漏洞 - 第225页-OGeek|极客世界-中国程序员成长平台

OGeek|极客世界-中国程序员成长平台 › 门户 ›漏洞

漏洞

RSS

下级分类:

CVE漏洞

CVE-2022-23677

A remote execution of arbitrary code vulnerability was discovered in ArubaOS-Switch Devices version(s): ArubaOS-Switch 15.xx.xxxx: All versions; ArubaOS-Switch 16.01.xxxx: All versions; ArubaOS-Switch ...……

作者：菜鸟教程小白 | 时间：2022-6-23 09:34 | 阅读：23 | 回复：0
CVE漏洞

CVE-2022-23676

A remote execution of arbitrary code vulnerability was discovered in ArubaOS-Switch Devices version(s): ArubaOS-Switch 15.xx.xxxx: All versions; ArubaOS-Switch 16.01.xxxx: All versions; ArubaOS-Switch ...……

作者：菜鸟教程小白 | 时间：2022-6-23 09:34 | 阅读：21 | 回复：0
CVE漏洞

CVE-2022-0947

A vulnerability in ABB ARG600 Wireless Gateway series that could allow an attacker to exploit the vulnerability by remotely connecting to the serial port gateway, and/or protocol converter, depending ...……

作者：菜鸟教程小白 | 时间：2022-6-23 09:34 | 阅读：23 | 回复：0
CVE漏洞

CVE-2021-46771

Insufficient validation of addresses in AMD Secure Processor (ASP) firmware system call may potentially lead to arbitrary code execution by a compromised user application.……

作者：菜鸟教程小白 | 时间：2022-6-23 09:34 | 阅读：18 | 回复：0
CVE漏洞

CVE-2021-43010

In Safedog Apache v4.0.30255, attackers can bypass this product for SQL injection. Attackers can bypass access to sensitive data.……

作者：菜鸟教程小白 | 时间：2022-6-23 09:34 | 阅读：22 | 回复：0
CVE漏洞

CVE-2021-26408

Insufficient validation of elliptic curve points in SEV-legacy firmware may compromise SEV-legacy guest migration potentially resulting in loss of guest's integrity or confidentiality.……

作者：菜鸟教程小白 | 时间：2022-6-23 09:34 | 阅读：22 | 回复：0
CVE漏洞

CVE-2021-26390

A malicious or compromised UApp or ABL may coerce the bootloader into corrupting arbitrary memory potentially leading to loss of integrity of data.……

作者：菜鸟教程小白 | 时间：2022-6-23 09:34 | 阅读：34 | 回复：0
CVE漏洞

CVE-2021-26370

Improper validation of destination address in SVC_LOAD_FW_IMAGE_BY_INSTANCE and SVC_LOAD_BINARY_BY_ATTRIB in a malicious UApp or ABL may allow an attacker to overwrite arbitrary bootloader memory with ...……

作者：菜鸟教程小白 | 时间：2022-6-23 09:34 | 阅读：30 | 回复：0
CVE漏洞

CVE-2021-26353

Due to a mishandled error, it is possible to leave the DRTM UApp in a partially initialized state, which can result in unchecked memory writes when the UApp handles subsequent mailbox commands.……

作者：菜鸟教程小白 | 时间：2022-6-23 09:34 | 阅读：34 | 回复：0
CVE漏洞

CVE-2021-26352

Insufficient bound checks in System Management Unit (SMU) PCIe Hot Plug table may result in access/updates from/to invalid address space that could result in denial of service.……

作者：菜鸟教程小白 | 时间：2022-6-23 09:34 | 阅读：34 | 回复：0
CVE漏洞

CVE-2021-26332

Failure to verify SEV-ES TMR is not in MMIO space, SEV-ES FW could result in a potential loss of integrity or availability.……

作者：菜鸟教程小白 | 时间：2022-6-23 09:34 | 阅读：35 | 回复：0
CVE漏洞

CVE-2021-26324

A bug with the SEV-ES TMR may lead to a potential loss of memory integrity for SNP-active VMs.……

作者：菜鸟教程小白 | 时间：2022-6-23 09:34 | 阅读：66 | 回复：0
CVE漏洞

CVE-2022-22774

The DOM XML parser and SAX XML parser components of TIBCO Software Inc.'s TIBCO Managed File Transfer Command Center, TIBCO Managed File Transfer Command Center, TIBCO Managed File Transfer Intern ...……

