漏洞 - 第176页-OGeek|极客世界-中国程序员成长平台

OGeek|极客世界-中国程序员成长平台 › 门户 ›漏洞

漏洞

RSS

下级分类:

CVE漏洞

CVE-2022-26877

Asana Desktop before 1.6.0 allows remote attackers to exfiltrate local files if they can trick the Asana desktop app into loading a malicious web page.……

作者：菜鸟教程小白 | 时间：2022-6-23 10:12 | 阅读：40 | 回复：0
CVE漏洞

CVE-2022-27883

A link following vulnerability in Trend Micro Antivirus for Mac 11.5 could allow an attacker to create a specially-crafted file as a symlink that can lead to privilege escalation. Please note that an ...……

作者：菜鸟教程小白 | 时间：2022-6-23 10:12 | 阅读：39 | 回复：0
CVE漏洞

CVE-2022-26588

A Cross-Site Request Forgery (CSRF) in IceHrm 31.0.0.OS allows attackers to delete arbitrary users or achieve account takeover via the app/service.php URI.……

作者：菜鸟教程小白 | 时间：2022-6-23 10:12 | 阅读：40 | 回复：0
CVE漏洞

CVE-2022-26180

qdPM 9.2 allows Cross-Site Request Forgery (CSRF) via the index.php/myAccount/update URI.……

作者：菜鸟教程小白 | 时间：2022-6-23 10:12 | 阅读：42 | 回复：0
CVE漏洞

CVE-2021-43149

** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none.……

作者：菜鸟教程小白 | 时间：2022-6-23 10:12 | 阅读：45 | 回复：0
CVE漏洞

CVE-2022-26855

Dell PowerScale OneFS, versions 8.2.x-9.3.0.x, contains an incorrect default permissions vulnerability. A local malicious user could potentially exploit this vulnerability, leading to a denial of serv ...……

作者：菜鸟教程小白 | 时间：2022-6-23 10:12 | 阅读：33 | 回复：0
CVE漏洞

CVE-2022-26854

Dell PowerScale OneFS, versions 8.2.x-9.2.x, contain risky cryptographic algorithms. A remote unprivileged malicious attacker could potentially exploit this vulnerability, leading to full system acces ...……

作者：菜鸟教程小白 | 时间：2022-6-23 10:12 | 阅读：54 | 回复：0
CVE漏洞

CVE-2022-26852

Dell PowerScale OneFS, versions 8.2.x-9.3.x, contain a predictable seed in pseudo-random number generator. A remote unauthenticated attacker could potentially exploit this vulnerability, leading to an ...……

作者：菜鸟教程小白 | 时间：2022-6-23 10:12 | 阅读：33 | 回复：0
CVE漏洞

CVE-2022-26851

Dell PowerScale OneFS, 8.2.2-9.3.x, contains a predictable file name from observable state vulnerability. An unprivileged network attacker could potentially exploit this vulnerability, leading to data ...……

作者：菜鸟教程小白 | 时间：2022-6-23 10:12 | 阅读：37 | 回复：0
CVE漏洞

CVE-2022-24820

XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. A guest user without the right to view pages of the wiki can still list documents by rendering ...……

作者：菜鸟教程小白 | 时间：2022-6-23 10:12 | 阅读：36 | 回复：0
CVE漏洞

CVE-2022-24819

XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. A guest user without the right to view pages of the wiki can still list documents related to us ...……

作者：菜鸟教程小白 | 时间：2022-6-23 10:12 | 阅读：47 | 回复：0
CVE漏洞

CVE-2022-24428

Dell PowerScale OneFS, versions 8.2.x, 9.0.0.x, 9.1.0.x, 9.2.0.x, 9.2.1.x, and 9.3.0.x, contain an improper preservation of privileges. A remote filesystem user with a local account could potentially ...……

作者：菜鸟教程小白 | 时间：2022-6-23 10:12 | 阅读：49 | 回复：0
CVE漏洞

CVE-2022-22563

Dell EMC Powerscale OneFS 8.2.x - 9.2.x omit security-relevant information in /etc/master.passwd. A high-privileged user can exploit this vulnerability to not record information identifying the source ...……

