CVE漏洞

OGeek|极客世界-中国程序员成长平台 › 门户 › 漏洞›CVE漏洞

RSS

CVE-2020-13194

** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2020. Notes: none.……

作者：菜鸟教程小白 | 时间：2022-2-5 09:49 | 阅读：13 | 回复：0
CVE-2020-13195

** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2020. Notes: none.……

作者：菜鸟教程小白 | 时间：2022-2-5 09:49 | 阅读：18 | 回复：0
CVE-2020-13196

** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2020. Notes: none.……

作者：菜鸟教程小白 | 时间：2022-2-5 09:49 | 阅读：14 | 回复：0
CVE-2020-13197

** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2020. Notes: none.……

作者：菜鸟教程小白 | 时间：2022-2-5 09:49 | 阅读：21 | 回复：0
CVE-2021-21622

Jenkins Artifact Repository Parameter Plugin 1.0.0 and earlier does not escape parameter names and descriptions, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:49 | 阅读：31 | 回复：0
CVE-2020-27224

In Eclipse Theia versions up to and including 1.2.0, the Markdown Preview (@theia/preview), can be exploited to execute arbitrary code.……

作者：菜鸟教程小白 | 时间：2022-2-5 09:49 | 阅读：30 | 回复：0
CVE-2020-7836

VOICEYE WSActiveBridgeES versions prior to 2.1.0.3 contains a stack-based buffer overflow vulnerability caused by improper bound checking parameter given by attack. It finally leads to a stack-based b ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:49 | 阅读：38 | 回复：0
CVE-2021-21972

The vSphere Client (HTML5) contains a remote code execution vulnerability in a vCenter Server plugin. A malicious actor with network access to port 443 may exploit this issue to execute commands with ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:49 | 阅读：37 | 回复：0
CVE-2021-21973

The vSphere Client (HTML5) contains an SSRF (Server Side Request Forgery) vulnerability due to improper validation of URLs in a vCenter Server plugin. A malicious actor with network access to port 443 ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:49 | 阅读：37 | 回复：0
CVE-2021-21974

OpenSLP as used in ESXi (7.0 before ESXi70U1c-17325551, 6.7 before ESXi670-202102401-SG, 6.5 before ESXi650-202102101-SG) has a heap-overflow vulnerability. A malicious actor residing within the same ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:49 | 阅读：42 | 回复：0
CVE-2021-22667

BB-ESWGP506-2SFP-T versions 1.01.09 and prior is vulnerable due to the use of hard-coded credentials, which may allow an attacker to gain unauthorized access and permit the execution of arbitrary code ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:49 | 阅读：45 | 回复：0
CVE-2020-11987

Apache Batik 1.13 is vulnerable to server-side request forgery, caused by improper input validation by the NodePickerPanel. By using a specially-crafted argument, an attacker could exploit this vulner ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:49 | 阅读：35 | 回复：0
CVE-2020-11988

Apache XmlGraphics Commons 2.4 and earlier is vulnerable to server-side request forgery, caused by improper input validation by the XMPParser. By using a specially-crafted argument, an attacker could ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:49 | 阅读：34 | 回复：0
CVE-2020-4931

IBM MQ 9.1 LTS, 9.2 LTS, and 9.1 CD AMQP Channels could allow an authenticated user to cause a denial of service due to an issue processing messages. IBM X-Force ID: 191747.……

作者：菜鸟教程小白 | 时间：2022-2-5 09:49 | 阅读：41 | 回复：0
CVE-2021-1227

A vulnerability in the NX-API feature of Cisco NX-OS Software could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack on an affected system. This vulnerab ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:49 | 阅读：32 | 回复：0
CVE-2021-1228

A vulnerability in the fabric infrastructure VLAN connection establishment of Cisco Nexus 9000 Series Fabric Switches in Application Centric Infrastructure (ACI) Mode could allow an unauthenticated, a ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:49 | 阅读：60 | 回复：0
CVE-2021-1229

A vulnerability in ICMP Version 6 (ICMPv6) processing in Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause a slow system memory leak, which over time could lead to a denial ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:49 | 阅读：36 | 回复：0
CVE-2021-1230

A vulnerability with the Border Gateway Protocol (BGP) for Cisco Nexus 9000 Series Fabric Switches in Application Centric Infrastructure (ACI) mode could allow an unauthenticated, remote attacker to c ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:49 | 阅读：37 | 回复：0
CVE-2021-1231

A vulnerability in the Link Layer Discovery Protocol (LLDP) for Nexus 9000 Series Fabric Switches in Application Centric Infrastructure (ACI) mode could allow an unauthenticated, adjacent attacker to ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:49 | 阅读：27 | 回复：0
CVE-2021-1361

