漏洞 - 第163页-OGeek|极客世界-中国程序员成长平台

OGeek|极客世界-中国程序员成长平台 › 门户 ›漏洞

漏洞

RSS

下级分类:

CVE漏洞

CVE-2021-21956

A php unserialize vulnerability exists in the Ai-Bolit functionality of CloudLinux Inc Imunify360 5.10.2. A specially-crafted malformed file can lead to potential arbitrary command execution. An attac ...……

作者：菜鸟教程小白 | 时间：2022-6-23 10:14 | 阅读：59 | 回复：0
CVE漏洞

CVE-2021-21949

An improper array index validation vulnerability exists in the JPEG-JFIF Scan header parser functionality of Accusoft ImageGear 19.10. A specially-crafted file can lead to an out-of-bounds write and p ...……

作者：菜鸟教程小白 | 时间：2022-6-23 10:14 | 阅读：71 | 回复：0
CVE漏洞

CVE-2021-21948

A heap-based buffer overflow vulnerability exists in the readDatHeadVec functionality of AnyCubic Chitubox AnyCubic Plugin 1.0.0. A specially-crafted GF file can lead to a heap buffer overflow. An att ...……

作者：菜鸟教程小白 | 时间：2022-6-23 10:14 | 阅读：79 | 回复：0
CVE漏洞

CVE-2021-21947

Two heap-based buffer overflow vulnerabilities exists in the JPEG-JFIF lossless Huffman image parser functionality of Accusoft ImageGear 19.10. A specially-crafted file can lead to a heap buffer overf ...……

作者：菜鸟教程小白 | 时间：2022-6-23 10:14 | 阅读：48 | 回复：0
CVE漏洞

CVE-2021-21946

Two heap-based buffer overflow vulnerabilities exists in the JPEG-JFIF lossless Huffman image parser functionality of Accusoft ImageGear 19.10. A specially-crafted file can lead to a heap buffer overf ...……

作者：菜鸟教程小白 | 时间：2022-6-23 10:14 | 阅读：28 | 回复：0
CVE漏洞

CVE-2021-21945

Two heap-based buffer overflow vulnerabilities exist in the TIFF parser functionality of Accusoft ImageGear 19.10. A specially-crafted file can lead to a heap buffer overflow. An attacker can provide ...……

作者：菜鸟教程小白 | 时间：2022-6-23 10:14 | 阅读：25 | 回复：0
CVE漏洞

CVE-2021-21944

Two heap-based buffer overflow vulnerabilities exist in the TIFF parser functionality of Accusoft ImageGear 19.10. A specially-crafted file can lead to a heap buffer overflow. An attacker can provide ...……

作者：菜鸟教程小白 | 时间：2022-6-23 10:14 | 阅读：21 | 回复：0
CVE漏洞

CVE-2021-21943

A heap-based buffer overflow vulnerability exists in the XWD parser functionality of Accusoft ImageGear 19.10. A specially-crafted file can lead to code execution. An attacker can provide a malicious ...……

作者：菜鸟教程小白 | 时间：2022-6-23 10:14 | 阅读：26 | 回复：0
CVE漏洞

CVE-2021-21942

An out-of-bounds write vulnerability exists in the TIFF YCbCr image parser functionality of Accusoft ImageGear 19.10. A specially-crafted file can lead to remote code execution. An attacker can provid ...……

作者：菜鸟教程小白 | 时间：2022-6-23 10:14 | 阅读：22 | 回复：0
CVE漏洞

CVE-2021-21939

A heap-based buffer overflow vulnerability exists in the XWD parser functionality of Accusoft ImageGear 19.10. A specially-crafted file can lead to code execution. An attacker can provide a malicious ...……

作者：菜鸟教程小白 | 时间：2022-6-23 10:14 | 阅读：19 | 回复：0
CVE漏洞

CVE-2021-21938

A heap-based buffer overflow vulnerability exists in the Palette box parser functionality of Accusoft ImageGear 19.10. A specially-crafted file can lead to code execution. An attacker can provide a ma ...……

作者：菜鸟教程小白 | 时间：2022-6-23 10:14 | 阅读：16 | 回复：0
CVE漏洞

CVE-2021-21914

A heap-based buffer overflow vulnerability exists in the DecoderStream::Append functionality of Accusoft ImageGear 19.10. A specially-crafted file can lead to code execution. An attacker can provide a ...……

作者：菜鸟教程小白 | 时间：2022-6-23 10:14 | 阅读：23 | 回复：0
CVE漏洞

CVE-2022-22391

IBM Aspera High-Speed Transfer 4.3.1 and earlier could allow an authenticated user to obtain information from non sensitive operating system files that they should not have access to. IBM X-Force ID: ...……

