CVE漏洞

OGeek|极客世界-中国程序员成长平台 › 门户 › 漏洞›CVE漏洞

RSS

CVE-2020-28405

An improper authorization vulnerability exists in Star Practice Management Web version 2019.2.0.6, allowing an unauthorized user to change the privileges of any user of the application. This can be us ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:54 | 阅读：46 | 回复：0
CVE-2020-28406

An improper authorization vulnerability exists in Star Practice Management Web version 2019.2.0.6, allowing an unauthorized user to access details about jobs he should not have access to via the Audit ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:54 | 阅读：57 | 回复：0
CVE-2020-29004

The API in the Push extension for MediaWiki through 1.35 did not require an edit token in ApiPushBase.php and therefore facilitated a CSRF attack.……

作者：菜鸟教程小白 | 时间：2022-2-5 09:54 | 阅读：35 | 回复：0
CVE-2020-29005

The API in the Push extension for MediaWiki through 1.35 used cleartext for ApiPush credentials, allowing for potential information disclosure.……

作者：菜鸟教程小白 | 时间：2022-2-5 09:54 | 阅读：31 | 回复：0
CVE-2020-29535

Archer before 6.8 P4 (6.8.0.4) contains a stored XSS vulnerability. A remote authenticated malicious Archer user could potentially exploit this vulnerability to store malicious HTML or JavaScript code ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:54 | 阅读：36 | 回复：0
CVE-2020-29536

Archer before 6.8 P2 (6.8.0.2) is affected by a path exposure vulnerability. A remote authenticated malicious attacker with access to service files may obtain sensitive information to use it in furthe ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:54 | 阅读：39 | 回复：0
CVE-2020-29537

Archer before 6.8 P2 (6.8.0.2) is affected by an open redirect vulnerability. A remote privileged attacker may potentially redirect legitimate users to arbitrary web sites and conduct phishing attacks ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:54 | 阅读：45 | 回复：0
CVE-2020-29538

Archer before 6.9 P1 (6.9.0.1) contains an improper access control vulnerability in an API. A remote authenticated malicious administrative user can potentially exploit this vulnerability to gather in ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:54 | 阅读：47 | 回复：0
CVE-2020-29603

In manage_proj_edit_page.php in MantisBT before 2.24.4, any unprivileged logged-in user can retrieve Private Projects' names via the manage_proj_edit_page.php project_id parameter, without having ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:54 | 阅读：37 | 回复：0
CVE-2020-29604

An issue was discovered in MantisBT before 2.24.4. A missing access check in bug_actiongroup.php allows an attacker (with rights to create new issues) to use the COPY group action to create a clone, i ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:54 | 阅读：68 | 回复：0
CVE-2020-29605

An issue was discovered in MantisBT before 2.24.4. Due to insufficient access-level checks, any logged-in user allowed to perform Group Actions can get access to the Summary fields of private Issues v ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:54 | 阅读：39 | 回复：0
CVE-2020-35145

Acronis True Image for Windows prior to 2021 Update 3 allowed local privilege escalation due to a DLL hijacking vulnerability in multiple components, aka an Untrusted Search Path issue.……

作者：菜鸟教程小白 | 时间：2022-2-5 09:54 | 阅读：37 | 回复：0
CVE-2020-35547

A library index page in NuPoint Messenger in Mitel MiCollab before 9.2 FP1 could allow an unauthenticated attacker to gain access (view and modify) to user data.……

作者：菜鸟教程小白 | 时间：2022-2-5 09:54 | 阅读：37 | 回复：0
CVE-2021-3176

The chat window of the Mitel BusinessCTI Enterprise (MBC-E) Client for Windows before 6.4.15 and 7.x before 7.1.2 could allow an attacker to gain access to user information by sending certain code, du ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:54 | 阅读：41 | 回复：0
CVE-2020-35652

