• 设为首页
  • 点击收藏
  • 手机版
    手机扫一扫访问
    迪恩网络手机版
  • 关注官方公众号
    微信扫一扫关注
    迪恩网络公众号
登陆 注册
描述文字
OGeek|极客世界-中国程序员成长平台 门户 漏洞

漏洞

RSS

下级分类:

  • CVE-2022-30966
    CVE漏洞
    CVE-2022-30966
    Jenkins Random String Parameter Plugin 1.0 and earlier does not escape the name and description of Random String parameters on views displaying parameters, resulting in a stored cross-site scripting ( ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 09:36 | 阅读:15 | 回复:0
  • CVE-2022-30965
    CVE漏洞
    CVE-2022-30965
    Jenkins Promoted Builds (Simple) Plugin 1.9 and earlier does not escape the name and description of Promotion Level parameters on views displaying parameters, resulting in a stored cross-site scriptin ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 09:36 | 阅读:15 | 回复:0
  • CVE-2022-30964
    CVE漏洞
    CVE-2022-30964
    Jenkins Multiselect parameter Plugin 1.3 and earlier does not escape the name and description of Multiselect parameters on views displaying parameters, resulting in a stored cross-site scripting (XSS) ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 09:36 | 阅读:15 | 回复:0
  • CVE-2022-30963
    CVE漏洞
    CVE-2022-30963
    Jenkins JDK Parameter Plugin 1.0 and earlier does not escape the name and description of JDK parameters on views displaying parameters, resulting in a stored cross-site scripting (XSS) vulnerability e ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 09:36 | 阅读:15 | 回复:0
  • CVE-2022-30962
    CVE漏洞
    CVE-2022-30962
    Jenkins Global Variable String Parameter Plugin 1.2 and earlier does not escape the name and description of Global Variable String parameters on views displaying parameters, resulting in a stored cros ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 09:36 | 阅读:14 | 回复:0
  • CVE-2022-30961
    CVE漏洞
    CVE-2022-30961
    Jenkins Autocomplete Parameter Plugin 1.1 and earlier does not escape the name of Dropdown Autocomplete and Auto Complete String parameters on views displaying parameters, resulting in a stored cross- ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 09:36 | 阅读:15 | 回复:0
  • CVE-2022-30960
    CVE漏洞
    CVE-2022-30960
    Jenkins Application Detector Plugin 1.0.8 and earlier does not escape the name of Chois Application Version parameters on views displaying parameters, resulting in a stored cross-site scripting (XSS) ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 09:36 | 阅读:16 | 回复:0
  • CVE-2022-30959
    CVE漏洞
    CVE-2022-30959
    A missing permission check in Jenkins SSH Plugin 2.6.1 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified SSH server using attacker-specified credentials IDs ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 09:36 | 阅读:15 | 回复:0
  • CVE-2022-30958
    CVE漏洞
    CVE-2022-30958
    A cross-site request forgery (CSRF) vulnerability in Jenkins SSH Plugin 2.6.1 and earlier allows attackers to connect to an attacker-specified SSH server using attacker-specified credentials IDs obtai ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 09:36 | 阅读:16 | 回复:0
  • CVE-2022-30957
    CVE漏洞
    CVE-2022-30957
    A missing permission check in Jenkins SSH Plugin 2.6.1 and earlier allows attackers with Overall/Read permission to enumerate credentials IDs of credentials stored in Jenkins.……
    作者:菜鸟教程小白 | 时间:2022-6-23 09:36 | 阅读:17 | 回复:0
  • CVE-2022-30956
    CVE漏洞
    CVE-2022-30956
    Jenkins Rundeck Plugin 3.6.10 and earlier does not restrict URL schemes in Rundeck webhook submissions, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers able to ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 09:36 | 阅读:20 | 回复:0
  • CVE-2022-30955
    CVE漏洞
    CVE-2022-30955
    Jenkins GitLab Plugin 1.5.31 and earlier does not perform a permission check in an HTTP endpoint, allowing attackers with Overall/Read permission to enumerate credentials IDs of credentials stored in ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 09:36 | 阅读:19 | 回复:0
  • CVE-2022-30954
    CVE漏洞
    CVE-2022-30954
    Jenkins Blue Ocean Plugin 1.25.3 and earlier does not perform a permission check in several HTTP endpoints, allowing attackers with Overall/Read permission to connect to an attacker-specified HTTP ser ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 09:36 | 阅读:31 | 回复:0
  • CVE-2022-30953
    CVE漏洞
