• 设为首页
  • 点击收藏
  • 手机版
    手机扫一扫访问
    迪恩网络手机版
  • 关注官方公众号
    微信扫一扫关注
    迪恩网络公众号
登陆 注册
描述文字
OGeek|极客世界-中国程序员成长平台 门户 漏洞

漏洞

RSS

下级分类:

  • CVE-2022-29611
    CVE漏洞
    CVE-2022-29611
    SAP NetWeaver Application Server for ABAP and ABAP Platform do not perform necessary authorization checks for an authenticated user, resulting in escalation of privileges.……
    作者:菜鸟教程小白 | 时间:2022-6-23 09:34 | 阅读:27 | 回复:0
  • CVE-2022-29610
    CVE漏洞
    CVE-2022-29610
    SAP NetWeaver Application Server ABAP allows an authenticated attacker to upload malicious files and delete (theme) data, which could result in Stored Cross-Site Scripting (XSS) attack.……
    作者:菜鸟教程小白 | 时间:2022-6-23 09:34 | 阅读:40 | 回复:0
  • CVE-2022-28774
    CVE漏洞
    CVE-2022-28774
    Under certain conditions, the SAP Host Agent logfile shows information which would otherwise be restricted.……
    作者:菜鸟教程小白 | 时间:2022-6-23 09:34 | 阅读:28 | 回复:0
  • CVE-2022-28214
    CVE漏洞
    CVE-2022-28214
    During an update of SAP BusinessObjects Enterprise, Central Management Server (CMS) - versions 420, 430, authentication credentials are being exposed in Sysmon event logs. This Information Disclosure ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 09:34 | 阅读:31 | 回复:0
  • CVE-2022-27656
    CVE漏洞
    CVE-2022-27656
    The Web administration UI of SAP Web Dispatcher and the Internet Communication Manager (ICM) does not sufficiently encode user-controlled inputs, resulting in Cross-Site Scripting (XSS) vulnerability.……
    作者:菜鸟教程小白 | 时间:2022-6-23 09:34 | 阅读:32 | 回复:0
  • CVE-2022-1623
    CVE漏洞
    CVE-2022-1623
    LibTIFF master branch has an out-of-bounds read in LZWDecode in libtiff/tif_lzw.c:624, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sour ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 09:34 | 阅读:29 | 回复:0
  • CVE-2022-1622
    CVE漏洞
    CVE-2022-1622
    LibTIFF master branch has an out-of-bounds read in LZWDecode in libtiff/tif_lzw.c:619, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sour ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 09:34 | 阅读:32 | 回复:0
  • CVE-2022-1545
    CVE漏洞
    CVE-2022-1545
    It was possible to disclose details of confidential notes created via the API in Gitlab CE/EE affecting all versions from 13.2 prior to 14.8.6, 14.9 prior to 14.9.4, and 14.10 prior to 14.10.1 if an u ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 09:34 | 阅读:31 | 回复:0
  • CVE-2022-1510
    CVE漏洞
    CVE-2022-1510
    An issue has been discovered in GitLab affecting all versions starting from 13.9 before 14.8.6, all versions starting from 14.9 before 14.9.4, all versions starting from 14.10 before 14.10.1. GitLab w ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 09:34 | 阅读:32 | 回复:0
  • CVE-2022-1460
    CVE漏洞
    CVE-2022-1460
    An issue has been discovered in GitLab affecting all versions starting from 9.2 before 14.8.6, all versions starting from 14.9 before 14.9.4, all versions starting from 14.10 before 14.10.1. GitLab wa ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 09:34 | 阅读:35 | 回复:0
  • CVE-2022-1433
    CVE漏洞
    CVE-2022-1433
    An issue has been discovered in GitLab affecting all versions starting from 14.4 before 14.8.6, all versions starting from 14.9 before 14.9.4, all versions starting from 14.10 before 14.10.1. Missing ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 09:34 | 阅读:41 | 回复:0
  • CVE-2022-1428
    CVE漏洞
    CVE-2022-1428
    An issue has been discovered in GitLab affecting all versions before 14.8.6, all versions starting from 14.9 before 14.9.4, all versions starting from 14.10 before 14.10.1. GitLab was incorrectly veri ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 09:34 | 阅读:32 | 回复:0
  • CVE-2022-1426
    CVE漏洞
    CVE-2022-1426
    An issue has been discovered in GitLab affecting all versions starting from 12.6 before 14.8.6, all versions starting from 14.9 before 14.9.4, all versions starting from 14.10 before 14.10.1. GitLab w ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 09:34 | 阅读:39 | 回复:0
