CVE漏洞

OGeek|极客世界-中国程序员成长平台 › 门户 › 漏洞›CVE漏洞

RSS

CVE-2020-15754

** REJECT ** Unused CVE for 2020.……

作者：菜鸟教程小白 | 时间：2022-2-5 09:49 | 阅读：28 | 回复：0
CVE-2020-15755

** REJECT ** Unused CVE for 2020.……

作者：菜鸟教程小白 | 时间：2022-2-5 09:49 | 阅读：31 | 回复：0
CVE-2020-15756

** REJECT ** Unused CVE for 2020.……

作者：菜鸟教程小白 | 时间：2022-2-5 09:49 | 阅读：29 | 回复：0
CVE-2020-15757

** REJECT ** Unused CVE for 2020.……

作者：菜鸟教程小白 | 时间：2022-2-5 09:49 | 阅读：30 | 回复：0
CVE-2020-15758

** REJECT ** Unused CVE for 2020.……

作者：菜鸟教程小白 | 时间：2022-2-5 09:49 | 阅读：44 | 回复：0
CVE-2020-15759

** REJECT ** Unused CVE for 2020.……

作者：菜鸟教程小白 | 时间：2022-2-5 09:49 | 阅读：23 | 回复：0
CVE-2020-15760

** REJECT ** Unused CVE for 2020.……

作者：菜鸟教程小白 | 时间：2022-2-5 09:49 | 阅读：29 | 回复：0
CVE-2020-15761

** REJECT ** Unused CVE for 2020.……

作者：菜鸟教程小白 | 时间：2022-2-5 09:49 | 阅读：28 | 回复：0
CVE-2020-15762

** REJECT ** Unused CVE for 2020.……

作者：菜鸟教程小白 | 时间：2022-2-5 09:49 | 阅读：32 | 回复：0
CVE-2020-15763

** REJECT ** Unused CVE for 2020.……

作者：菜鸟教程小白 | 时间：2022-2-5 09:49 | 阅读：37 | 回复：0
CVE-2020-15764

** REJECT ** Unused CVE for 2020.……

作者：菜鸟教程小白 | 时间：2022-2-5 09:49 | 阅读：29 | 回复：0
CVE-2020-15765

** REJECT ** Unused CVE for 2020.……

作者：菜鸟教程小白 | 时间：2022-2-5 09:49 | 阅读：23 | 回复：0
CVE-2020-15766

** REJECT ** Unused CVE for 2020.……

作者：菜鸟教程小白 | 时间：2022-2-5 09:49 | 阅读：24 | 回复：0
CVE-2020-28873

Fluxbb 1.5.11 is affected by a denial of service (DoS) vulnerability by sending an extremely long password via the user login form. When a long password is sent, the password hashing process will resu ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:49 | 阅读：38 | 回复：0
CVE-2020-8106

** REJECT ** Unused CVE for 2020.……

作者：菜鸟教程小白 | 时间：2022-2-5 09:49 | 阅读：50 | 回复：0
CVE-2020-8111

** REJECT ** Unused CVE for 2020.……

作者：菜鸟教程小白 | 时间：2022-2-5 09:49 | 阅读：40 | 回复：0
CVE-2021-27291

In pygments 1.1+, fixed in 2.7.4, the lexers used to parse programming languages rely heavily on regular expressions. Some of the regular expressions have exponential or cubic worst-case complexity an ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:49 | 阅读：44 | 回复：0
CVE-2021-27292

ua-parser-js = 0.7.14, fixed in 0.7.24, uses a regular expression which is vulnerable to denial of service. If an attacker sends a malicious User-Agent header, ua-parser-js will get stuck processing i ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:49 | 阅读：30 | 回复：0
CVE-2020-14358

** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none.……

作者：菜鸟教程小白 | 时间：2022-2-5 09:49 | 阅读：28 | 回复：0
CVE-2020-35454

The Taidii Diibear Android application 2.4.0 and all its derivatives allow attackers to obtain user credentials from an Android backup because of insecure application configuration.……

作者：菜鸟教程小白 | 时间：2022-2-5 09:49 | 阅读：36 | 回复：0
CVE-2020-35455

The Taidii Diibear Android application 2.4.0 and all its derivatives allow attackers to obtain user credentials from Shared Preferences and the SQLite database because of insecure data storage.……

作者：菜鸟教程小白 | 时间：2022-2-5 09:49 | 阅读：26 | 回复：0
CVE-2020-35456

The Taidii Diibear Android application 2.4.0 and all its derivatives allow attackers to view private chat messages and media files via logcat because of excessive logging.……