    CVE-2022-30953
    A cross-site request forgery (CSRF) vulnerability in Jenkins Blue Ocean Plugin 1.25.3 and earlier allows attackers to connect to an attacker-specified HTTP server.……
    作者:菜鸟教程小白 | 时间:2022-6-23 09:36 | 阅读:26 | 回复:0
  • CVE-2022-30952
    CVE漏洞
    CVE-2022-30952
    Jenkins Pipeline SCM API for Blue Ocean Plugin 1.25.3 and earlier allows attackers with Job/Configure permission to access credentials with attacker-specified IDs stored in the private per-user creden ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 09:36 | 阅读:28 | 回复:0
  • CVE-2022-30951
    CVE漏洞
    CVE-2022-30951
    Jenkins WMI Windows Agents Plugin 1.8 and earlier includes the Windows Remote Command library does not implement access control, potentially allowing users to start processes even if they're not a ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 09:36 | 阅读:23 | 回复:0
  • CVE-2022-30950
    CVE漏洞
    CVE-2022-30950
    Jenkins WMI Windows Agents Plugin 1.8 and earlier includes the Windows Remote Command library which has a buffer overflow vulnerability that may allow users able to connect to a named pipe to execute ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 09:36 | 阅读:21 | 回复:0
  • CVE-2022-30949
    CVE漏洞
    CVE-2022-30949
    Jenkins REPO Plugin 1.14.0 and earlier allows attackers able to configure pipelines to check out some SCM repositories stored on the Jenkins controller's file system using local paths as SCM URLs, ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 09:36 | 阅读:18 | 回复:0
  • CVE-2022-30948
    CVE漏洞
    CVE-2022-30948
    Jenkins Mercurial Plugin 2.16 and earlier allows attackers able to configure pipelines to check out some SCM repositories stored on the Jenkins controller's file system using local paths as SCM UR ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 09:36 | 阅读:15 | 回复:0
  • CVE-2022-30947
    CVE漏洞
    CVE-2022-30947
    Jenkins Git Plugin 4.11.1 and earlier allows attackers able to configure pipelines to check out some SCM repositories stored on the Jenkins controller's file system using local paths as SCM URLs, ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 09:36 | 阅读:15 | 回复:0
  • CVE-2022-30946
    CVE漏洞
    CVE-2022-30946
    A cross-site request forgery (CSRF) vulnerability in Jenkins Script Security Plugin 1158.v7c1b_73a_69a_08 and earlier allows attackers to have Jenkins send an HTTP request to an attacker-specified web ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 09:36 | 阅读:14 | 回复:0
  • CVE-2022-30945
    CVE漏洞
    CVE-2022-30945
    Jenkins Pipeline: Groovy Plugin 2689.v434009a_31b_f1 and earlier allows loading any Groovy source files on the classpath of Jenkins and Jenkins plugins in sandboxed pipelines.……
    作者:菜鸟教程小白 | 时间:2022-6-23 09:36 | 阅读:13 | 回复:0
  • CVE-2022-30110
    CVE漏洞
    CVE-2022-30110
    The file preview functionality in Jirafeau 4.4.0, which is enabled by default, could be exploited for cross site scripting. An attacker could upload image/svg+xml files containing JavaScript. When so ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 09:36 | 阅读:14 | 回复:0
  • CVE-2022-29332
    CVE漏洞
    CVE-2022-29332
    D-LINK DIR-825 AC1200 R2 is vulnerable to Directory Traversal. An attacker could use the ../../../../ setting of the FTP server folder to set the router's root folder for FTP access. This allows y ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 09:36 | 阅读:15 | 回复:0
  • CVE-2022-1711
    CVE漏洞
    CVE-2022-1711
    Server-Side Request Forgery (SSRF) in GitHub repository jgraph/drawio prior to 18.0.5.……
    作者:菜鸟教程小白 | 时间:2022-6-23 09:36 | 阅读:14 | 回复:0
  • CVE-2021-42644
    CVE漏洞
    CVE-2021-42644
    cmseasy V7.7.5_20211012 is affected by an arbitrary file read vulnerability. After login, the configuration file information of the website such as the database configuration file (config / config_dat ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 09:36 | 阅读:18 | 回复:0
  • CVE-2021-42643
    CVE漏洞
    CVE-2021-42643
    cmseasy V7.7.5_20211012 is affected by an arbitrary file write vulnerability. Through this vulnerability, a PHP script file is written to the website server, and accessing this file can lead to a code ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 09:36 | 阅读:32 | 回复:0
  • CVE-2021-42943