  • CVE-2022-1406
    CVE漏洞
    CVE-2022-1406
    Improper input validation in GitLab CE/EE affecting all versions from 8.12 prior to 14.8.6, all versions from 14.9.0 prior to 14.9.4, and 14.10.0 allows a Developer to read protected Group or Project ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 09:34 | 阅读:34 | 回复:0
  • CVE-2022-1352
    CVE漏洞
    CVE-2022-1352
    Due to an insecure direct object reference vulnerability in Gitlab EE/CE affecting all versions from 11.0 prior to 14.8.6, 14.9 prior to 14.9.4, and 14.10 prior to 14.10.1, an endpoint may reveal the ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 09:34 | 阅读:36 | 回复:0
  • CVE-2022-1124
    CVE漏洞
    CVE-2022-1124
    An improper authorization issue has been discovered in GitLab CE/EE affecting all versions prior to 14.8.6, all versions from 14.9.0 prior to 14.9.4, and 14.10.0, allowing Guest project members to acc ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 09:34 | 阅读:33 | 回复:0
  • CVE-2021-44167
    CVE漏洞
    CVE-2021-44167
    An incorrect permission assignment for critical resource vulnerability in FortiClient for Linux version 6.0.8 and below, 6.2.9 and below, 6.4.7 and below, 7.0.2 and below may allow an unauthenticated ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 09:34 | 阅读:40 | 回复:0
  • CVE-2021-43081
    CVE漏洞
    CVE-2021-43081
    An improper neutralization of input during web page generation vulnerability in FortiOS version 7.0.3 and below, 6.4.8 and below, 6.2.10 and below, 6.0.14 to 6.0.0. and in FortiProxy version 7.0.1 an ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 09:34 | 阅读:38 | 回复:0
  • CVE-2021-42651
    CVE漏洞
    CVE-2021-42651
    A Server Side Template Injection (SSTI) vulnerability in Pentest-Collaboration-Framework v1.0.8 allows an authenticated remote attacker to execute arbitrary code through /project/PROJECTNAME/reports/.……
    作者:菜鸟教程小白 | 时间:2022-6-23 09:34 | 阅读:49 | 回复:0
  • CVE-2021-37851
    CVE漏洞
    CVE-2021-37851
    Local privilege escalation in Windows products of ESET allows user who is logged into the system to exploit repair feature of the installer to run malicious code with higher privileges. This issue aff ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 09:34 | 阅读:54 | 回复:0
  • CVE-2021-34606
    CVE漏洞
    CVE-2021-34606
    A vulnerability exists in XINJE XD/E Series PLC Program Tool in versions up to v3.5.1 that can allow an authenticated, local attacker to load a malicious DLL. Local access is required to successfully ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 09:34 | 阅读:44 | 回复:0
  • CVE-2021-34605
    CVE漏洞
    CVE-2021-34605
    A zip slip vulnerability in XINJE XD/E Series PLC Program Tool up to version v3.5.1 can provide an attacker with arbitrary file write privilege when opening a specially-crafted project file. This vuln ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 09:34 | 阅读:48 | 回复:0
  • CVE-2022-29978
    CVE漏洞
    CVE-2022-29978
    There is a floating point exception error in sixel_encoder_do_resize, encoder.c:633 in libsixel img2sixel 1.8.6. Remote attackers could leverage this vulnerability to cause a denial-of-service via a c ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 09:34 | 阅读:56 | 回复:0
  • CVE-2022-29977
    CVE漏洞
    CVE-2022-29977
    There is an assertion failure error in stbi__jpeg_huff_decode, stb_image.h:1894 in libsixel img2sixel 1.8.6. Remote attackers could leverage this vulnerability to cause a denial-of-service via a craft ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 09:34 | 阅读:68 | 回复:0
  • CVE-2022-29932
    CVE漏洞
    CVE-2022-29932
    The HTTP Server in PRIMEUR SPAZIO 2.5.1.954 (File Transfer) allows an unauthenticated attacker to obtain sensitive data (related to the content of transferred files) via a crafted HTTP request.……
    作者:菜鸟教程小白 | 时间:2022-6-23 09:34 | 阅读:62 | 回复:0
  • CVE-2022-29009
    CVE漏洞
    CVE-2022-29009