An issue was discovered in res_pjsip_diversion.c in Sangoma Asterisk before 13.38.0, 14.x through 16.x before 16.15.0, 17.x before 17.9.0, and 18.x before 18.1.0. A crash can occur when a SIP message ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:54 | 阅读：45 | 回复：0
CVE-2021-25123

The Baseboard Management Controller(BMC) in HPE Cloudline CL5800 Gen9 Server; HPE Cloudline CL5200 Gen9 Server; HPE Cloudline CL4100 Gen10 Server; HPE Cloudline CL3100 Gen10 Server; HPE Cloudline CL58 ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:54 | 阅读：39 | 回复：0
CVE-2021-25909

ZIV Automation 4CCT-EA6-334126BF firmware version 3.23.80.27.36371, allows an unauthenticated, remote attacker to cause a denial of service condition on the device. An attacker could exploit this vuln ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:54 | 阅读：48 | 回复：0
CVE-2021-25910

Improper Authentication vulnerability in the cookie parameter of ZIV AUTOMATION 4CCT-EA6-334126BF allows a local attacker to perform modifications in several parameters of the affected device as an au ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:54 | 阅读：38 | 回复：0
CVE-2021-20586

Resource management errors vulnerability in a robot controller of MELFA FR Series(controller CR800-*V*D of RV-*FR***-D-* all versions, controller CR800-*HD of RH-*FRH***-D-* all versions, controller C ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:54 | 阅读：41 | 回复：0
CVE-2021-3345

_gcry_md_block_write in cipher/hash-common.c in Libgcrypt version 1.9.0 has a heap-based buffer overflow when the digest final function sets a large count value. It is recommended to upgrade to 1.9.1 ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:54 | 阅读：73 | 回复：0
CVE-2021-23328

This affects all versions of package iniparserjs. This vulnerability relates when ini_parser.js is concentrating arrays. Depending on if user input is provided, an attacker can overwrite and pollute t ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:54 | 阅读：43 | 回复：0
CVE-2021-3346

Foris before 101.1.1, as used in Turris OS, lacks certain HTML escaping in the login template.……

作者：菜鸟教程小白 | 时间：2022-2-5 09:54 | 阅读：47 | 回复：0
CVE-2021-3347

An issue was discovered in the Linux kernel through 5.10.11. PI futexes have a kernel stack use-after-free during fault handling, allowing local users to execute code in the kernel, aka CID-34b1a1ce14 ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:54 | 阅读：51 | 回复：0
CVE-2020-24664

The dashboard Editor in Hitachi Vantara Pentaho through 7.x - 8.x contains a reflected Cross-site scripting vulnerability, which allows an authenticated remote users to execute arbitrary JavaScript co ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:54 | 阅读：27 | 回复：0
CVE-2020-24665

The Dashboard Editor in Hitachi Vantara Pentaho through 7.x - 8.x contains an XML Entity Expansion injection vulnerability, which allows an authenticated remote users to trigger a denial of service (D ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:54 | 阅读：39 | 回复：0
CVE-2020-24666

The Analysis Report in Hitachi Vantara Pentaho through 7.x - 8.x contains a stored Cross-site scripting vulnerability, which allows an authenticated remote users to execute arbitrary JavaScript code. ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:54 | 阅读：33 | 回复：0
CVE-2020-24669

The New Analysis Report in Hitachi Vantara Pentaho through 7.x - 8.x contains a DOM-based Cross-site scripting vulnerability, which allows an authenticated remote users to execute arbitrary JavaScript ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:54 | 阅读：40 | 回复：0
CVE-2020-24670

The Dashboard Editor in Hitachi Vantara Pentaho through 7.x - 8.x contains a reflected Cross-site scripting vulnerability, which allows an authenticated remote users to execute arbitrary JavaScript co ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:54 | 阅读：42 | 回复：0
CVE-2021-25124

The Baseboard Management Controller(BMC) in HPE Cloudline CL5800 Gen9 Server; HPE Cloudline CL5200 Gen9 Server; HPE Cloudline CL4100 Gen10 Server; HPE Cloudline CL3100 Gen10 Server; HPE Cloudline CL58 ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:54 | 阅读：53 | 回复：0
CVE-2021-25125

