• 设为首页
  • 点击收藏
  • 手机版
    手机扫一扫访问
    迪恩网络手机版
  • 关注官方公众号
    微信扫一扫关注
    迪恩网络公众号
登陆 注册
描述文字
OGeek|极客世界-中国程序员成长平台 门户 漏洞CVE漏洞

CVE漏洞

RSS
  • CVE-2021-27642
    CVE-2021-27642
    SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open manipulated PCX file received from untrusted sources which results in crashing of the application and becoming temporarily unavailab ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:45 | 阅读:12 | 回复:0
  • CVE-2021-27643
    CVE-2021-27643
    SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open manipulated IFF file received from untrusted sources which results in crashing of the application and becoming temporarily unavailab ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:45 | 阅读:21 | 回复:0
  • CVE-2021-31832
    CVE-2021-31832
    Improper Neutralization of Input in the ePO administrator extension for McAfee Data Loss Prevention (DLP) Endpoint for Windows prior to 11.6.200 allows a remote ePO DLP administrator to inject JavaScr ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:45 | 阅读:7 | 回复:0
  • CVE-2021-31837
    CVE-2021-31837
    Memory corruption vulnerability in the driver file component in McAfee GetSusp prior to 4.0.0 could allow a program being investigated on the local machine to trigger a buffer overflow in GetSusp, lea ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:45 | 阅读:6 | 回复:0
  • CVE-2021-33659
    CVE-2021-33659
    SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open manipulated GIF file received from untrusted sources which results in crashing of the application and becoming temporarily unavailab ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:45 | 阅读:10 | 回复:0
  • CVE-2021-33660
    CVE-2021-33660
    SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open manipulated FLI file received from untrusted sources which results in crashing of the application and becoming temporarily unavailab ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:45 | 阅读:14 | 回复:0
  • CVE-2021-33661
    CVE-2021-33661
    SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open manipulated PCX file received from untrusted sources which results in crashing of the application and becoming temporarily unavailab ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:45 | 阅读:11 | 回复:0
  • CVE-2021-33662
    CVE-2021-33662
    Under certain conditions, the installation of SAP Business One, version - 10.0, discloses sensitive information on the file system allowing an attacker to access information which would otherwise be r ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:45 | 阅读:13 | 回复:0
  • CVE-2021-33663
    CVE-2021-33663
    SAP NetWeaver AS ABAP, versions - KRNL32NUC - 7.22,7.22EXT, KRNL32UC - 7.22,7.22EXT, KRNL64NUC - 7.22,7.22EXT,7.49, KRNL64UC - 8.04,7.22,7.22EXT,7.49,7.53,7.73, KERNEL - 7.22,8.04,7.49,7.53,7.73,7.77, ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:45 | 阅读:6 | 回复:0
  • CVE-2021-33664
    CVE-2021-33664
    SAP NetWeaver Application Server ABAP (Applications based on Web Dynpro ABAP), versions - SAP_UI - 750,752,753,754,755, SAP_BASIS - 702, 731 does not sufficiently encode user-controlled inputs, result ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:45 | 阅读:7 | 回复:0
  • CVE-2021-33665
    CVE-2021-33665
    SAP NetWeaver Application Server ABAP (Applications based on SAP GUI for HTML), versions - KRNL64NUC - 7.49, KRNL64UC - 7.49,7.53, KERNEL - 7.49,7.53,7.77,7.81,7.84, does not sufficiently encode user- ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:45 | 阅读:8 | 回复:0
  • CVE-2021-33666
    CVE-2021-33666
    When SAP Commerce Cloud version 100, hosts a JavaScript storefront, it is vulnerable to MIME sniffing, which, in certain circumstances, could be used to facilitate an XSS attack or malware proliferati ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:45 | 阅读:11 | 回复:0
  • CVE-2021-33669
    CVE-2021-33669
    Under certain conditions, SAP Mobile SDK Certificate Provider allows a local unprivileged attacker to exploit an insecure temporary file storage. For a successful exploitation user interaction from an ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:45 | 阅读:8 | 回复:0
  • CVE-2020-15381
