漏洞 - 第101页-OGeek|极客世界-中国程序员成长平台

OGeek|极客世界-中国程序员成长平台 › 门户 ›漏洞

漏洞

RSS

下级分类:

CVE漏洞

CVE-2022-0862

A lack of password change protection vulnerability in a depreciated API of McAfee Enterprise ePolicy Orchestrator (ePO) prior to 5.10 Update 13 allows a remote attacker to change the password of a com ...……

作者：菜鸟教程小白 | 时间：2022-6-23 10:55 | 阅读：39 | 回复：0
CVE漏洞

CVE-2022-0861

A XML Extended entity vulnerability in McAfee Enterprise ePolicy Orchestrator (ePO) prior to 5.10 Update 13 allows a remote administrator attacker to upload a malicious XML file through the extension ...……

作者：菜鸟教程小白 | 时间：2022-6-23 10:55 | 阅读：32 | 回复：0
CVE漏洞

CVE-2022-0859

McAfee Enterprise ePolicy Orchestrator (ePO) prior to 5.10 Update 13 allows a local attacker to point an ePO server to an arbitrary SQL server during the restoration of the ePO server. To achieve this ...……

作者：菜鸟教程小白 | 时间：2022-6-23 10:55 | 阅读：36 | 回复：0
CVE漏洞

CVE-2022-0858

A cross-site scripting (XSS) vulnerability in McAfee Enterprise ePolicy Orchestrator (ePO) prior to 5.10 Update 13 allows a remote attacker to potentially obtain access to an ePO administrator's s ...……

作者：菜鸟教程小白 | 时间：2022-6-23 10:55 | 阅读：27 | 回复：0
CVE漏洞

CVE-2022-0857

A reflected cross-site scripting (XSS) vulnerability in McAfee Enterprise ePolicy Orchestrator (ePO) prior to 5.10 Update 13 allows a remote attacker to potentially obtain access to an ePO administrat ...……

作者：菜鸟教程小白 | 时间：2022-6-23 10:55 | 阅读：25 | 回复：0
CVE漏洞

CVE-2022-0886

** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2022-27666. Reason: This candidate is a reservation duplicate of CVE-2022-27666. Notes: All CVE users should reference CVE-2022-27666 ins ...……

作者：菜鸟教程小白 | 时间：2022-6-23 10:55 | 阅读：39 | 回复：0
CVE漏洞

CVE-2022-0842

A blind SQL injection vulnerability in McAfee Enterprise ePolicy Orchestrator (ePO) prior to 5.10 Update 13 allows a remote authenticated attacker to potentially obtain information from the ePO databa ...……

作者：菜鸟教程小白 | 时间：2022-6-23 10:55 | 阅读：51 | 回复：0
CVE漏洞

CVE-2021-44759

Improper Authentication vulnerability in TLS origin validation of Apache Traffic Server allows an attacker to create a man in the middle attack. This issue affects Apache Traffic Server 8.0.0 to 8.1.0 ...……

作者：菜鸟教程小白 | 时间：2022-6-23 10:55 | 阅读：56 | 回复：0
CVE漏洞

CVE-2021-44040

Improper Input Validation vulnerability in request line parsing of Apache Traffic Server allows an attacker to send invalid requests. This issue affects Apache Traffic Server 8.0.0 to 8.1.3 and 9.0.0 ...……

作者：菜鸟教程小白 | 时间：2022-6-23 10:55 | 阅读：75 | 回复：0
CVE漏洞

CVE-2021-25220

BIND 9.11.0 - 9.11.36 9.12.0 - 9.16.26 9.17.0 - 9.18.0 BIND Supported Preview Editions: 9.11.4-S1 - 9.11.36-S1 9.16.8-S1 - 9.16.26-S1 Versions of BIND 9 earlier than those shown - back to 9.1.0, inclu ...……

作者：菜鸟教程小白 | 时间：2022-6-23 10:55 | 阅读：113 | 回复：0
CVE漏洞

CVE-2022-0635

Versions affected: BIND 9.18.0 When a vulnerable version of named receives a series of specific queries, the named process will eventually terminate due to a failed assertion check.……

作者：菜鸟教程小白 | 时间：2022-6-23 10:55 | 阅读：85 | 回复：0
CVE漏洞

CVE-2022-0396

BIND 9.16.11 - 9.16.26, 9.17.0 - 9.18.0 and versions 9.16.11-S1 - 9.16.26-S1 of the BIND Supported Preview Edition. Specifically crafted TCP streams can cause connections to BIND to remain in CLOSE_WA ...……