The Baseboard Management Controller(BMC) in HPE Cloudline CL5800 Gen9 Server; HPE Cloudline CL5200 Gen9 Server; HPE Cloudline CL4100 Gen10 Server; HPE Cloudline CL3100 Gen10 Server; HPE Cloudline CL58 ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:54 | 阅读：47 | 回复：0
CVE-2021-25126

The Baseboard Management Controller(BMC) in HPE Cloudline CL5800 Gen9 Server; HPE Cloudline CL5200 Gen9 Server; HPE Cloudline CL4100 Gen10 Server; HPE Cloudline CL3100 Gen10 Server; HPE Cloudline CL58 ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:54 | 阅读：36 | 回复：0
CVE-2021-25127

The Baseboard Management Controller(BMC) in HPE Cloudline CL5800 Gen9 Server; HPE Cloudline CL5200 Gen9 Server; HPE Cloudline CL4100 Gen10 Server; HPE Cloudline CL3100 Gen10 Server; HPE Cloudline CL58 ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:54 | 阅读：23 | 回复：0
CVE-2021-25128

The Baseboard Management Controller(BMC) in HPE Cloudline CL5800 Gen9 Server; HPE Cloudline CL5200 Gen9 Server; HPE Cloudline CL4100 Gen10 Server; HPE Cloudline CL3100 Gen10 Server; HPE Cloudline CL58 ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:54 | 阅读：39 | 回复：0
CVE-2021-25129

The Baseboard Management Controller(BMC) in HPE Cloudline CL5800 Gen9 Server; HPE Cloudline CL5200 Gen9 Server; HPE Cloudline CL4100 Gen10 Server; HPE Cloudline CL3100 Gen10 Server; HPE Cloudline CL58 ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:54 | 阅读：33 | 回复：0
CVE-2021-25130

The Baseboard Management Controller(BMC) in HPE Cloudline CL5800 Gen9 Server; HPE Cloudline CL5200 Gen9 Server; HPE Cloudline CL4100 Gen10 Server; HPE Cloudline CL3100 Gen10 Server; HPE Cloudline CL58 ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:54 | 阅读：33 | 回复：0
CVE-2021-25131

The Baseboard Management Controller(BMC) in HPE Cloudline CL5800 Gen9 Server; HPE Cloudline CL5200 Gen9 Server; HPE Cloudline CL4100 Gen10 Server; HPE Cloudline CL3100 Gen10 Server; HPE Cloudline CL58 ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:54 | 阅读：36 | 回复：0
CVE-2021-25132

The Baseboard Management Controller(BMC) in HPE Cloudline CL5800 Gen9 Server; HPE Cloudline CL5200 Gen9 Server; HPE Cloudline CL4100 Gen10 Server; HPE Cloudline CL3100 Gen10 Server; HPE Cloudline CL58 ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:54 | 阅读：40 | 回复：0
CVE-2021-25133

The Baseboard Management Controller(BMC) in HPE Cloudline CL5800 Gen9 Server; HPE Cloudline CL5200 Gen9 Server; HPE Cloudline CL4100 Gen10 Server; HPE Cloudline CL3100 Gen10 Server; HPE Cloudline CL58 ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:54 | 阅读：36 | 回复：0
CVE-2021-25134

The Baseboard Management Controller(BMC) in HPE Cloudline CL5800 Gen9 Server; HPE Cloudline CL5200 Gen9 Server; HPE Cloudline CL4100 Gen10 Server; HPE Cloudline CL3100 Gen10 Server; HPE Cloudline CL58 ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:54 | 阅读：40 | 回复：0
CVE-2021-25135

The Baseboard Management Controller(BMC) in HPE Cloudline CL5800 Gen9 Server; HPE Cloudline CL5200 Gen9 Server; HPE Cloudline CL4100 Gen10 Server; HPE Cloudline CL3100 Gen10 Server; HPE Cloudline CL58 ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:54 | 阅读：38 | 回复：0