漏洞 - 第152页-OGeek|极客世界-中国程序员成长平台

OGeek|极客世界-中国程序员成长平台 › 门户 ›漏洞

漏洞

RSS

下级分类:

CVE漏洞

CVE-2022-21422

Vulnerability in the Oracle Communications Billing and Revenue Management product of Oracle Communications Applications (component: Connection Manager). Supported versions that are affected are 12.0.0 ...……

作者：菜鸟教程小白 | 时间：2022-6-23 10:16 | 阅读：86 | 回复：0
CVE漏洞

CVE-2022-21421

Vulnerability in the Oracle Business Intelligence Enterprise Edition product of Oracle Fusion Middleware (component: Analytics Web General). Supported versions that are affected are 5.5.0.0.0, 5.9.0.0 ...……

作者：菜鸟教程小白 | 时间：2022-6-23 10:16 | 阅读：81 | 回复：0
CVE漏洞

CVE-2022-21420

Vulnerability in the Oracle Coherence product of Oracle Fusion Middleware (component: Core). Supported versions that are affected are 12.2.1.3.0, 12.2.1.4.0 and 14.1.1.0.0. Easily exploitable vulnerab ...……

作者：菜鸟教程小白 | 时间：2022-6-23 10:16 | 阅读：61 | 回复：0
CVE漏洞

CVE-2022-21419

Vulnerability in the Oracle Business Intelligence Enterprise Edition product of Oracle Fusion Middleware (component: Visual Analyzer). Supported versions that are affected are 5.5.0.0.0 and 5.9.0.0.0. ...……

作者：菜鸟教程小白 | 时间：2022-6-23 10:16 | 阅读：46 | 回复：0
CVE漏洞

CVE-2022-21418

Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 8.0.28 and prior. Difficult to exploit vulnerability allows high privileged atta ...……

作者：菜鸟教程小白 | 时间：2022-6-23 10:16 | 阅读：31 | 回复：0
CVE漏洞

CVE-2022-21417

Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 5.7.37 and prior and 8.0.28 and prior. Easily exploitable vulnerability allows h ...……

作者：菜鸟教程小白 | 时间：2022-6-23 10:16 | 阅读：32 | 回复：0
CVE漏洞

CVE-2022-21416

Vulnerability in the Oracle Solaris product of Oracle Systems (component: Utility). The supported version that is affected is 11. Easily exploitable vulnerability allows low privileged attacker with l ...……

作者：菜鸟教程小白 | 时间：2022-6-23 10:16 | 阅读：33 | 回复：0
CVE漏洞

CVE-2022-21415

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Replication). Supported versions that are affected are 8.0.28 and prior. Easily exploitable vulnerability allows high priv ...……

作者：菜鸟教程小白 | 时间：2022-6-23 10:16 | 阅读：26 | 回复：0
CVE漏洞

CVE-2022-21414

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.28 and prior. Easily exploitable vulnerability allows high privil ...……

作者：菜鸟教程小白 | 时间：2022-6-23 10:16 | 阅读：34 | 回复：0
CVE漏洞

CVE-2022-21413

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DML). Supported versions that are affected are 8.0.28 and prior. Easily exploitable vulnerability allows high privileged a ...……

作者：菜鸟教程小白 | 时间：2022-6-23 10:16 | 阅读：37 | 回复：0
CVE漏洞

CVE-2022-21412

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.28 and prior. Easily exploitable vulnerability allows high privil ...……

作者：菜鸟教程小白 | 时间：2022-6-23 10:16 | 阅读：39 | 回复：0
CVE漏洞

CVE-2022-21411

Vulnerability in the RDBMS Gateway / Generic ODBC Connectivity component of Oracle Database Server. Supported versions that are affected are 12.1.0.2, 19c and 21c. Easily exploitable vulnerability all ...……

作者：菜鸟教程小白 | 时间：2022-6-23 10:16 | 阅读：42 | 回复：0
CVE漏洞

CVE-2022-21410

Vulnerability in the Oracle Database - Enterprise Edition Sharding component of Oracle Database Server. The supported version that is affected is 19c. Easily exploitable vulnerability allows high priv ...……

作者：菜鸟教程小白 | 时间：2022-6-23 10:16 | 阅读：53 | 回复：0
CVE漏洞

CVE-2022-21409

Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle JD Edwards (component: Web Runtime). The supported version that is affected is Prior to 9.2.6.3. Easily exploitable vulnerability ...……