作者：菜鸟教程小白 | 时间：2022-6-23 09:34 | 阅读：49 | 回复：0
CVE漏洞

CVE-2022-1649

Null pointer dereference in libr/bin/format/mach0/mach0.c in radareorg/radare2 in GitHub repository radareorg/radare2 prior to 5.7.0. It is likely to be exploitable. For more general description of he ...……

作者：菜鸟教程小白 | 时间：2022-6-23 09:34 | 阅读：52 | 回复：0
CVE漏洞

CVE-2022-22454

IBM InfoSphere Information Server 11.7 could allow a locally authenticated attacker to execute arbitrary commands on the system by sending a specially crafted request.……

作者：菜鸟教程小白 | 时间：2022-6-23 09:34 | 阅读：59 | 回复：0
CVE漏洞

CVE-2021-39024

IBM Guardium Data Encryption (GDE) 4.0.0.0 and 5.0.0.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intende ...……

作者：菜鸟教程小白 | 时间：2022-6-23 09:34 | 阅读：197 | 回复：0
CVE漏洞

CVE-2022-26988

TP-Link TL-WDR7660 2.0.30, Mercury D196G 20200109_2.0.4, and Fast FAC1900R 20190827_2.0.2 routers have a stack overflow issue in `MntAte` function. Local users could get remote code execution.……

作者：菜鸟教程小白 | 时间：2022-6-23 09:34 | 阅读：80 | 回复：0
CVE漏洞

CVE-2022-26987

TP-Link TL-WDR7660 2.0.30, Mercury D196G 20200109_2.0.4, and Fast FAC1900R 20190827_2.0.2 routers have a stack overflow issue in `MmtAtePrase` function. Local users could get remote code execution.……

作者：菜鸟教程小白 | 时间：2022-6-23 09:34 | 阅读：79 | 回复：0
CVE漏洞

CVE-2022-29329

D-Link DAP-1330_OSS-firmware_1.00b21 was discovered to contain a heap overflow via the devicename parameter in /goform/setDeviceSettings.……

作者：菜鸟教程小白 | 时间：2022-6-23 09:34 | 阅读：65 | 回复：0
CVE漏洞

CVE-2022-29328

D-Link DAP-1330_OSS-firmware_1.00b21 was discovered to contain a stack overflow via the function checkvalidupgrade.……

作者：菜鸟教程小白 | 时间：2022-6-23 09:34 | 阅读：51 | 回复：0
CVE漏洞

CVE-2022-29327

D-Link DIR-816 A2_v1.10CNB04 was discovered to contain a stack overflow via the urladd parameter in /goform/websURLFilterAddDel.……

作者：菜鸟教程小白 | 时间：2022-6-23 09:34 | 阅读：57 | 回复：0
CVE漏洞

CVE-2022-29326

D-Link DIR-816 A2_v1.10CNB04 was discovered to contain a stack overflow via the addhostfilter parameter in /goform/websHostFilter.……

作者：菜鸟教程小白 | 时间：2022-6-23 09:34 | 阅读：67 | 回复：0
CVE漏洞

CVE-2022-29325

D-Link DIR-816 A2_v1.10CNB04 was discovered to contain a stack overflow via the addurlfilter parameter in /goform/websURLFilter.……

作者：菜鸟教程小白 | 时间：2022-6-23 09:34 | 阅读：53 | 回复：0
CVE漏洞

CVE-2022-29324

D-Link DIR-816 A2_v1.10CNB04 was discovered to contain a stack overflow via the proto parameter in /goform/form2IPQoSTcAdd.……

作者：菜鸟教程小白 | 时间：2022-6-23 09:34 | 阅读：74 | 回复：0
CVE漏洞

CVE-2022-29323

D-Link DIR-816 A2_v1.10CNB04 was discovered to contain a stack overflow via the MAC parameter in /goform/editassignment.……

作者：菜鸟教程小白 | 时间：2022-6-23 09:34 | 阅读：140 | 回复：0
CVE漏洞

CVE-2022-29322

D-Link DIR-816 A2_v1.10CNB04 was discovered to contain a stack overflow via the IPADDR and nvmacaddr parameters in /goform/form2Dhcpip.……

