• 设为首页
  • 点击收藏
  • 手机版
    手机扫一扫访问
    迪恩网络手机版
  • 关注官方公众号
    微信扫一扫关注
    迪恩网络公众号

CVE漏洞

RSS
  • CVE-2021-36035
    CVE-2021-36035
    Magento Commerce versions 2.4.2 (and earlier), 2.4.2-p1 (and earlier) and 2.3.7 (and earlier) are affected by an improper input validation vulnerability. An attacker with admin privileges could make a ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:37 | 阅读:26 | 回复:0
  • CVE-2021-36037
    CVE-2021-36037
    Magento Commerce versions 2.4.2 (and earlier), 2.4.2-p1 (and earlier) and 2.3.7 (and earlier) are affected by an improper improper authorization vulnerability. An authenticated attacker could leverage ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:37 | 阅读:34 | 回复:0
  • CVE-2021-36038
    CVE-2021-36038
    Magento Commerce versions 2.4.2 (and earlier), 2.4.2-p1 (and earlier) and 2.3.7 (and earlier) are affected by an improper input validation vulnerability in the Multishipping Module. An authenticated a ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:37 | 阅读:22 | 回复:0
  • CVE-2021-36039
    CVE-2021-36039
    Magento Commerce versions 2.4.2 (and earlier), 2.4.2-p1 (and earlier) and 2.3.7 (and earlier) are affected by an improper input validation vulnerability via the `quoteId` parameter. An attacker can ab ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:37 | 阅读:29 | 回复:0
  • CVE-2021-36040
    CVE-2021-36040
    Magento Commerce versions 2.4.2 (and earlier), 2.4.2-p1 (and earlier) and 2.3.7 (and earlier) are affected by an improper input validation vulnerability. An attacker with admin privileges can upload a ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:37 | 阅读:14 | 回复:0
  • CVE-2021-36041
    CVE-2021-36041
    Magento Commerce versions 2.4.2 (and earlier), 2.4.2-p1 (and earlier) and 2.3.7 (and earlier) are affected by an improper input validation vulnerability. An attacker with admin privileges could upload ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:37 | 阅读:23 | 回复:0
  • CVE-2021-36042
    CVE-2021-36042
    Magento Commerce versions 2.4.2 (and earlier), 2.4.2-p1 (and earlier) and 2.3.7 (and earlier) are affected by an improper input validation vulnerability in the API File Option Upload Extension. An att ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:37 | 阅读:21 | 回复:0
  • CVE-2021-36043
    CVE-2021-36043
    Magento Commerce versions 2.4.2 (and earlier), 2.4.2-p1 (and earlier) and 2.3.7 (and earlier) are affected by a blind SSRF vulnerability in the bundled dotmailer extension. An attacker with admin priv ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:37 | 阅读:6 | 回复:0
  • CVE-2021-36044
    CVE-2021-36044
    Magento Commerce versions 2.4.2 (and earlier), 2.4.2-p1 (and earlier) and 2.3.7 (and earlier) are affected by an improper input validation vulnerability. An unauthenticated attacker could abuse this v ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:37 | 阅读:9 | 回复:0
  • CVE-2021-36045
    CVE-2021-36045
    XMP Toolkit SDK versions 2020.1 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of arbitrary memory. An attacker could leverage this vulnerability to by ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:37 | 阅读:20 | 回复:0
  • CVE-2021-36046
    CVE-2021-36046
    XMP Toolkit version 2020.1 (and earlier) is affected by a memory corruption vulnerability, potentially resulting in arbitrary code execution in the context of the current user. User interaction is req ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:37 | 阅读:17 | 回复:0
  • CVE-2021-36047
    CVE-2021-36047
    XMP Toolkit SDK version 2020.1 (and earlier) is affected by an Improper Input Validation vulnerability potentially resulting in arbitrary code execution in the context of the current user. Exploitatio ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:37 | 阅读:11 | 回复:0
  • CVE-2021-36048
    CVE-2021-36048
    XMP Toolkit SDK version 2020.1 (and earlier) is affected by an Improper Input Validation vulnerability potentially resulting in arbitrary code execution in the context of the current user. Exploitatio ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:37 | 阅读:15 | 回复:0