作者：菜鸟教程小白 | 时间：2022-6-23 10:12 | 阅读：49 | 回复：0
CVE漏洞

CVE-2021-43009

A Cross Site Scripting (XSS) vulnerability exists in OpServices OpMon through 9.11 via the search parameter in the request URL.……

作者：菜鸟教程小白 | 时间：2022-6-23 10:12 | 阅读：67 | 回复：0
CVE漏洞

CVE-2021-36293

Dell VNX2 for File version 8.1.21.266 and earlier, contain a privilege escalation vulnerability. A local malicious admin may potentially exploit vulnerability and gain elevated privileges.……

作者：菜鸟教程小白 | 时间：2022-6-23 10:12 | 阅读：91 | 回复：0
CVE漏洞

CVE-2021-36290

Dell VNX2 for File version 8.1.21.266 and earlier, contain a privilege escalation vulnerability. A local malicious admin may potentially exploit vulnerability and gain privileges.……

作者：菜鸟教程小白 | 时间：2022-6-23 10:12 | 阅读：71 | 回复：0
CVE漏洞

CVE-2021-36288

Dell VNX2 for File version 8.1.21.266 and earlier, contain a path traversal vulnerability which may lead unauthenticated users to read/write restricted files……

作者：菜鸟教程小白 | 时间：2022-6-23 10:12 | 阅读：79 | 回复：0
CVE漏洞

CVE-2021-36287

Dell VNX2 for file version 8.1.21.266 and earlier, contain an unauthenticated remote code execution vulnerability which may lead unauthenticated users to execute commands on the system.……

作者：菜鸟教程小白 | 时间：2022-6-23 10:12 | 阅读：73 | 回复：0
CVE漏洞

CVE-2022-24821

XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. Simple users can create global SSX/JSX without specific rights: in theory only users with Progr ...……

作者：菜鸟教程小白 | 时间：2022-6-23 10:12 | 阅读：79 | 回复：0
CVE漏洞

CVE-2022-1284

heap-use-after-free in GitHub repository radareorg/radare2 prior to 5.6.8. This vulnerability is capable of inducing denial of service.……

作者：菜鸟教程小白 | 时间：2022-6-23 10:12 | 阅读：98 | 回复：0
CVE漏洞

CVE-2021-43498

An Access Control vulnerability exists in ATutor 2.2.4 in password_reminder.php when the g, id, h, form_password_hidden, and form_change HTTP POST parameters are set.……

作者：菜鸟教程小白 | 时间：2022-6-23 10:12 | 阅读：86 | 回复：0
CVE漏洞

CVE-2022-27152

Roku devices running RokuOS v9.4.0 build 4200 or earlier that uses a Realtek WiFi chip is vulnerable to Arbitrary file modification.……

作者：菜鸟教程小白 | 时间：2022-6-23 10:12 | 阅读：95 | 回复：0
CVE漏洞

CVE-2022-1283

NULL Pointer Dereference in r_bin_ne_get_entrypoints function in GitHub repository radareorg/radare2 prior to 5.6.8. This vulnerability allows attackers to cause a denial of service (application crash ...……

作者：菜鸟教程小白 | 时间：2022-6-23 10:12 | 阅读：106 | 回复：0
CVE漏洞

CVE-2021-43503

A Remote Code Execution (RCE) vulnerability exists in h laravel 5.8.38 via an unserialize pop chain in (1) __destruct in \Routing\PendingResourceRegistration.php, (2) __cal in Queue\Capsule\Manager.ph ...……

作者：菜鸟教程小白 | 时间：2022-6-23 10:12 | 阅读：131 | 回复：0
CVE漏洞

CVE-2021-43517

FOSCAM Camera FI9805E with firmware V4.02.R12.00018510.10012.143900.00000 contains a backdoor that opens Telnet port when special command is sent on port 9530.……

作者：菜鸟教程小白 | 时间：2022-6-23 10:12 | 阅读：301 | 回复：0
CVE漏洞

CVE-2021-43515

CSV Injection (aka Excel Macro Injection or Formula Injection) exists in creating new timesheet in Kimai. By filling the Description field with malicious payload, it will be mistreated while exporting ...……