作者：菜鸟教程小白 | 时间：2022-6-23 10:55 | 阅读：56 | 回复：0
CVE漏洞

CVE-2021-45757

ASUS AC68U =3.0.0.4.385.20852 is affected by a buffer overflow in blocking.cgi, which may cause a denial of service (DoS).……

作者：菜鸟教程小白 | 时间：2022-6-23 10:55 | 阅读：31 | 回复：0
CVE漏洞

CVE-2021-45756

Asus RT-AC68U 3.0.0.4.385.20633 and RT-AC5300 3.0.0.4.384.82072 are affected by a buffer overflow in blocking_request.cgi.……

作者：菜鸟教程小白 | 时间：2022-6-23 10:55 | 阅读：31 | 回复：0
CVE漏洞

CVE-2022-1033

Unrestricted Upload of File with Dangerous Type in GitHub repository crater-invoice/crater prior to 6.0.6.……

作者：菜鸟教程小白 | 时间：2022-6-23 10:55 | 阅读：38 | 回复：0
CVE漏洞

CVE-2022-27666

A heap buffer overflow flaw was found in IPsec ESP transformation code in net/ipv4/esp4.c and net/ipv6/esp6.c. This flaw allows a local attacker with a normal user privilege to overwrite kernel heap o ...……

作者：菜鸟教程小白 | 时间：2022-6-23 10:55 | 阅读：31 | 回复：0
CVE漏洞

CVE-2022-25518

In CMDBuild from version 3.0 to 3.3.2 payload requests are saved in a temporary log table, which allows attackers with database access to read the password of the users who login to the application by ...……

作者：菜鸟教程小白 | 时间：2022-6-23 10:55 | 阅读：25 | 回复：0
CVE漏洞

CVE-2022-26189

TOTOLINK N600R V4.3.0cu.7570_B20200620 was discovered to contain a command injection vulnerability via the langType parameter in the login interface.……

作者：菜鸟教程小白 | 时间：2022-6-23 10:55 | 阅读：23 | 回复：0
CVE漏洞

CVE-2022-26188

TOTOLINK N600R V4.3.0cu.7570_B20200620 was discovered to contain a command injection vulnerability via /setting/NTPSyncWithHost.……

作者：菜鸟教程小白 | 时间：2022-6-23 10:55 | 阅读：40 | 回复：0
CVE漏洞

CVE-2022-26187

TOTOLINK N600R V4.3.0cu.7570_B20200620 was discovered to contain a command injection vulnerability via the pingCheck function.……

作者：菜鸟教程小白 | 时间：2022-6-23 10:55 | 阅读：30 | 回复：0
CVE漏洞

CVE-2022-26186

TOTOLINK N600R V4.3.0cu.7570_B20200620 was discovered to contain a command injection vulnerability via the exportOvpn interface at cstecgi.cgi.……

作者：菜鸟教程小白 | 时间：2022-6-23 10:55 | 阅读：32 | 回复：0
CVE漏洞

CVE-2021-33961

A Cross Site Scripting (XSS) vulnerabililty exists in enhanced-github v5.0.11 via the file name parameter.……

作者：菜鸟教程小白 | 时间：2022-6-23 10:55 | 阅读：41 | 回复：0
CVE漏洞

CVE-2022-1031

Use After Free in op_is_set_bp in GitHub repository radareorg/radare2 prior to 5.6.6.……

作者：菜鸟教程小白 | 时间：2022-6-23 10:55 | 阅读：21 | 回复：0
CVE漏洞

CVE-2022-26260

Simple-Plist v1.3.0 was discovered to contain a prototype pollution vulnerability via .parse().……

作者：菜鸟教程小白 | 时间：2022-6-23 10:55 | 阅读：28 | 回复：0
CVE漏洞

CVE-2022-25517

MyBatis plus v3.4.3 was discovered to contain a SQL injection vulnerability via the Column parameter in /core/conditions/AbstractWrapper.java.……

作者：菜鸟教程小白 | 时间：2022-6-23 10:55 | 阅读：21 | 回复：0
CVE漏洞

CVE-2022-27228

In the vote (aka Polls, Votes) module before 21.0.100 of Bitrix Site Manager, a remote unauthenticated attacker can execute arbitrary code.……