作者：菜鸟教程小白 | 时间：2022-6-23 10:14 | 阅读：24 | 回复：0
CVE漏洞

CVE-2022-27817

SWHKD 1.1.5 consumes the keyboard events of unintended users. This could potentially cause an information leak, but is usually a denial of functionality.……

作者：菜鸟教程小白 | 时间：2022-6-23 10:14 | 阅读：33 | 回复：0
CVE漏洞

CVE-2022-27814

SWHKD 1.1.5 allows arbitrary file-existence tests via the -c option.……

作者：菜鸟教程小白 | 时间：2022-6-23 10:14 | 阅读：49 | 回复：0
CVE漏洞

CVE-2022-25166

An issue was discovered in Amazon AWS VPN Client 2.0.0. It is possible to include a UNC path in the OpenVPN configuration file when referencing file paths for parameters (such as auth-user-pass). When ...……

作者：菜鸟教程小白 | 时间：2022-6-23 10:14 | 阅读：68 | 回复：0
CVE漏洞

CVE-2022-25165

An issue was discovered in Amazon AWS VPN Client 2.0.0. A TOCTOU race condition exists during the validation of VPN configuration files. This allows parameters outside of the AWS VPN Client allow list ...……

作者：菜鸟教程小白 | 时间：2022-6-23 10:14 | 阅读：74 | 回复：0
CVE漏洞

CVE-2022-22198

An Access of Uninitialized Pointer vulnerability in the SIP ALG of Juniper Networks Junos OS allows an unauthenticated network-based attacker to cause a Denial of Service (DoS). Continued receipt of t ...……

作者：菜鸟教程小白 | 时间：2022-6-23 10:14 | 阅读：60 | 回复：0
CVE漏洞

CVE-2022-22197

An Operation on a Resource after Expiration or Release vulnerability in the Routing Protocol Daemon (RPD) of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated network-based atta ...……

作者：菜鸟教程小白 | 时间：2022-6-23 10:14 | 阅读：48 | 回复：0
CVE漏洞

CVE-2022-22196

An Improper Check for Unusual or Exceptional Conditions vulnerability in the Routing Protocol Daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows an adjacent, unauthenticated attacke ...……

作者：菜鸟教程小白 | 时间：2022-6-23 10:14 | 阅读：46 | 回复：0
CVE漏洞

CVE-2022-22195

An Improper Update of Reference Count vulnerability in the kernel of Juniper Networks Junos OS Evolved allows an unauthenticated, network-based attacker to trigger a counter overflow, eventually causi ...……

作者：菜鸟教程小白 | 时间：2022-6-23 10:14 | 阅读：37 | 回复：0
CVE漏洞

CVE-2022-22194

An Improper Check for Unusual or Exceptional Conditions vulnerability in the packetIO daemon of Juniper Networks Junos OS Evolved on PTX10003, PTX10004, and PTX10008 allows an unauthenticated, network ...……

作者：菜鸟教程小白 | 时间：2022-6-23 10:14 | 阅读：28 | 回复：0
CVE漏洞

CVE-2022-22193

An Improper Handling of Unexpected Data Type vulnerability in the Routing Protocol Daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows a locally authenticated attacker with low privi ...……

作者：菜鸟教程小白 | 时间：2022-6-23 10:14 | 阅读：46 | 回复：0
CVE漏洞

CVE-2022-22191

A Denial of Service (DoS) vulnerability in the processing of a flood of specific ARP traffic in Juniper Networks Junos OS on the EX4300 switch, sent from the local broadcast domain, may allow an unaut ...……

作者：菜鸟教程小白 | 时间：2022-6-23 10:14 | 阅读：58 | 回复：0
CVE漏洞

CVE-2022-22190

An Improper Access Control vulnerability in the Juniper Networks Paragon Active Assurance Control Center allows an unauthenticated attacker to leverage a crafted URL to generate PDF reports, potential ...……

作者：菜鸟教程小白 | 时间：2022-6-23 10:14 | 阅读：68 | 回复：0
CVE漏洞

CVE-2022-22189

An Incorrect Ownership Assignment vulnerability in Juniper Networks Contrail Service Orchestration (CSO) allows a locally authenticated user to have their permissions elevated without authentication t ...……

作者：菜鸟教程小白 | 时间：2022-6-23 10:14 | 阅读：58 | 回复：0
CVE漏洞

CVE-2022-22188

An Uncontrolled Memory Allocation vulnerability leading to a Heap-based Buffer Overflow in the packet forwarding engine (PFE) of Juniper Networks Junos OS allows a network-based unauthenticated attack ...……