A vulnerability in the implementation of an internal file management service for Cisco Nexus 3000 Series Switches and Cisco Nexus 9000 Series Switches in standalone NX-OS mode that are running Cisco N ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:49 | 阅读：36 | 回复：0
CVE-2021-1367

A vulnerability in the Protocol Independent Multicast (PIM) feature of Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on an affecte ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:49 | 阅读：25 | 回复：0
CVE-2021-1368

A vulnerability in the Unidirectional Link Detection (UDLD) feature of Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to execute arbitrary code with adm ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:49 | 阅读：41 | 回复：0
CVE-2021-1387

A vulnerability in the network stack of Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability exis ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:49 | 阅读：34 | 回复：0
CVE-2021-1388

A vulnerability in an API endpoint of Cisco ACI Multi-Site Orchestrator (MSO) installed on the Application Services Engine could allow an unauthenticated, remote attacker to bypass authentication on a ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:49 | 阅读：38 | 回复：0
CVE-2021-1393

Multiple vulnerabilities in Cisco Application Services Engine could allow an unauthenticated, remote attacker to gain privileged access to host-level operations or to learn device-specific information ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:49 | 阅读：81 | 回复：0
CVE-2021-1396

Multiple vulnerabilities in Cisco Application Services Engine could allow an unauthenticated, remote attacker to gain privileged access to host-level operations or to learn device-specific information ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:49 | 阅读：34 | 回复：0
CVE-2021-1450

A vulnerability in the interprocess communication (IPC) channel of Cisco AnyConnect Secure Mobility Client could allow an authenticated, local attacker to cause a denial of service (DoS) condition on ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:49 | 阅读：31 | 回复：0
CVE-2020-9051

** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2020. Notes: none.……

作者：菜鸟教程小白 | 时间：2022-2-5 09:49 | 阅读：35 | 回复：0
CVE-2020-9052

** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2020. Notes: none.……

作者：菜鸟教程小白 | 时间：2022-2-5 09:49 | 阅读：52 | 回复：0
CVE-2020-9053

** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2020. Notes: none.……

作者：菜鸟教程小白 | 时间：2022-2-5 09:49 | 阅读：30 | 回复：0
CVE-2021-27670

Appspace 6.2.4 allows SSRF via the api/v1/core/proxy/jsonprequest url parameter.……

作者：菜鸟教程小白 | 时间：2022-2-5 09:49 | 阅读：47 | 回复：0
CVE-2021-27671

An issue was discovered in the comrak crate before 0.9.1 for Rust. XSS can occur because the protection mechanism for data: and javascript: URIs is case-sensitive, allowing (for example) Data: to be u ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:49 | 阅读：28 | 回复：0
CVE-2020-36254

scp.c in Dropbear before 2020.79 mishandles the filename of . or an empty filename, a related issue to CVE-2018-20685.……

作者：菜鸟教程小白 | 时间：2022-2-5 09:49 | 阅读：32 | 回复：0
CVE-2020-8032

A Insecure Temporary File vulnerability in the packaging of cyrus-sasl of openSUSE Factory allows local attackers to escalate to root. This issue affects: openSUSE Factory cyrus-sasl version 2.1.27-4. ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:49 | 阅读：57 | 回复：0
CVE-2021-21064

Magento UPWARD-php version 1.1.4 (and earlier) is affected by a Path traversal vulnerability in Magento UPWARD Connector version 1.1.2 (and earlier) due to the upload feature. An attacker could potent ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:49 | 阅读：56 | 回复：0
CVE-2021-21065

Adobe Bridge version 11.0 (and earlier) is affected by an out-of-bounds write vulnerability when parsing TTF files that could result in arbitrary code execution in the context of the current user. Exp ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:49 | 阅读：32 | 回复：0
CVE-2021-21066

Adobe Bridge version 11.0 (and earlier) is affected by an out-of-bounds write vulnerability when parsing TTF files that could result in arbitrary code execution in the context of the current user. Exp ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:49 | 阅读：38 | 回复：0
CVE-2021-3273

Nagios XI below 5.7 is affected by code injection in the /nagiosxi/admin/graphtemplates.php component. To exploit this vulnerability, someone must have an admin user account in Nagios XI's web sys ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:49 | 阅读：35 | 回复：0
CVE-2021-3124

Stored cross-site scripting (XSS) in form field in robust.systems product Custom Global Variables v 1.0.5 allows a remote attacker to inject arbitrary code via the vars field.……

作者：菜鸟教程小白 | 时间：2022-2-5 09:49 | 阅读：33 | 回复：0
CVE-2020-23534

A server-side request forgery (SSRF) vulnerability in Upgrade.php of gopeak masterlab 2.1.5, via the 'source' parameter.……

作者：菜鸟教程小白 | 时间：2022-2-5 09:49 | 阅读：39 | 回复：0