作者：菜鸟教程小白 | 时间：2022-6-23 10:55 | 阅读：34 | 回复：0
CVE漏洞

CVE-2021-41736

Faust v2.35.0 was discovered to contain a heap-buffer overflow in the function realPropagate() at propagate.cpp.……

作者：菜鸟教程小白 | 时间：2022-6-23 10:55 | 阅读：25 | 回复：0
CVE漏洞

CVE-2022-25484

tcpprep v4.4.1 has a reachable assertion (assert(l2len 0)) in packet2tree() at tree.c in tcpprep v4.4.1.……

作者：菜鸟教程小白 | 时间：2022-6-23 10:55 | 阅读：22 | 回复：0
CVE漏洞

CVE-2022-24774

CycloneDX BOM Repository Server is a bill of materials (BOM) repository server for distributing CycloneDX BOMs. CycloneDX BOM Repository Server before version 2.0.1 has an improper input validation vu ...……

作者：菜鸟教程小白 | 时间：2022-6-23 10:55 | 阅读：35 | 回复：0
CVE漏洞

CVE-2022-24764

PJSIP is a free and open source multimedia communication library written in C. Versions 2.12 and prior contain a stack buffer overflow vulnerability that affects PJSUA2 users or users that call the AP ...……

作者：菜鸟教程小白 | 时间：2022-6-23 10:55 | 阅读：35 | 回复：0
CVE漏洞

CVE-2022-21718

Electron is a framework for writing cross-platform desktop applications using JavaScript, HTML and CSS. A vulnerability in versions prior to `17.0.0-alpha.6`, `16.0.6`, `15.3.5`, `14.2.4`, and `13.6.6 ...……

作者：菜鸟教程小白 | 时间：2022-6-23 10:55 | 阅读：41 | 回复：0
CVE漏洞

CVE-2021-43650

WebRun 3.6.0.42 is vulnerable to SQL Injection via the P_0 parameter used to set the username during the login process.……

作者：菜鸟教程小白 | 时间：2022-6-23 10:55 | 阅读：36 | 回复：0
CVE漏洞

CVE-2022-1036

Able to create an account with long password leads to memory corruption / Integer Overflow in GitHub repository microweber/microweber prior to 1.2.12.……

作者：菜鸟教程小白 | 时间：2022-6-23 10:55 | 阅读：38 | 回复：0
CVE漏洞

CVE-2022-0667

When the vulnerability is triggered the BIND process will exit. BIND 9.18.0……

作者：菜鸟教程小白 | 时间：2022-6-23 10:55 | 阅读：40 | 回复：0
CVE漏洞

CVE-2021-45810

Multiple versions of GlobalProtect-openconnect are affected by incorrect access control in GPService through DBUS, GUI. The way GlobalProtect-Openconnect is set up enables arbitrary users to start a V ...……

作者：菜鸟教程小白 | 时间：2022-6-23 10:55 | 阅读：37 | 回复：0
CVE漏洞

CVE-2021-45809

GlobalProtect-openconnect versions prior to 1.4.3 are affected by incorrect access control in GPService through DBUS, GUI Application. The way GlobalProtect-Openconnect is set up enables arbitrary use ...……

作者：菜鸟教程小白 | 时间：2022-6-23 10:55 | 阅读：56 | 回复：0
CVE漏洞

CVE-2022-1034

There is a Unrestricted Upload of File vulnerability in ShowDoc v2.10.3 in GitHub repository star7th/showdoc prior to 2.10.4.……

作者：菜鸟教程小白 | 时间：2022-6-23 10:55 | 阅读：36 | 回复：0
CVE漏洞

CVE-2022-0652

Confd log files contain local users', including rootâ€™s, SHA512crypt password hashes with insecure access permissions. This allows a local attacker to attempt off-line brute-force attacks agai ...……

作者：菜鸟教程小白 | 时间：2022-6-23 10:55 | 阅读：33 | 回复：0
CVE漏洞

CVE-2022-0386

A post-auth SQL injection vulnerability in the Mail Manager potentially allows an authenticated attacker to execute code in Sophos UTM before version 9.710.……

作者：菜鸟教程小白 | 时间：2022-6-23 10:55 | 阅读：32 | 回复：0
CVE漏洞

CVE-2022-27607

Bento4 1.6.0-639 has a heap-based buffer over-read in the AP4_HvccAtom class, a different issue than CVE-2018-14531.……

作者：菜鸟教程小白 | 时间：2022-6-23 10:55 | 阅读：26 | 回复：0