作者：菜鸟教程小白 | 时间：2022-6-23 10:12 | 阅读：152 | 回复：0
CVE漏洞

CVE-2022-27148

GPAC mp4box 1.1.0-DEV-rev1663-g881c6a94a-master is vulnerable to Integer Overflow.……

作者：菜鸟教程小白 | 时间：2022-6-23 10:12 | 阅读：150 | 回复：0
CVE漏洞

CVE-2022-27147

GPAC mp4box 1.1.0-DEV-rev1727-g8be34973d-master has a use-after-free vulnerability in function gf_node_get_attribute_by_tag.……

作者：菜鸟教程小白 | 时间：2022-6-23 10:12 | 阅读：77 | 回复：0
CVE漏洞

CVE-2022-27146

GPAC mp4box 1.1.0-DEV-rev1759-geb2d1e6dd-has a heap-buffer-overflow vulnerability in function gf_isom_apple_enum_tag.……

作者：菜鸟教程小白 | 时间：2022-6-23 10:12 | 阅读：69 | 回复：0
CVE漏洞

CVE-2022-27145

GPAC mp4box 1.1.0-DEV-rev1727-g8be34973d-master has a stack-overflow vulnerability in function gf_isom_get_sample_for_movie_time of mp4box.……

作者：菜鸟教程小白 | 时间：2022-6-23 10:12 | 阅读：61 | 回复：0
CVE漏洞

CVE-2022-27047

mogu_blog_cms 5.2 suffers from upload arbitrary files without any limitation.……

作者：菜鸟教程小白 | 时间：2022-6-23 10:12 | 阅读：67 | 回复：0
CVE漏洞

CVE-2022-22339

IBM Planning Analytics 2.0 is vulnerable to server-side request forgery (SSRF). This may allow an authenticated attacker to send unauthorized requests from the system, potentially leading to network e ...……

作者：菜鸟教程小白 | 时间：2022-6-23 10:12 | 阅读：60 | 回复：0
CVE漏洞

CVE-2021-43521

A Buffer Overflow vulnerability exists in zlog 1.2.15 via zlog_conf_build_with_file in src/zlog/src/conf.c.……

作者：菜鸟教程小白 | 时间：2022-6-23 10:12 | 阅读：52 | 回复：0
CVE漏洞

CVE-2021-43483

An Access Control vulnerability exists in CLARO KAON CG3000 1.00.67 in the router configuration, which could allow a malicious user to read or update the configuraiton without authentication.……

作者：菜鸟教程小白 | 时间：2022-6-23 10:12 | 阅读：56 | 回复：0
CVE漏洞

CVE-2021-40656

libsixel before 1.10 is vulnerable to Buffer Overflow in libsixel/src/quant.c:867.……

作者：菜鸟教程小白 | 时间：2022-6-23 10:12 | 阅读：51 | 回复：0
CVE漏洞

CVE-2020-4668

IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.0.3.5, 6.1.0.0 through 6.1.0.3, and 6.1.1.0 is vulnerable to cross-site request forgery which could allow an attacker to execute maliciou ...……

作者：菜鸟教程小白 | 时间：2022-6-23 10:12 | 阅读：49 | 回复：0
CVE漏洞

CVE-2022-27046

libsixel 1.8.6 suffers from a Heap Use After Free vulnerability in in libsixel/src/dither.c:388.……

作者：菜鸟教程小白 | 时间：2022-6-23 10:12 | 阅读：47 | 回复：0
CVE漏洞

CVE-2022-27044

libsixel 1.8.6 is affected by Buffer Overflow in libsixel/src/quant.c:876.……

作者：菜鸟教程小白 | 时间：2022-6-23 10:12 | 阅读：42 | 回复：0
CVE漏洞

CVE-2021-41715

libsixel 1.10.0 is vulnerable to Use after free in libsixel/src/dither.c:379.……

作者：菜鸟教程小白 | 时间：2022-6-23 10:12 | 阅读：49 | 回复：0
CVE漏洞

CVE-2022-24229

A cross-site scripting (XSS) vulnerability in ONLYOFFICE Document Server Example before v7.0.0 allows remote attackers inject arbitrary HTML or JavaScript through /example/editor.……

作者：菜鸟教程小白 | 时间：2022-6-23 10:12 | 阅读：54 | 回复：0