  • CVE-2021-36049
    CVE-2021-36049
    Adobe Bridge version 11.1 (and earlier) is affected by a memory corruption vulnerability due to insecure handling of a malicious Bridge file, potentially resulting in arbitrary code execution in the c ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:37 | 阅读:11 | 回复:0
  • CVE-2021-36050
    CVE-2021-36050
    XMP Toolkit SDK version 2020.1 (and earlier) is affected by a buffer overflow vulnerability potentially resulting in arbitrary code execution in the context of the current user. Exploitation requires ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:37 | 阅读:13 | 回复:0
  • CVE-2021-36052
    CVE-2021-36052
    XMP Toolkit version 2020.1 (and earlier) is affected by a memory corruption vulnerability, potentially resulting in arbitrary code execution in the context of the current user. User interaction is req ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:37 | 阅读:13 | 回复:0
  • CVE-2021-36053
    CVE-2021-36053
    XMP Toolkit SDK versions 2020.1 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of arbitrary memory. An attacker could leverage this vulnerability to by ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:37 | 阅读:6 | 回复:0
  • CVE-2021-36054
    CVE-2021-36054
    XMP Toolkit SDK version 2020.1 (and earlier) is affected by a buffer overflow vulnerability potentially resulting in local application denial of service in the context of the current user. Exploitatio ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:37 | 阅读:14 | 回复:0
  • CVE-2021-36055
    CVE-2021-36055
    XMP Toolkit SDK versions 2020.1 (and earlier) are affected by a use-after-free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issu ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:37 | 阅读:22 | 回复:0
  • CVE-2021-36056
    CVE-2021-36056
    XMP Toolkit SDK version 2020.1 (and earlier) is affected by a buffer overflow vulnerability potentially resulting in arbitrary code execution in the context of the current user. Exploitation requires ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:37 | 阅读:11 | 回复:0
  • CVE-2021-36057
    CVE-2021-36057
    XMP Toolkit SDK version 2020.1 (and earlier) is affected by a write-what-where condition vulnerability caused during the application's memory allocation process. This may cause the memory manageme ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:37 | 阅读:10 | 回复:0
  • CVE-2020-20675
    CVE-2020-20675
    Nuishop v2.3 contains a SQL injection vulnerability in /goods/getGoodsListByConditions/.……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:37 | 阅读:21 | 回复:0
  • CVE-2021-39167
    CVE-2021-39167
    OpenZepplin is a library for smart contract development. In affected versions a vulnerability in TimelockController allowed an actor with the executor role to escalate privileges. Further details abou ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:37 | 阅读:12 | 回复:0
  • CVE-2021-39168
    CVE-2021-39168
    OpenZepplin is a library for smart contract development. In affected versions a vulnerability in TimelockController allowed an actor with the executor role to escalate privileges. Further details abou ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:37 | 阅读:25 | 回复:0
  • CVE-2021-40142
    CVE-2021-40142
    In OPC Foundation Local Discovery Server (LDS) before 1.04.402.463, remote attackers can cause a denial of service (DoS) by sending carefully crafted messages that lead to Access of a Memory Location ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:37 | 阅读:23 | 回复:0
  • CVE-2021-35342
    CVE-2021-35342
    The useradm service 1.14.0 (in Northern.tech Mender Enterprise 2.7.x before 2.7.1) and 1.13.0 (in Northern.tech Mender Enterprise 2.6.x before 2.6.1) allows users to access the system with their JWT t ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:37 | 阅读:13 | 回复:0
  • CVE-2021-39169
    CVE-2021-39169