    CVE-2020-15381
    Brocade SANnav before version 2.1.1 contains an Improper Authentication vulnerability that allows cleartext transmission of authentication credentials of the jmx server.……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:45 | 阅读:9 | 回复:0
  • CVE-2020-15382
    CVE-2020-15382
    Brocade SANnav before version 2.1.1 uses a hard-coded administrator account with the weak password ‘passw0rd’ if a password is not provided for PostgreSQL at install-time.……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:45 | 阅读:15 | 回复:0
  • CVE-2020-15383
    CVE-2020-15383
    Running security scans against the SAN switch can cause config and secnotify processes within the firmware before Brocade Fabric OS v9.0.0, v8.2.2d and v8.2.1e to consume all memory leading to denial ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:45 | 阅读:14 | 回复:0
  • CVE-2020-27384
    CVE-2020-27384
    The Gw2-64.exe in Guild Wars 2 launcher version 106916 suffers from an elevation of privileges vulnerability which can be used by an Authenticated User to modify the existing executable file with a bi ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:45 | 阅读:6 | 回复:0
  • CVE-2021-23847
    CVE-2021-23847
    A Missing Authentication in Critical Function in Bosch IP cameras allows an unauthenticated remote attacker to extract sensitive information or change settings of the camera by sending crafted request ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:45 | 阅读:6 | 回复:0
  • CVE-2021-23848
    CVE-2021-23848
    An error in the URL handler Bosch IP cameras may lead to a reflected cross site scripting (XSS) in the web-based interface. An attacker with knowledge of the camera address can send a crafted link to ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:45 | 阅读:13 | 回复:0
  • CVE-2021-23852
    CVE-2021-23852
    An authenticated attacker with administrator rights Bosch IP cameras can call an URL with an invalid parameter that causes the camera to become unresponsive for a few seconds and cause a Denial of Ser ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:45 | 阅读:22 | 回复:0
  • CVE-2021-23853
    CVE-2021-23853
    In Bosch IP cameras, improper validation of the HTTP header allows an attacker to inject arbitrary HTTP headers through crafted URLs.……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:45 | 阅读:23 | 回复:0
  • CVE-2021-23854
    CVE-2021-23854
    An error in the handling of a page parameter in Bosch IP cameras may lead to a reflected cross site scripting (XSS) in the web-based interface. This issue only affects versions 7.7x and 7.6x. All othe ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:45 | 阅读:15 | 回复:0
  • CVE-2021-29995
    CVE-2021-29995
    A Cross Site Request Forgery (CSRF) issue in Server Console in CloverDX through 5.9.0 allows remote attackers to execute any action as the logged-in user (including script execution). The issue is res ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:45 | 阅读:17 | 回复:0
  • CVE-2021-30133
    CVE-2021-30133
    A cross-site scripting (XSS) vulnerability in CloverDX Server 5.9.0, CloverDX 5.8.1, CloverDX 5.7.0, and earlier allows remote attackers to inject arbitrary web script or HTML via the sessionToken par ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:45 | 阅读:8 | 回复:0
  • CVE-2021-3196
    CVE-2021-3196
    An issue was discovered in Hitachi ID Bravura Security Fabric 11.0.0 through 11.1.3, 12.0.0 through 12.0.2, and 12.1.0. When using federated identity management (authenticating via SAML through a thir ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:45 | 阅读:7 | 回复:0
  • CVE-2020-15377
    CVE-2020-15377
    Webtools in Brocade SANnav before version 2.1.1 allows unauthenticated users to make requests to arbitrary hosts due to a misconfiguration; this is commonly referred to as Server-Side Request Forgery ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:45 | 阅读:18 | 回复:0
  • CVE-2020-15378
    CVE-2020-15378
    The OVA version of Brocade SANnav before version 2.1.1 installation with IPv6 networking exposes the docker container ports to the network, increasing the potential attack surface.……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:45 | 阅读:15 | 回复:0
