• 设为首页
  • 点击收藏
  • 手机版
    手机扫一扫访问
    迪恩网络手机版
  • 关注官方公众号
    微信扫一扫关注
    迪恩网络公众号
登陆 注册
描述文字
OGeek|极客世界-中国程序员成长平台 门户 漏洞CVE漏洞

CVE漏洞

RSS
  • CVE-2020-29453
    CVE-2020-29453
    The CachingResourceDownloadRewriteRule class in Jira Server and Jira Data Center before version 8.5.11, from 8.6.0 before 8.13.3, and from 8.14.0 before 8.15.0 allowed unauthenticated remote attackers ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 09:48 | 阅读:27 | 回复:0
  • CVE-2020-36232
    CVE-2020-36232
    The MessageBundleWhiteList class of atlassian-gadgets before version 4.2.37, from version 4.3.0 before 4.3.14, from version 4.3.2.0 before 4.3.2.4, from version 4.4.0 before 4.4.12, and from version 5 ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 09:48 | 阅读:28 | 回复:0
  • CVE-2021-26068
    CVE-2021-26068
    An endpoint in Atlassian Jira Server for Slack plugin from version 0.0.3 before version 2.0.15 allows remote attackers to execute arbitrary code via a template injection vulnerability.……
    作者:菜鸟教程小白 | 时间:2022-2-5 09:48 | 阅读:38 | 回复:0
  • CVE-2021-26724
    CVE-2021-26724
    OS Command Injection vulnerability when changing date settings or hostname using web GUI of Nozomi Networks Guardian and CMC allows authenticated administrators to perform remote code execution. This ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 09:48 | 阅读:44 | 回复:0
  • CVE-2021-26725
    CVE-2021-26725
    Path Traversal vulnerability when changing timezone using web GUI of Nozomi Networks Guardian, CMC allows an authenticated administrator to read-protected system files. This issue affects: Nozomi Netw ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 09:48 | 阅读:40 | 回复:0
  • CVE-2021-21149
    CVE-2021-21149
    Stack buffer overflow in Data Transfer in Google Chrome on Linux prior to 88.0.4324.182 allowed a remote attacker to perform out of bounds memory access via a crafted HTML page.……
    作者:菜鸟教程小白 | 时间:2022-2-5 09:48 | 阅读:43 | 回复:0
  • CVE-2021-21150
    CVE-2021-21150
    Use after free in Downloads in Google Chrome on Windows prior to 88.0.4324.182 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 09:48 | 阅读:54 | 回复:0
  • CVE-2021-21151
    CVE-2021-21151
    Use after free in Payments in Google Chrome prior to 88.0.4324.182 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page.……
    作者:菜鸟教程小白 | 时间:2022-2-5 09:48 | 阅读:40 | 回复:0
  • CVE-2021-21152
    CVE-2021-21152
    Heap buffer overflow in Media in Google Chrome on Linux prior to 88.0.4324.182 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.……
    作者:菜鸟教程小白 | 时间:2022-2-5 09:48 | 阅读:23 | 回复:0
  • CVE-2021-21153
    CVE-2021-21153
    Stack buffer overflow in GPU Process in Google Chrome on Linux prior to 88.0.4324.182 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page.……
    作者:菜鸟教程小白 | 时间:2022-2-5 09:48 | 阅读:36 | 回复:0
  • CVE-2021-21154
    CVE-2021-21154
    Heap buffer overflow in Tab Strip in Google Chrome prior to 88.0.4324.182 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 09:48 | 阅读:32 | 回复:0
  • CVE-2021-21155
    CVE-2021-21155
    Heap buffer overflow in Tab Strip in Google Chrome on Windows prior to 88.0.4324.182 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a cr ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 09:48 | 阅读:50 | 回复:0
  • CVE-2021-21156
    CVE-2021-21156
    Heap buffer overflow in V8 in Google Chrome prior to 88.0.4324.182 allowed a remote attacker to potentially exploit heap corruption via a crafted script.……
    作者:菜鸟教程小白 | 时间:2022-2-5 09:48 | 阅读:31 | 回复:0
  • CVE-2021-21157
    CVE-2021-21157
    Use after free in Web Sockets in Google Chrome on Linux prior to 88.0.4324.182 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.……
    作者:菜鸟教程小白 | 时间:2022-2-5 09:48 | 阅读:37 | 回复:0
  • CVE-2021-23827
    CVE-2021-23827