    CVE漏洞
    CVE-2021-42943
    Stored cross-site scripting (XSS) in admin/usermanager.php over IPPlan v4.92b allows remote attackers to inject arbitrary web script or HTML via the userid parameter.……
    作者:菜鸟教程小白 | 时间:2022-6-23 09:36 | 阅读:18 | 回复:0
  • CVE-2022-1723
    CVE漏洞
    CVE-2022-1723
    Server-Side Request Forgery (SSRF) in GitHub repository jgraph/drawio prior to 18.0.6.……
    作者:菜鸟教程小白 | 时间:2022-6-23 09:36 | 阅读:10 | 回复:0
  • CVE-2022-26650
    CVE漏洞
    CVE-2022-26650
    In Apache ShenYui, ShenYu-Bootstrap, RegexPredicateJudge.java uses Pattern.matches(conditionData.getParamValue(), realData) to make judgments, where both parameters are controllable by the user. This ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 09:36 | 阅读:12 | 回复:0
  • CVE-2013-10001
    CVE漏洞
    CVE-2013-10001
    A vulnerability was found in HTC One/Sense 4.x. It has been rated as problematic. Affected by this issue is the certification validation of the mail client. An exploit has been disclosed to the public ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 09:36 | 阅读:12 | 回复:0
  • CVE-2022-1753
    CVE漏洞
    CVE-2022-1753
    A vulnerability, which was classified as critical, was found in WoWonder. Affected is the file /requests.php which is responsible to handle group messages. The manipulation of the argument group_id al ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 09:36 | 阅读:11 | 回复:0
  • CVE-2022-23670
    CVE漏洞
    CVE-2022-23670
    A remote authenticated information disclosure vulnerability was discovered in Aruba ClearPass Policy Manager version(s): 6.10.4 and below, 6.9.9 and below, 6.8.9-HF2 and below, 6.7.x and below. Aruba ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 09:36 | 阅读:11 | 回复:0
  • CVE-2022-23668
    CVE漏洞
    CVE-2022-23668
    A remote authenticated server-side request forgery (ssrf) vulnerability was discovered in Aruba ClearPass Policy Manager version(s): 6.10.4 and below, 6.9.9 and below, 6.8.9-HF2 and below, 6.7.x and b ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 09:36 | 阅读:10 | 回复:0
  • CVE-2022-23667
    CVE漏洞
    CVE-2022-23667
    A authenticated remote command injection vulnerability was discovered in Aruba ClearPass Policy Manager version(s): 6.10.4 and below, 6.9.9 and below, 6.8.9-HF2 and below, 6.7.x and below. Aruba has r ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 09:36 | 阅读:12 | 回复:0
  • CVE-2022-1587
    CVE漏洞
    CVE-2022-1587
    An out-of-bounds read vulnerability was discovered in the PCRE2 library in the get_recurse_data_length() function of the pcre2_jit_compile.c file. This issue affects recursions in JIT-compiled regular ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 09:36 | 阅读:12 | 回复:0
  • CVE-2022-1586
    CVE漏洞
    CVE-2022-1586
    An out-of-bounds read vulnerability was discovered in the PCRE2 library in the compile_xclass_matchingpath() function of the pcre2_jit_compile.c file. This involves a unicode property matching issue i ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 09:36 | 阅读:12 | 回复:0
  • CVE-2022-23666
    CVE漏洞
    CVE-2022-23666
    A authenticated remote command injection vulnerability was discovered in Aruba ClearPass Policy Manager version(s): 6.10.4 and below, 6.9.9 and below, 6.8.9-HF2 and below, 6.7.x and below. Aruba has r ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 09:36 | 阅读:11 | 回复:0
  • CVE-2022-23665
    CVE漏洞
    CVE-2022-23665
    A authenticated remote command injection vulnerability was discovered in Aruba ClearPass Policy Manager version(s): 6.10.4 and below, 6.9.9 and below, 6.8.9-HF2 and below, 6.7.x and below. Aruba has r ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 09:36 | 阅读:11 | 回复:0
  • CVE-2022-23664
    CVE漏洞
    CVE-2022-23664
    A authenticated remote command injection vulnerability was discovered in Aruba ClearPass Policy Manager version(s): 6.10.4 and below, 6.9.9 and below, 6.8.9-HF2 and below, 6.7.x and below. Aruba has r ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 09:36 | 阅读:11 | 回复:0

关注我们

极客给你想要的成长

关注极客中国获取最新资讯

加入Q群 官方微博
热门推荐
More+
专题导读
More+
热门话题
More+
阅读排行榜

扫描微信二维码

查看手机版网站

随时了解更新最新资讯

139-2527-9053

在线客服(服务时间 9:00~18:00)

在线QQ客服
地址:深圳市南山区西丽大学城创智工业园
电邮:jeky_zhao#qq.com
移动电话:139-2527-9053

Powered by 互联科技 X3.4© 2001-2213 极客世界.|Sitemap