  • CVE-2020-15379
    CVE-2020-15379
    Brocade SANnav before v.2.1.0a could allow remote attackers cause a denial-of-service condition due to a lack of proper validation, of the length of user-supplied data as name for custom field name.……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:45 | 阅读:11 | 回复:0
  • CVE-2020-15380
    CVE-2020-15380
    Brocade SANnav before version 2.1.1 logs account credentials at the ‘trace’ logging level.……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:45 | 阅读:16 | 回复:0
  • CVE-2020-15384
    CVE-2020-15384
    Brocade SANNav before version 2.1.1 contains an information disclosure vulnerability. Successful exploitation of internal server information in the initial login response header.……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:45 | 阅读:13 | 回复:0
  • CVE-2020-15385
    CVE-2020-15385
    Brocade SANnav before version 2.1.1 allows an authenticated attacker to list directories, and list files without permission. As a result, users without permission can see folders, and hidden files, an ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:45 | 阅读:14 | 回复:0
  • CVE-2020-15386
    CVE-2020-15386
    Brocade Fabric OS prior to v9.0.1a and 8.2.3a and after v9.0.0 and 8.2.2d may observe high CPU load during security scanning, which could lead to a slower response to CLI commands and other operations ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:45 | 阅读:9 | 回复:0
  • CVE-2020-15387
    CVE-2020-15387
    The host SSH servers of Brocade Fabric OS before Brocade Fabric OS v7.4.2h, v8.2.1c, v8.2.2, v9.0.0, and Brocade SANnav before v2.1.1 utilize keys of less than 2048 bits, which may be vulnerable to ma ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:45 | 阅读:18 | 回复:0
  • CVE-2021-32942
    CVE-2021-32942
    The vulnerability could expose cleartext credentials from AVEVA InTouch Runtime 2020 R2 and all prior versions (WindowViewer) if an authorized, privileged user creates a diagnostic memory dump of the ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:45 | 阅读:43 | 回复:0
  • CVE-2021-32677
    CVE-2021-32677
    FastAPI is a web framework for building APIs with Python 3.6+ based on standard Python type hints. FastAPI versions lower than 0.65.2 that used cookies for authentication in path operations that recei ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:45 | 阅读:21 | 回复:0
  • CVE-2021-33356
    CVE-2021-33356
    Multiple privilege escalation vulnerabilities in RaspAP 1.5 to 2.6.5 could allow an authenticated remote attacker to inject arbitrary commands to /installers/common.sh component that can result in rem ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:45 | 阅读:6 | 回复:0
  • CVE-2021-33357
    CVE-2021-33357
    A vulnerability exists in RaspAP 2.6 to 2.6.5 in the iface GET parameter in /ajax/networking/get_netcfg.php, when the iface parameter value contains special characters such as ; which enables an unaut ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:45 | 阅读:7 | 回复:0
  • CVE-2021-33358
    CVE-2021-33358
    Multiple vulnerabilities exist in RaspAP 2.3 to 2.6.5 in the interface, ssid and wpa_passphrase POST parameters in /hostapd, when the parameter values contain special characters such as ; or $() which ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:45 | 阅读:6 | 回复:0
  • CVE-2021-33359
    CVE-2021-33359
    A vulnerability exists in gowitness 2.3.6 that allows an unauthenticated attacker to perform an arbitrary file read using the file:// scheme in the url parameter to get an image of any file.……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:45 | 阅读:12 | 回复:0
  • CVE-2021-33833
    CVE-2021-33833
    ConnMan (aka Connection Manager) 1.30 through 1.39 has a stack-based buffer overflow in uncompress in dnsproxy.c via NAME, RDATA, or RDLENGTH (for A or AAAA).……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:45 | 阅读:17 | 回复:0

关注我们

极客给你想要的成长

关注极客中国获取最新资讯

加入Q群 官方微博
热门推荐
More+
专题导读
More+
热门话题
More+
阅读排行榜

扫描微信二维码

查看手机版网站

随时了解更新最新资讯

139-2527-9053

在线客服(服务时间 9:00~18:00)

在线QQ客服
地址:深圳市南山区西丽大学城创智工业园
电邮:jeky_zhao#qq.com
移动电话:139-2527-9053

Powered by 互联科技 X3.4© 2001-2213 极客世界.|Sitemap