    Keybase Desktop Client before 5.6.0 on Windows and macOS, and before 5.6.1 on Linux, allows an attacker to obtain potentially sensitive media (such as private pictures) in the Cache and uploadtemps di ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 09:48 | 阅读:32 | 回复:0
  • CVE-2021-27189
    CVE-2021-27189
    The CIRA Canadian Shield app before 4.0.13 for iOS lacks SSL Certificate Validation.……
    作者:菜鸟教程小白 | 时间:2022-2-5 09:48 | 阅读:32 | 回复:0
  • CVE-2020-35852
    CVE-2020-35852
    Chatbox is affected by cross-site scripting (XSS). An attacker has to upload any XSS payload with SVG, XML file in Chatbox. There is no restriction on file upload in Chatbox which leads to stored XSS.……
    作者:菜鸟教程小白 | 时间:2022-2-5 09:48 | 阅读:24 | 回复:0
  • CVE-2021-27568
    CVE-2021-27568
    An issue was discovered in netplex json-smart-v1 through 2015-10-23 and json-smart-v2 through 2.4. An exception is thrown from a function, but it is not caught, as demonstrated by NumberFormatExceptio ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 09:48 | 阅读:27 | 回复:0
  • CVE-2020-25690
    CVE-2020-25690
    An out-of-bounds write flaw was found in FontForge in versions before 20200314 while parsing SFD files containing certain LayerCount tokens. This flaw allows an attacker to manipulate the memory alloc ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 09:48 | 阅读:34 | 回复:0
  • CVE-2020-27768
    CVE-2020-27768
    In ImageMagick, there is an outside the range of representable values of type 'unsigned int' at MagickCore/quantum-private.h. This flaw affects ImageMagick versions prior to 7.0.9-0.……
    作者:菜鸟教程小白 | 时间:2022-2-5 09:48 | 阅读:30 | 回复:0
  • CVE-2020-27819
    CVE-2020-27819
    An issue was discovered in libxls before and including 1.6.1 when reading Microsoft Excel files. A NULL pointer dereference vulnerability exists when parsing XLS cells in libxls/xls2csv.c:199. It coul ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 09:48 | 阅读:28 | 回复:0
  • CVE-2020-29075
    CVE-2020-29075
    Acrobat Reader DC versions 2020.013.20066 (and earlier), 2020.001.30010 (and earlier) and 2017.011.30180 (and earlier) are affected by an information exposure vulnerability, that could enable an attac ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 09:48 | 阅读:29 | 回复:0
  • CVE-2021-22643
    CVE-2021-22643
    Luxion KeyShot versions prior to 10.1, Luxion KeyShot Viewer versions prior to 10.1, Luxion KeyShot Network Rendering versions prior to 10.1, and Luxion KeyVR versions prior to 10.1 are vulnerable to ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 09:48 | 阅读:36 | 回复:0
  • CVE-2021-22645
    CVE-2021-22645
    Luxion KeyShot versions prior to 10.1, Luxion KeyShot Viewer versions prior to 10.1, Luxion KeyShot Network Rendering versions prior to 10.1, and Luxion KeyVR versions prior to 10.1 are vulnerable to ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 09:48 | 阅读:36 | 回复:0
  • CVE-2021-22647
    CVE-2021-22647
    Luxion KeyShot versions prior to 10.1, Luxion KeyShot Viewer versions prior to 10.1, Luxion KeyShot Network Rendering versions prior to 10.1, and Luxion KeyVR versions prior to 10.1 are vulnerable to ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 09:48 | 阅读:29 | 回复:0
  • CVE-2021-22649
    CVE-2021-22649
    Luxion KeyShot versions prior to 10.1, Luxion KeyShot Viewer versions prior to 10.1, Luxion KeyShot Network Rendering versions prior to 10.1, and Luxion KeyVR versions prior to 10.1 have multiple NULL ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 09:48 | 阅读:18 | 回复:0
  • CVE-2020-13697
    CVE-2020-13697
    An issue was discovered in RouterNanoHTTPD.java in NanoHTTPD through 2.3.1. The GeneralHandler class implements a basic GET handler that prints debug information as an HTML page. Any web server that e ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 09:48 | 阅读:26 | 回复:0