作者：菜鸟教程小白 | 时间：2022-6-23 10:16 | 阅读：53 | 回复：0
CVE漏洞

CVE-2022-21405

Vulnerability in the OSS Support Tools product of Oracle Support Tools (component: Oracle Explorer). The supported version that is affected is 18.3. Easily exploitable vulnerability allows high privil ...……

作者：菜鸟教程小白 | 时间：2022-6-23 10:16 | 阅读：41 | 回复：0
CVE漏洞

CVE-2022-21404

Vulnerability in the Helidon product of Oracle Fusion Middleware (component: Reactive WebServer). Supported versions that are affected are 1.4.10 and 2.0.0-RC1. Difficult to exploit vulnerability allo ...……

作者：菜鸟教程小白 | 时间：2022-6-23 10:16 | 阅读：36 | 回复：0
CVE漏洞

CVE-2022-1385

Mattermost 6.4.x and earlier fails to properly invalidate pending email invitations when the action is performed from the system console, which allows accidentally invited users to join the workspace ...……

作者：菜鸟教程小白 | 时间：2022-6-23 10:16 | 阅读：53 | 回复：0
CVE漏洞

CVE-2022-1384

Mattermost version 6.4.x and earlier fails to properly check the plugin version when a plugin is installed from the Marketplace, which allows an authenticated and an authorized user to install and exp ...……

作者：菜鸟教程小白 | 时间：2022-6-23 10:16 | 阅读：66 | 回复：0
CVE漏洞

CVE-2022-1329

The Elementor Website Builder plugin for WordPress is vulnerable to unauthorized execution of several AJAX actions due to a missing capability check in the ~/core/app/modules/onboarding/module.php fil ...……

作者：菜鸟教程小白 | 时间：2022-6-23 10:16 | 阅读：87 | 回复：0
CVE漏洞

CVE-2022-1187

The WordPress WP YouTube Live Plugin is vulnerable to Reflected Cross-Site Scripting via POST data found in the ~/inc/admin.php file which allows unauthenticated attackers to inject arbitrary web scri ...……

作者：菜鸟教程小白 | 时间：2022-6-23 10:16 | 阅读：142 | 回复：0
CVE漏洞

CVE-2022-1186

The WordPress plugin Be POPIA Compliant exposed sensitive information to unauthenticated users consisting of site visitors emails and usernames via an API route, in versions up to an including 1.1.5.……

作者：菜鸟教程小白 | 时间：2022-6-23 10:16 | 阅读：106 | 回复：0
CVE漏洞

CVE-2022-1119

The Simple File List WordPress plugin is vulnerable to Arbitrary File Download via the eeFile parameter found in the ~/includes/ee-downloader.php file due to missing controls which makes it possible u ...……

作者：菜鸟教程小白 | 时间：2022-6-23 10:16 | 阅读：127 | 回复：0
CVE漏洞

CVE-2022-1019

Automated Logic's WebCtrl Server Version 6.1 'Help' index pages are vulnerable to open redirection. The vulnerability allows an attacker to send a maliciously crafted URL which could resul ...……

作者：菜鸟教程小白 | 时间：2022-6-23 10:16 | 阅读：259 | 回复：0
CVE漏洞

CVE-2022-0993

The SiteGround Security plugin for WordPress is vulnerable to authentication bypass that allows unauthenticated users to log in as administrative users due to missing identity verification on the 2FA ...……

作者：菜鸟教程小白 | 时间：2022-6-23 10:16 | 阅读：114 | 回复：0
CVE漏洞

CVE-2022-0992

The SiteGround Security plugin for WordPress is vulnerable to authentication bypass that allows unauthenticated users to log in as administrative users due to missing identity verification on initial ...……

作者：菜鸟教程小白 | 时间：2022-6-23 10:16 | 阅读：75 | 回复：0
CVE漏洞

CVE-2021-4096

The Fancy Product Designer plugin for WordPress is vulnerable to Cross-Site Request Forgery via the FPD_Admin_Import class that makes it possible for attackers to upload malicious files that could be ...……