    Misskey is a decentralized microblogging platform. In versions of Misskey prior to 12.51.0, malicious actors can use the web client built-in dialog to display a malicious string, leading to cross-site ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:37 | 阅读:13 | 回复:0
  • CVE-2021-40153
    CVE-2021-40153
    squashfs_opendir in unsquash-1.c in Squashfs-Tools 4.5 stores the filename in the directory entry; this is then used by unsquashfs to create the new file during the unsquash. The filename is not valid ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:37 | 阅读:30 | 回复:0
  • CVE-2021-29744
    CVE-2021-29744
    IBM Maximo Asset Management 7.6.0 and 7.6.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functiona ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:37 | 阅读:29 | 回复:0
  • CVE-2021-36530
    CVE-2021-36530
    ngiflib 0.4 has a heap overflow in GetByteStr() at ngiflib.c:108 in NGIFLIB_NO_FILE mode, GetByteStr() copy memory buffer without checking the boundary.……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:37 | 阅读:14 | 回复:0
  • CVE-2021-36531
    CVE-2021-36531
    ngiflib 0.4 has a heap overflow in GetByte() at ngiflib.c:70 in NGIFLIB_NO_FILE mode, GetByte() reads memory buffer without checking the boundary.……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:37 | 阅读:26 | 回复:0
  • CVE-2021-23434
    CVE-2021-23434
    This affects the package object-path before 0.11.6. A type confusion vulnerability can lead to a bypass of CVE-2020-15256 when the path components used in the path parameter are arrays. In particular, ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:37 | 阅读:13 | 回复:0
  • CVE-2020-23226
    CVE-2020-23226
    Multiple Cross Site Scripting (XSS) vulneratiblities exist in Cacti 1.2.12 in (1) reports_admin.php, (2) data_queries.php, (3) data_input.php, (4) graph_templates.php, (5) graphs.php, (6) reports_admi ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:37 | 阅读:14 | 回复:0
  • CVE-2021-32758
    CVE-2021-32758
    OpenMage Magento LTS is an alternative to the Magento CE official releases. Prior to versions 19.4.15 and 20.0.11, layout XML enabled admin users to execute arbitrary commands via block methods. The l ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:37 | 阅读:18 | 回复:0
  • CVE-2020-18998
    CVE-2020-18998
    Cross Site Scripting (XSS) in Blog_mini v1.0 allows remote attackers to execute arbitrary code via the component '/admin/custom/blog-plugin/add'.……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:37 | 阅读:31 | 回复:0
  • CVE-2020-18999
    CVE-2020-18999
    Cross Site Scripting (XSS) in Blog_mini v1.0 allows remote attackers to execute arbitrary code via the component '/admin/submit-articles'.……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:37 | 阅读:26 | 回复:0
  • CVE-2020-19000
    CVE-2020-19000
    Cross Site Scripting (XSS) in Simiki v1.6.2.1 and prior allows remote attackers to execute arbitrary code via line 54 of the component 'simiki/blob/master/simiki/generators.py'.……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:37 | 阅读:25 | 回复:0
  • CVE-2020-19001
    CVE-2020-19001
    Command Injection in Simiki v1.6.2.1 and prior allows remote attackers to execute arbitrary system commands via line 64 of the component 'simiki/blob/master/simiki/config.py'.……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:37 | 阅读:8 | 回复:0
  • CVE-2020-19002
    CVE-2020-19002
    Cross Site Scripting (XSS) in Mezzanine v4.3.1 allows remote attackers to execute arbitrary code via the 'Description' field of the component 'admin/blog/blogpost/add/'. This issue is ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:37 | 阅读:7 | 回复:0
  • CVE-2021-28233
    CVE-2021-28233
    Heap-based Buffer Overflow vulnerability exists in ok-file-formats 1 via the ok_jpg_generate_huffman_table function in ok_jpg.c.……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:37 | 阅读:12 | 回复:0

关注我们

极客给你想要的成长

关注极客中国获取最新资讯

热门推荐
专题导读
阅读排行榜

扫描微信二维码

查看手机版网站

随时了解更新最新资讯

139-2527-9053

在线客服(服务时间 9:00~18:00)

在线QQ客服
地址:深圳市南山区西丽大学城创智工业园
电邮:jeky_zhao#qq.com
移动电话:139-2527-9053

Powered by 互联科技 X3.4© 2001-2213 极客世界.|Sitemap