Java classpath can be instanti ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:38 | 阅读:25 | 回复:0
  • CVE-2021-39185
    CVE-2021-39185
    Http4s is a minimal, idiomatic Scala interface for HTTP services. In http4s versions 0.21.26 and prior, 0.22.0 through 0.22.2, 0.23.0, 0.23.1, and 1.0.0-M1 through 1.0.0-M24, the default CORS configur ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:38 | 阅读:24 | 回复:0
  • CVE-2021-39186
    CVE-2021-39186
    GlobalNewFiles is a MediaWiki extension maintained by Miraheze. Prior to commit number cee254e1b158cdb0ddbea716b1d3edc31fa4fb5d, the username column of the GlobalNewFiles special page is vulnerable to ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:38 | 阅读:19 | 回复:0
  • CVE-2021-40385
    CVE-2021-40385
    An issue was discovered in the server software in Kaseya Unitrends Backup Software before 10.5.5-2. There is a privilege escalation from read-only user to admin.……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:38 | 阅读:21 | 回复:0
  • CVE-2021-40387
    CVE-2021-40387
    An issue was discovered in the server software in Kaseya Unitrends Backup Software before 10.5.5-2. There is authenticated remote code execution.……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:38 | 阅读:23 | 回复:0
  • CVE-2020-20343
    CVE-2020-20343
    WTCMS 1.0 contains a cross-site request forgery (CSRF) vulnerability in the index.php?g=adminm=nava=add_post component that allows attackers to arbitrarily add articles in the administrator background ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:38 | 阅读:17 | 回复:0
  • CVE-2020-20344
    CVE-2020-20344
    WTCMS 1.0 contains a reflective cross-site scripting (XSS) vulnerability in the keyword search function under the background articles module.……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:38 | 阅读:31 | 回复:0
  • CVE-2020-20345
    CVE-2020-20345
    WTCMS 1.0 contains a reflective cross-site scripting (XSS) vulnerability in the page management background which allows attackers to obtain cookies via a crafted payload entered into the search box.……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:38 | 阅读:16 | 回复:0
  • CVE-2020-20347
    CVE-2020-20347
    WTCMS 1.0 contains a stored cross-site scripting (XSS) vulnerability in the source field under the article management module.……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:38 | 阅读:18 | 回复:0
  • CVE-2020-20348
    CVE-2020-20348
    WTCMS 1.0 contains a stored cross-site scripting (XSS) vulnerability in the link field under the background menu management module.……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:38 | 阅读:24 | 回复:0
  • CVE-2020-20349
    CVE-2020-20349
    WTCMS 1.0 contains a stored cross-site scripting (XSS) vulnerability in the link address field under the background links module.……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:38 | 阅读:23 | 回复:0
  • CVE-2021-39115
    CVE-2021-39115
    Affected versions of Atlassian Jira Service Management Server and Data Center allow remote attackers with Jira Administrators access to execute arbitrary Java code or run arbitrary system commands via ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:38 | 阅读:19 | 回复:0
  • CVE-2021-39119
    CVE-2021-39119
    Affected versions of Atlassian Jira Server and Data Center allow users who have watched an issue to continue receiving updates on the issue even after their Jira account is revoked, via a Broken Acces ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:38 | 阅读:19 | 回复:0
  • CVE-2021-31797
    CVE-2021-31797
    The user identification mechanism used by CyberArk Credential Provider prior to 12.1 is susceptible to a local host race condition, leading to password disclosure.……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:38 | 阅读:18 | 回复:0
  • CVE-2021-31796
    CVE-2021-31796
    An inadequate encryption vulnerability discovered in CyberArk Credential Provider before 12.1 may lead to Information Disclosure. An attacker may realistically have enough information that the number ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:38 | 阅读:17 | 回复:0
  • CVE-2021-31798
    CVE-2021-31798
    The effective key space used to encrypt the cache in CyberArk Credential Provider prior to 12.1 has low entropy, and under certain conditions a local malicious user can obtain the plaintext of cache f ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:38 | 阅读:19 | 回复:0
  • CVE-2021-34732
    CVE-2021-34732
    A vulnerability in the web-based management interface of Cisco Prime Collaboration Provisioning could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:38 | 阅读:13 | 回复:0
  • CVE-2021-34733
    CVE-2021-34733
    A vulnerability in the CLI of Cisco Prime Infrastructure and Cisco Evolved Programmable Network (EPN) Manager could allow an authenticated, local attacker to access sensitive information stored on the ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:38 | 阅读:19 | 回复:0
  • CVE-2021-34746
    CVE-2021-34746
    A vulnerability in the TACACS+ authentication, authorization and accounting (AAA) feature of Cisco Enterprise NFV Infrastructure Software (NFVIS) could allow an unauthenticated, remote attacker to byp ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:38 | 阅读:13 | 回复:0
  • CVE-2021-34759
    CVE-2021-34759
    A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) Software could allow an authenticated, remote attacker with administrative credentials to conduct a cross- ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:38 | 阅读:28 | 回复:0
  • CVE-2021-34765
    CVE-2021-34765
    A vulnerability in the web UI for Cisco Nexus Insights could allow an authenticated, remote attacker to view and download files related to the web application. The attacker requires valid device crede ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:38 | 阅读:19 | 回复:0
  • CVE-2021-3757
    CVE-2021-3757
    immer is vulnerable to Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:38 | 阅读:9 | 回复:0

关注我们

极客给你想要的成长

关注极客中国获取最新资讯

热门推荐
专题导读
阅读排行榜

扫描微信二维码

查看手机版网站

随时了解更新最新资讯

139-2527-9053

在线客服(服务时间 9:00~18:00)

在线QQ客服
地址:深圳市南山区西丽大学城创智工业园
电邮:jeky_zhao#qq.com
移动电话:139-2527-9053

Powered by 互联科技 X3.4© 2001-2213 极客世界.|Sitemap