• 设为首页
  • 点击收藏
  • 手机版
    手机扫一扫访问
    迪恩网络手机版
  • 关注官方公众号
    微信扫一扫关注
    迪恩网络公众号
登陆 注册
描述文字
OGeek|极客世界-中国程序员成长平台 门户 漏洞CVE漏洞

CVE漏洞

RSS
  • CVE-2020-25161
    CVE-2020-25161
    The WADashboard component of WebAccess/SCADA Versions 9.0 and prior may allow an attacker to control or influence a path used in an operation on the filesystem and remotely execute code as an administ ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 09:48 | 阅读:44 | 回复:0
  • CVE-2020-26609
    CVE-2020-26609
    fastadmin V1.0.0.20200506_beta contains a cross-site scripting (XSS) vulnerability which may allow an attacker to obtain administrator credentials to log in to the background.……
    作者:菜鸟教程小白 | 时间:2022-2-5 09:48 | 阅读:39 | 回复:0
  • CVE-2021-20226
    CVE-2021-20226
    A use-after-free flaw was found in the io_uring in Linux kernel, where a local attacker with a user privilege could cause a denial of service problem on the system The issue results from the lack of v ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 09:48 | 阅读:46 | 回复:0
  • CVE-2021-20230
    CVE-2021-20230
    A flaw was found in stunnel before 5.57, where it improperly validates client certificates when it is configured to use both redirect and verifyChain options. This flaw allows an attacker with a certi ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 09:48 | 阅读:32 | 回复:0
  • CVE-2021-22113
    CVE-2021-22113
    Applications using the “Sensitive Headers” functionality in Spring Cloud Netflix Zuul 2.2.6.RELEASE and below may be vulnerable to bypassing the “Sensitive Headers” restriction when executing requ ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 09:48 | 阅读:33 | 回复:0
  • CVE-2021-26685
    CVE-2021-26685
    A remote authenticated SQL Injection vulnerabilitiy was discovered in Aruba ClearPass Policy Manager version(s): Prior to 6.9.5, 6.8.8-HF1, 6.7.14-HF1. A vulnerability in the web-based management inte ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 09:48 | 阅读:33 | 回复:0
  • CVE-2021-20198
    CVE-2021-20198
    A flaw was found in the OpenShift Installer before version v0.9.0-master.0.20210125200451-95101da940b0. During installation of OpenShift Container Platform 4 clusters, bootstrap nodes are provisioned ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 09:48 | 阅读:35 | 回复:0
  • CVE-2021-20220
    CVE-2021-20220
    A flaw was found in Undertow. A regression in the fix for CVE-2020-10687 was found. HTTP request smuggling related to CVE-2017-2666 is possible against HTTP/1.x and HTTP/2 due to permitting invalid ch ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 09:48 | 阅读:48 | 回复:0
  • CVE-2021-20229
    CVE-2021-20229
    A flaw was found in PostgreSQL in versions before 13.2. This flaw allows a user with SELECT privilege on one column to craft a special query that returns all columns of the table. The highest threat f ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 09:48 | 阅读:32 | 回复:0
  • CVE-2021-22651
    CVE-2021-22651
    When loading a specially crafted file, Luxion KeyShot versions prior to 10.1, Luxion KeyShot Viewer versions prior to 10.1, Luxion KeyShot Network Rendering versions prior to 10.1, and Luxion KeyVR ve ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 09:48 | 阅读:33 | 回复:0
  • CVE-2021-26678
    CVE-2021-26678
    A remote unauthenticated stored cross-site scripting (XSS) vulnerability was discovered in Aruba ClearPass Policy Manager version(s): Prior to 6.9.5, 6.8.8-HF1, 6.7.14-HF1. A vulnerability in the web- ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 09:48 | 阅读:41 | 回复:0
  • CVE-2021-26681
    CVE-2021-26681
    A remote authenticated command Injection vulnerability was discovered in Aruba ClearPass Policy Manager version(s): Prior to 6.9.5, 6.8.8-HF1, 6.7.14-HF1. A vulnerability in the ClearPass CLI could al ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 09:48 | 阅读:26 | 回复:0
  • CVE-2021-26682
    CVE-2021-26682
    A remote reflected cross-site scripting (XSS) vulnerability was discovered in Aruba ClearPass Policy Manager version(s): Prior to 6.9.5, 6.8.8-HF1, 6.7.14-HF1. A vulnerability in the guest portal inte ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 09:48 | 阅读:32 | 回复:0
  • CVE-2021-26683
    CVE-2021-26683