  • CVE-2020-8902
    CVE-2020-8902
    Rendertron versions prior to 3.0.0 are are susceptible to a Server-Side Request Forgery (SSRF) attack. An attacker can use a specially crafted webpage to force a rendertron headless chrome process to ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 09:48 | 阅读:29 | 回复:0
  • CVE-2020-14359
    CVE-2020-14359
    A vulnerability was found in all versions of keycloak, where on using lower case HTTP headers (via cURL) we can bypass our Gatekeeper. Lower case headers are also accepted by some webservers (e.g. Jet ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 09:48 | 阅读:30 | 回复:0
  • CVE-2021-20242
    CVE-2021-20242
    ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2021-20176. Reason: This candidate is a reservation duplicate of CVE-2021-20176. Notes: All CVE users should reference CVE-2021-20176 ins ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 09:48 | 阅读:33 | 回复:0
  • CVE-2020-28429
    CVE-2020-28429
    All versions of package geojson2kml are vulnerable to Command Injection via the index.js file. PoC: var a =require(geojson2kml); a(./, touch JHU,function(){})……
    作者:菜鸟教程小白 | 时间:2022-2-5 09:48 | 阅读:28 | 回复:0
  • CVE-2021-27550
    CVE-2021-27550
    Polaris Office v9.102.66 is affected by a divide-by-zero error in PolarisOffice.exe and EngineDLL.dll that may cause a local denial of service. To exploit the vulnerability, someone must open a crafte ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 09:48 | 阅读:23 | 回复:0
  • CVE-2021-3252
    CVE-2021-3252
    KACO New Energy XP100U Up to XP-JAVA 2.0 is affected by incorrect access control. Credentials will always be returned in plain-text from the local server during the KACO XP100U authentication process, ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 09:48 | 阅读:19 | 回复:0
  • CVE-2020-28430
    CVE-2020-28430
    ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none.……
    作者:菜鸟教程小白 | 时间:2022-2-5 09:48 | 阅读:34 | 回复:0
  • CVE-2020-28431
    CVE-2020-28431
    ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none.……
    作者:菜鸟教程小白 | 时间:2022-2-5 09:48 | 阅读:43 | 回复:0
  • CVE-2020-28432
    CVE-2020-28432
    ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none.……
    作者:菜鸟教程小白 | 时间:2022-2-5 09:48 | 阅读:37 | 回复:0
  • CVE-2020-4953
    CVE-2020-4953
    IBM Planning Analytics 2.0 could allow a remote authenticated attacker to obtain information about an organization's internal structure by exposing sensitive information in HTTP repsonses. IBM X-F ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 09:48 | 阅读:48 | 回复:0
  • CVE-2020-7847
    CVE-2020-7847
    The ipTIME NAS product allows an arbitrary file upload vulnerability in the Manage Bulletins/Upload feature, which can be leveraged to gain remote code execution. This issue affects: pTIME NAS 1.4.36.……
    作者:菜鸟教程小白 | 时间:2022-2-5 09:48 | 阅读:38 | 回复:0
  • CVE-2021-25630
    CVE-2021-25630
    loolforkit is a privileged program that is supposed to be run by a special, non-privileged lool user. Before doing anything else loolforkit checks, if it was invoked by the lool user, and refuses to r ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 09:48 | 阅读:25 | 回复:0
  • CVE-2020-16243
    CVE-2020-16243
    Multiple buffer overflow vulnerabilities exist when LeviStudioU (Version 2019-09-21 and prior) processes project files. Opening a specially crafted project file could allow an attacker to exploit and ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 09:48 | 阅读:34 | 回复:0

关注我们

极客给你想要的成长

关注极客中国获取最新资讯

加入Q群 官方微博
热门推荐
More+
专题导读
More+
热门话题
More+
阅读排行榜

扫描微信二维码

查看手机版网站

随时了解更新最新资讯

139-2527-9053

在线客服(服务时间 9:00~18:00)

在线QQ客服
地址:深圳市南山区西丽大学城创智工业园
电邮:jeky_zhao#qq.com
移动电话:139-2527-9053

Powered by 互联科技 X3.4© 2001-2213 极客世界.|Sitemap