作者：菜鸟教程小白 | 时间：2022-6-23 10:14 | 阅读：88 | 回复：0
CVE漏洞

CVE-2022-22187

An Improper Privilege Management vulnerability in the Windows Installer framework used in the Juniper Networks Juniper Identity Management Service (JIMS) allows an unprivileged user to trigger a repai ...……

作者：菜鸟教程小白 | 时间：2022-6-23 10:14 | 阅读：80 | 回复：0
CVE漏洞

CVE-2022-22186

Due to an Improper Initialization vulnerability in Juniper Networks Junos OS on EX4650 devices, packets received on the management interface (em0) but not destined to the device, may be improperly for ...……

作者：菜鸟教程小白 | 时间：2022-6-23 10:14 | 阅读：113 | 回复：0
CVE漏洞

CVE-2022-22185

A vulnerability in Juniper Networks Junos OS on SRX Series, allows a network-based unauthenticated attacker to cause a Denial of Service (DoS) by sending a specific fragmented packet to the device, re ...……

作者：菜鸟教程小白 | 时间：2022-6-23 10:14 | 阅读：107 | 回复：0
CVE漏洞

CVE-2022-22183

An Improper Access Control vulnerability in Juniper Networks Junos OS Evolved allows a network-based unauthenticated attacker who is able to connect to a specific open IPv4 port, which in affected rel ...……

作者：菜鸟教程小白 | 时间：2022-6-23 10:14 | 阅读：53 | 回复：0
CVE漏洞

CVE-2022-22182

A Cross-site Scripting (XSS) vulnerability in Juniper Networks Junos OS J-Web allows an attacker to construct a URL that when visited by another user enables the attacker to execute commands with the ...……

作者：菜鸟教程小白 | 时间：2022-6-23 10:14 | 阅读：36 | 回复：0
CVE漏洞

CVE-2022-22181

A reflected Cross-site Scripting (XSS) vulnerability in J-Web of Juniper Networks Junos OS allows a network-based authenticated attacker to run malicious scripts reflected off J-Web to the victim' ...……

作者：菜鸟教程小白 | 时间：2022-6-23 10:14 | 阅读：38 | 回复：0
CVE漏洞

CVE-2022-27008

nginx njs 0.7.2 is vulnerable to Buffer Overflow. Type confused in Array.prototype.concat() when a slow array appended element is fast array.……

作者：菜鸟教程小白 | 时间：2022-6-23 10:14 | 阅读：35 | 回复：0
CVE漏洞

CVE-2022-27007

nginx njs 0.7.2 is affected suffers from Use-after-free in njs_function_frame_alloc() when it try to invoke from a restored frame saved with njs_function_frame_save().……

作者：菜鸟教程小白 | 时间：2022-6-23 10:14 | 阅读：53 | 回复：0
CVE漏洞

CVE-2022-1258

A blind SQL injection vulnerability in the ePolicy Orchestrator (ePO) extension of MA prior to 5.7.6 can be exploited by an authenticated administrator on ePO to perform arbitrary SQL queries in the b ...……

作者：菜鸟教程小白 | 时间：2022-6-23 10:14 | 阅读：32 | 回复：0
CVE漏洞

CVE-2022-1257

Insecure storage of sensitive information vulnerability in MA for Linux, macOS, and Windows prior to 5.7.6 allows a local user to gain access to sensitive information through storage in ma.db. The sen ...……

作者：菜鸟教程小白 | 时间：2022-6-23 10:14 | 阅读：29 | 回复：0
CVE漏洞

CVE-2022-1256

A local privilege escalation vulnerability in MA for Windows prior to 5.7.6 allows a local low privileged user to gain system privileges through running the repair functionality. Temporary file action ...……

作者：菜鸟教程小白 | 时间：2022-6-23 10:14 | 阅读：26 | 回复：0
CVE漏洞

CVE-2021-45228

An XSS issue was discovered in COINS Construction Cloud 11.12. Due to insufficient neutralization of user input in the description of a task, it is possible to store malicious JavaScript code in the t ...……

作者：菜鸟教程小白 | 时间：2022-6-23 10:14 | 阅读：31 | 回复：0
CVE漏洞

CVE-2021-45227

An issue was discovered in COINS Construction Cloud 11.12. Due to an inappropriate use of HTML IFRAME elements, the file upload functionality is vulnerable to a persistent Cross-Site Scripting (XSS) a ...……

作者：菜鸟教程小白 | 时间：2022-6-23 10:14 | 阅读：32 | 回复：0