    A remote authenticated command injection vulnerability was discovered in Aruba ClearPass Policy Manager version(s): Prior to 6.9.5, 6.8.8-HF1, 6.7.14-HF1. A vulnerability in the ClearPass web-based ma ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 09:48 | 阅读:42 | 回复:0
  • CVE-2021-26684
    CVE-2021-26684
    A remote authenticated command injection vulnerability was discovered in Aruba ClearPass Policy Manager version(s): Prior to 6.9.5, 6.8.8-HF1, 6.7.14-HF1. A vulnerability in the ClearPass web-based ma ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 09:48 | 阅读:23 | 回复:0
  • CVE-2021-26686
    CVE-2021-26686
    A remote authenticated SQL Injection vulnerabilitiy was discovered in Aruba ClearPass Policy Manager version(s): Prior to 6.9.5, 6.8.8-HF1, 6.7.14-HF1. A vulnerability in the web-based management inte ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 09:48 | 阅读:35 | 回复:0
  • CVE-2021-26926
    CVE-2021-26926
    A flaw was found in jasper before 2.0.25. An out of bounds read issue was found in jp2_decode function whic may lead to disclosure of information or program crash.……
    作者:菜鸟教程小白 | 时间:2022-2-5 09:48 | 阅读:55 | 回复:0
  • CVE-2021-27579
    CVE-2021-27579
    Snow Inventory Agent through 6.7.0 on Windows uses CPUID to report on processor types and versions that may be deployed and in use across an IT environment. A privilege-escalation vulnerability exists ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 09:48 | 阅读:47 | 回复:0
  • CVE-2021-27582
    CVE-2021-27582
    org/mitre/oauth2/web/OAuthConfirmationController.java in the OpenID Connect server implementation for MITREid Connect through 1.3.3 contains a Mass Assignment (aka Autobinding) vulnerability. This ari ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 09:48 | 阅读:42 | 回复:0
  • CVE-2020-27782
    CVE-2020-27782
    A flaw was found in the Undertow AJP connector. Malicious requests and abrupt connection closes could be triggered by an attacker using query strings with non-RFC compliant characters resulting in a d ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 09:48 | 阅读:35 | 回复:0
  • CVE-2020-28587
    CVE-2020-28587
    A specially crafted document can cause the document parser to copy data from a particular record type into a static-sized buffer within an object that is smaller than the size used for the copy, which ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 09:48 | 阅读:42 | 回复:0
  • CVE-2020-7120
    CVE-2020-7120
    A local authenticated buffer overflow vulnerability was discovered in Aruba ClearPass Policy Manager version(s): Prior to 6.9.5, 6.8.8-HF1, 6.7.14-HF1. A vulnerability in ClearPass OnGuard could allow ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 09:48 | 阅读:28 | 回复:0
  • CVE-2020-8297
    CVE-2020-8297
    Nextcloud Deck before 1.0.2 suffers from an insecure direct object reference (IDOR) vulnerability that permits users with a duplicate user identifier to access deck data of a previous deleted user.……
    作者:菜鸟教程小白 | 时间:2022-2-5 09:48 | 阅读:36 | 回复:0
  • CVE-2021-20247
    CVE-2021-20247
    A flaw was found in mbsync before v1.3.5 and v1.4.1. Validations of the mailbox names returned by IMAP LIST/LSUB do not occur allowing a malicious or compromised server to use specially crafted mailbo ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 09:48 | 阅读:42 | 回复:0
  • CVE-2021-22112
    CVE-2021-22112
    Spring Security 5.4.x prior to 5.4.4, 5.3.x prior to 5.3.8.RELEASE, 5.2.x prior to 5.2.9.RELEASE, and older unsupported versions can fail to save the SecurityContext if it is changed more than once in ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 09:48 | 阅读:52 | 回复:0
  • CVE-2021-22882
    CVE-2021-22882
    UniFi Protect before v1.17.1 allows an attacker to use spoofed cameras to perform a denial-of-service attack that may cause the UniFi Protect controller to crash.……
    作者:菜鸟教程小白 | 时间:2022-2-5 09:48 | 阅读:37 | 回复:0
  • CVE-2021-26593
    CVE-2021-26593
    ** UNSUPPORTED WHEN ASSIGNED ** In Directus 8.x through 8.8.1, an attacker can see all users in the CMS using the API /users/{id}. For each call, they get in response a lot of information about the us ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 09:48 | 阅读:46 | 回复:0