作者：菜鸟教程小白 | 时间：2022-6-23 10:16 | 阅读：58 | 回复：0
CVE漏洞

CVE-2021-26627

Real-time image information exposure is caused by insufficient authentication for activated RTSP port. This vulnerability could allow to remote attackers to send the RTSP requests using ffplay command ...……

作者：菜鸟教程小白 | 时间：2022-6-23 10:16 | 阅读：73 | 回复：0
CVE漏洞

CVE-2021-26626

Improper input validation vulnerability in XPLATFORM's execBrowser method can cause execute arbitrary commands. IF the second parameter value of the execBrowser function is ‘default’, the first ...……

作者：菜鸟教程小白 | 时间：2022-6-23 10:16 | 阅读：81 | 回复：0
CVE漏洞

CVE-2021-26625

Insufficient Verification of input Data leading to arbitrary file download and execute was discovered in Nexacro platform. This vulnerability is caused by an automatic update function that does not ve ...……

作者：菜鸟教程小白 | 时间：2022-6-23 10:16 | 阅读：77 | 回复：0
CVE漏洞

CVE-2021-23283

Eaton Intelligent Power Protector (IPP) prior to version 1.69 is vulnerable to stored Cross Site Scripting. The vulnerability exists due to insufficient validation of user input and improper encoding ...……

作者：菜鸟教程小白 | 时间：2022-6-23 10:16 | 阅读：114 | 回复：0
CVE漏洞

CVE-2022-24825

Smokescreen is a simple HTTP proxy that fogs over naughty URLs. The primary use case for Smokescreen is to prevent server-side request forgery (SSRF) attacks in which external attackers leverage the b ...……

作者：菜鸟教程小白 | 时间：2022-6-23 10:16 | 阅读：133 | 回复：0
CVE漏洞

CVE-2022-27104

An Unauthenticated time-based blind SQL injection vulnerability exists in Forma LMS prior to v.1.4.3.……

作者：菜鸟教程小白 | 时间：2022-6-23 10:16 | 阅读：92 | 回复：0
CVE漏洞

CVE-2022-27055

** DISPUTED ** ecjia-daojia 1.38.1-20210202629 is vulnerable to information leakage via content/apps/installer/classes/Helper.php. When the web program is installed, a new environment file is created, ...……

作者：菜鸟教程小白 | 时间：2022-6-23 10:16 | 阅读：159 | 回复：0
CVE漏洞

CVE-2022-25648

The package git before 1.11.0 are vulnerable to Command Injection via git argument injection. When calling the fetch(remote = 'origin', opts = {}) function, the remote parameter is passed to t ...……

作者：菜鸟教程小白 | 时间：2022-6-23 10:16 | 阅读：136 | 回复：0
CVE漏洞

CVE-2021-39078

IBM Security Guardium 10.5 stores user credentials in plain clear text which can be read by a local privileged user. IBM X-Force ID: 215589.……

作者：菜鸟教程小白 | 时间：2022-6-23 10:16 | 阅读：65 | 回复：0
CVE漏洞

CVE-2021-39076

IBM Security Guardium 10.5 and 11.3 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt sensitive information. IBM X-Force ID: 215585.……

作者：菜鸟教程小白 | 时间：2022-6-23 10:16 | 阅读：49 | 回复：0
CVE漏洞

CVE-2021-39072

IBM Security Guardium 11.3 could allow a remote attacker to obtain sensitive information, caused by the failure to properly enable HTTP Strict Transport Security. An attacker could exploit this vulner ...……

作者：菜鸟教程小白 | 时间：2022-6-23 10:16 | 阅读：53 | 回复：0
CVE漏洞

CVE-2021-39033

IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.0.3.5 and 6.1.0.0 through 6.1.1.0 could allow a remote attacker to obtain sensitive information when a detailed technical error message i ...……

作者：菜鸟教程小白 | 时间：2022-6-23 10:16 | 阅读：57 | 回复：0
CVE漏洞

CVE-2022-29153

HashiCorp Consul and Consul Enterprise through 2022-04-12 allow SSRF.……

作者：菜鸟教程小白 | 时间：2022-6-23 10:16 | 阅读：46 | 回复：0
CVE漏洞

CVE-2021-44519

In Citrix XenMobile Server through 10.12 RP9, there is an Authenticated Directory Traversal vulnerability, leading to remote code execution.……

作者：菜鸟教程小白 | 时间：2022-6-23 10:16 | 阅读：32 | 回复：0