    Multiple SQL injection vulnerabilities via the username and password parameters in the Admin panel of Cyber Cafe Management System Project v1.0 allows attackers to bypass authentication.……
    作者:菜鸟教程小白 | 时间:2022-6-23 09:34 | 阅读:75 | 回复:0
  • CVE-2022-29008
    CVE漏洞
    CVE-2022-29008
    An insecure direct object reference (IDOR) vulnerability in the viewid parameter of Bus Pass Management System v1.0 allows attackers to access sensitive information.……
    作者:菜鸟教程小白 | 时间:2022-6-23 09:34 | 阅读:78 | 回复:0
  • CVE-2022-29007
    CVE漏洞
    CVE-2022-29007
    Multiple SQL injection vulnerabilities via the username and password parameters in the Admin panel of Dairy Farm Shop Management System v1.0 allows attackers to bypass authentication.……
    作者:菜鸟教程小白 | 时间:2022-6-23 09:34 | 阅读:106 | 回复:0
  • CVE-2022-29006
    CVE漏洞
    CVE-2022-29006
    Multiple SQL injection vulnerabilities via the username and password parameters in the Admin panel of Directory Management System v1.0 allows attackers to bypass authentication.……
    作者:菜鸟教程小白 | 时间:2022-6-23 09:34 | 阅读:150 | 回复:0
  • CVE-2022-28078
    CVE漏洞
    CVE-2022-28078
    Home Owners Collection Management v1 was discovered to contain a reflected cross-site scripting (XSS) vulnerability in the Admin panel via the $_GET parameter.……
    作者:菜鸟教程小白 | 时间:2022-6-23 09:34 | 阅读:132 | 回复:0
  • CVE-2022-28077
    CVE漏洞
    CVE-2022-28077
    Home Owners Collection Management v1 was discovered to contain a reflected cross-site scripting (XSS) vulnerability in the Admin panel via the $_GET parameter.……
    作者:菜鸟教程小白 | 时间:2022-6-23 09:34 | 阅读:90 | 回复:0
  • CVE-2022-29976
    CVE漏洞
    CVE-2022-29976
    An Authenticated Reflected Cross-site scripting at BCC Parameter was discovered in MDaemon before 22.0.0 .……
    作者:菜鸟教程小白 | 时间:2022-6-23 09:34 | 阅读:85 | 回复:0
  • CVE-2022-29975
    CVE漏洞
    CVE-2022-29975
    An Authenticated Reflected Cross-site scripting at CC Parameter was discovered in MDaemon before 22.0.0 .……
    作者:菜鸟教程小白 | 时间:2022-6-23 09:34 | 阅读:90 | 回复:0
  • CVE-2022-29728
    CVE漏洞
    CVE-2022-29728
    Survey Sparrow Enterprise Survey Software 2022 has a Reflected cross-site scripting (XSS) vulnerability in the test parameter.……
    作者:菜鸟教程小白 | 时间:2022-6-23 09:34 | 阅读:128 | 回复:0
  • CVE-2022-29727
    CVE漏洞
    CVE-2022-29727
    Survey Sparrow Enterprise Survey Software 2022 has a Stored cross-site scripting (XSS) vulnerability in the Signup parameter.……
    作者:菜鸟教程小白 | 时间:2022-6-23 09:34 | 阅读:227 | 回复:0
  • CVE-2022-29656
    CVE漏洞
    CVE-2022-29656
    Wedding Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /Wedding-Management/package_detail.php.……
    作者:菜鸟教程小白 | 时间:2022-6-23 09:34 | 阅读:138 | 回复:0
  • CVE-2022-29655
    CVE漏洞
    CVE-2022-29655
    An arbitrary file upload vulnerability in the Upload Photos module of Wedding Management System v1.0 allows attackers to execute arbitrary code via a crafted PHP file.……
    作者:菜鸟教程小白 | 时间:2022-6-23 09:34 | 阅读:104 | 回复:0
  • CVE-2022-29318
    CVE漏洞
    CVE-2022-29318
    An arbitrary file upload vulnerability in the New Entry module of Car Rental Management System v1.0 allows attackers to execute arbitrary code via a crafted PHP file.……
    作者:菜鸟教程小白 | 时间:2022-6-23 09:34 | 阅读:82 | 回复:0
  • CVE-2022-29317
    CVE漏洞
    CVE-2022-29317
    Simple Bus Ticket Booking System v1.0 was discovered to contain multiple SQL injection vulnerbilities via the username and password parameters at /assets/partials/_handleLogin.php.……
    作者:菜鸟教程小白 | 时间:2022-6-23 09:34 | 阅读:56 | 回复:0
  • CVE-2022-29316
    CVE漏洞
    CVE-2022-29316
    Complete Online Job Search System v1.0 was discovered to contain a SQL injection vulnerability via /eris/index.php?q=resultsearchfor=advancesearch.……
    作者:菜鸟教程小白 | 时间:2022-6-23 09:34 | 阅读:57 | 回复:0

关注我们

极客给你想要的成长

关注极客中国获取最新资讯

加入Q群 官方微博
热门推荐
More+
专题导读
More+
热门话题
More+
阅读排行榜

扫描微信二维码

查看手机版网站

随时了解更新最新资讯

139-2527-9053

在线客服(服务时间 9:00~18:00)

在线QQ客服
地址:深圳市南山区西丽大学城创智工业园
电邮:jeky_zhao#qq.com
移动电话:139-2527-9053

Powered by 互联科技 X3.4© 2001-2213 极客世界.|Sitemap