  • CVE-2021-26594
    CVE-2021-26594
    ** UNSUPPORTED WHEN ASSIGNED ** In Directus 8.x through 8.8.1, an attacker can switch to the administrator role (via the PATCH method) without any control by the back end. NOTE: This vulnerability onl ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 09:48 | 阅读:41 | 回复:0
  • CVE-2021-26595
    CVE-2021-26595
    ** UNSUPPORTED WHEN ASSIGNED ** In Directus 8.x through 8.8.1, an attacker can learn sensitive information such as the version of the CMS, the PHP version used by the site, and the name of the DBMS, s ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 09:48 | 阅读:41 | 回复:0
  • CVE-2021-26677
    CVE-2021-26677
    A local authenticated escalation of privilege vulnerability was discovered in Aruba ClearPass Policy Manager version(s): Prior to 6.9.5, 6.8.8-HF1, 6.7.14-HF1. A vulnerability in ClearPass OnGuard cou ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 09:48 | 阅读:34 | 回复:0
  • CVE-2021-26679
    CVE-2021-26679
    A remote authenticated command injection vulnerability was discovered in Aruba ClearPass Policy Manager version(s): Prior to 6.9.5, 6.8.8-HF1, 6.7.14-HF1. A vulnerability in the ClearPass web-based ma ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 09:48 | 阅读:39 | 回复:0
  • CVE-2021-26680
    CVE-2021-26680
    A remote authenticated command injection vulnerability was discovered in Aruba ClearPass Policy Manager version(s): Prior to 6.9.5, 6.8.8-HF1, 6.7.14-HF1. A vulnerability in the ClearPass web-based ma ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 09:48 | 阅读:45 | 回复:0
  • CVE-2021-27583
    CVE-2021-27583
    ** UNSUPPORTED WHEN ASSIGNED ** In Directus 8.x through 8.8.1, an attacker can discover whether a user is present in the database through the password reset feature. NOTE: This vulnerability only affe ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 09:48 | 阅读:38 | 回复:0
  • CVE-2021-26927
    CVE-2021-26927
    A flaw was found in jasper before 2.0.25. A null pointer dereference in jp2_decode in jp2_dec.c may lead to program crash and denial of service.……
    作者:菜鸟教程小白 | 时间:2022-2-5 09:48 | 阅读:32 | 回复:0
  • CVE-2021-3405
    CVE-2021-3405
    A flaw was found in libebml before 1.4.2. A heap overflow bug exists in the implementation of EbmlString::ReadData and EbmlUnicodeString::ReadData in libebml.……
    作者:菜鸟教程小白 | 时间:2022-2-5 09:48 | 阅读:40 | 回复:0
  • CVE-2021-20182
    CVE-2021-20182
    A privilege escalation flaw was found in openshift4/ose-docker-builder. The build container runs with high privileges using a chrooted environment instead of runc. If an attacker can gain access to th ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 09:48 | 阅读:47 | 回复:0
  • CVE-2021-20194
    CVE-2021-20194
    There is a vulnerability in the linux kernel versions higher than 5.2 (if kernel compiled with config params CONFIG_BPF_SYSCALL=y , CONFIG_BPF=y , CONFIG_CGROUPS=y , CONFIG_CGROUP_BPF=y , CONFIG_HARDE ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 09:48 | 阅读:33 | 回复:0
  • CVE-2021-20252
    CVE-2021-20252
    A flaw was found in Red Hat 3scale API Management Platform 2. The 3scale backend does not perform preventive handling on user-requested date ranges in certain queries allowing a malicious authenticate ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 09:48 | 阅读:30 | 回复:0
  • CVE-2021-20256
    CVE-2021-20256
    A flaw was found in Red Hat Satellite. The BMC interface exposes the password through the API to an authenticated local attacker with view_hosts permission. The highest threat from this vulnerability ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 09:48 | 阅读:38 | 回复:0
  • CVE-2021-21323
    CVE-2021-21323
    Brave is an open source web browser with a focus on privacy and security. In Brave versions 1.17.73-1.20.103, the CNAME adblocking feature added in Brave 1.17.73 accidentally initiated DNS requests th ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 09:48 | 阅读:41 | 回复:0

关注我们

极客给你想要的成长

关注极客中国获取最新资讯

加入Q群 官方微博
热门推荐
More+
专题导读
More+
热门话题
More+
阅读排行榜

扫描微信二维码

查看手机版网站

随时了解更新最新资讯

139-2527-9053

在线客服(服务时间 9:00~18:00)

在线QQ客服
地址:深圳市南山区西丽大学城创智工业园
电邮:jeky_zhao#qq.com
移动电话:139-2527-9053

Powered by 互联科技 X3.4© 2001-2213 极客世界.|Sitemap