作者：菜鸟教程小白 | 时间：2022-2-5 09:49 | 阅读：29 | 回复：0
CVE-2021-20200

** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none.……

作者：菜鸟教程小白 | 时间：2022-2-5 09:49 | 阅读：34 | 回复：0
CVE-2021-28660

rtw_wx_set_scan in drivers/staging/rtl8188eu/os_dep/ioctl_linux.c in the Linux kernel through 5.11.6 allows writing beyond the end of the -ssid array. NOTE: from the perspective of kernel.org releases ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:49 | 阅读：35 | 回复：0
CVE-2020-17457

Fujitsu ServerView Suite iRMC before 9.62F allows XSS. An authenticated attacker can store an XSS payload in the PSCU_FILE_INIT field of a Save Configuration XML document. The payload is triggered in ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:49 | 阅读：29 | 回复：0
CVE-2019-18231

Advantech Spectre RT ERT351 Versions 5.1.3 and prior logins and passwords are transmitted in clear text form, which may allow an attacker to intercept the request.……

作者：菜鸟教程小白 | 时间：2022-2-5 09:49 | 阅读：29 | 回复：0
CVE-2019-18233

In Advantech Spectre RT Industrial Routers ERT351 5.1.3 and prior, the affected product does not neutralize special characters in the error response, allowing attackers to use a reflected XSS attack.……

作者：菜鸟教程小白 | 时间：2022-2-5 09:49 | 阅读：29 | 回复：0
CVE-2019-18235

Advantech Spectre RT ERT351 Versions 5.1.3 and prior has insufficient login authentication parameters required for the web application may allow an attacker to gain full access using a brute-force pas ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:49 | 阅读：31 | 回复：0
CVE-2021-20624

Improper access control vulnerability in Scheduler of Cybozu Office 10.0.0 to 10.8.4 allows an authenticated attacker to bypass access restriction and alter the data of Scheduler via unspecified vecto ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:49 | 阅读：31 | 回复：0
CVE-2021-20625

Improper access control vulnerability in Bulletin Board of Cybozu Office 10.0.0 to 10.8.4 allows an authenticated attacker to bypass access restriction and alter the data of Bulletin Board via unspeci ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:49 | 阅读：35 | 回复：0
CVE-2021-20626

Improper access control vulnerability in Workflow of Cybozu Office 10.0.0 to 10.8.4 allows authenticated attackers to bypass access restriction and alter the data of Workflow via unspecified vectors.……

作者：菜鸟教程小白 | 时间：2022-2-5 09:49 | 阅读：35 | 回复：0
CVE-2021-20627

Cross-site scripting vulnerability in Address Book of Cybozu Office 10.0.0 to 10.8.4 allows remote attackers to inject an arbitrary script via unspecified vectors.……

作者：菜鸟教程小白 | 时间：2022-2-5 09:49 | 阅读：32 | 回复：0
CVE-2021-20628

Cross-site scripting vulnerability in Address Book of Cybozu Office 10.0.0 to 10.8.4 allows remote attackers to inject an arbitrary script via unspecified vectors. Note that this vulnerability occurs ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:49 | 阅读：36 | 回复：0
CVE-2020-3691

Possible out of bound memory access in audio due to integer underflow while processing modified contents in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapd ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:49 | 阅读：24 | 回复：0
CVE-2020-26285

OpenMage is a community-driven alternative to Magento CE. In OpenMage before versions 19.4.10 and 20.0.5, there is a vulnerability which enables remote code execution. In affected versions an administ ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:49 | 阅读：32 | 回复：0
CVE-2020-26295

OpenMage is a community-driven alternative to Magento CE. In OpenMage before versions 19.4.10 and 20.0.5, an administrator with permission to import/export data and to edit cms pages was able to injec ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:49 | 阅读：22 | 回复：0
CVE-2020-4958

IBM Security Identity Governance and Intelligence 5.2.6 does not perform any authentication for functionality that requires a provable user identity or consumes a significant amount of resources. IBM ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:49 | 阅读：28 | 回复：0
CVE-2020-4966

IBM Security Identity Governance and Intelligence 5.2.6 does not set the secure attribute on authorization tokens or session cookies. Attackers may be able to get the cookie values by sending a http:/ ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:49 | 阅读：27 | 回复：0
CVE-2020-4968

IBM Security Identity Governance and Intelligence 5.2.6 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 192427.……

作者：菜鸟教程小白 | 时间：2022-2-5 09:49 | 阅读：21 | 回复：0
CVE-2020-4969

IBM Security Identity Governance and Intelligence 5.2.6 could allow a remote attacker to obtain sensitive information, caused by the failure to properly enable HTTP Strict Transport Security. An attac ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:49 | 阅读：25 | 回复：0