作者：菜鸟教程小白 | 时间：2022-6-23 09:34 | 阅读：73 | 回复：0
CVE漏洞

CVE-2022-29321

D-Link DIR-816 A2_v1.10CNB04 was discovered to contain a stack overflow via the lanip parameter in /goform/setNetworkLan.……

作者：菜鸟教程小白 | 时间：2022-6-23 09:34 | 阅读：76 | 回复：0
CVE漏洞

CVE-2022-28915

D-Link DIR-816 A2_v1.10CNB04 was discovered to contain a command injection vulnerability via the admuser and admpass parameters in /goform/setSysAdm.……

作者：菜鸟教程小白 | 时间：2022-6-23 09:34 | 阅读：64 | 回复：0
CVE漏洞

CVE-2022-28913

TOTOLink N600R V5.3c.7159_B20190425 was discovered to contain a command injection vulnerability via the filename parameter in /setting/setUploadSetting.……

作者：菜鸟教程小白 | 时间：2022-6-23 09:34 | 阅读：50 | 回复：0
CVE漏洞

CVE-2022-28912

TOTOLink N600R V5.3c.7159_B20190425 was discovered to contain a command injection vulnerability via the filename parameter in /setting/setUpgradeFW.……

作者：菜鸟教程小白 | 时间：2022-6-23 09:34 | 阅读：41 | 回复：0
CVE漏洞

CVE-2022-28911

TOTOLink N600R V5.3c.7159_B20190425 was discovered to contain a command injection vulnerability via the filename parameter in /setting/CloudACMunualUpdate.……

作者：菜鸟教程小白 | 时间：2022-6-23 09:34 | 阅读：31 | 回复：0
CVE漏洞

CVE-2022-28910

TOTOLink N600R V5.3c.7159_B20190425 was discovered to contain a command injection vulnerability via the devicename parameter in /setting/setDeviceName.……

作者：菜鸟教程小白 | 时间：2022-6-23 09:34 | 阅读：26 | 回复：0
CVE漏洞

CVE-2022-28909

TOTOLink N600R V5.3c.7159_B20190425 was discovered to contain a command injection vulnerability via the webwlanidx parameter in /setting/setWebWlanIdx.……

作者：菜鸟教程小白 | 时间：2022-6-23 09:34 | 阅读：23 | 回复：0
CVE漏洞

CVE-2022-28908

TOTOLink N600R V5.3c.7159_B20190425 was discovered to contain a command injection vulnerability via the ipdoamin parameter in /setting/setDiagnosisCfg.……

作者：菜鸟教程小白 | 时间：2022-6-23 09:34 | 阅读：25 | 回复：0
CVE漏洞

CVE-2022-28907

TOTOLink N600R V5.3c.7159_B20190425 was discovered to contain a command injection vulnerability via the hosttime function in /setting/NTPSyncWithHost.……

作者：菜鸟教程小白 | 时间：2022-6-23 09:34 | 阅读：28 | 回复：0
CVE漏洞

CVE-2022-28906

TOTOLink N600R V5.3c.7159_B20190425 was discovered to contain a command injection vulnerability via the langtype parameter in /setting/setLanguageCfg.……

作者：菜鸟教程小白 | 时间：2022-6-23 09:34 | 阅读：20 | 回复：0
CVE漏洞

CVE-2022-28905

TOTOLink N600R V5.3c.7159_B20190425 was discovered to contain a command injection vulnerability via the devicemac parameter in /setting/setDeviceName.……

作者：菜鸟教程小白 | 时间：2022-6-23 09:34 | 阅读：41 | 回复：0
CVE漏洞

CVE-2022-28901

A command injection vulnerability in the component /SetTriggerLEDBlink/Blink of D-Link DIR882 DIR882A1_FW130B06 allows attackers to escalate privileges to root via a crafted payload.……

作者：菜鸟教程小白 | 时间：2022-6-23 09:34 | 阅读：39 | 回复：0
CVE漏洞

CVE-2022-28896

A command injection vulnerability in the component /setnetworksettings/SubnetMask of D-Link DIR882 DIR882A1_FW130B06 allows attackers to escalate privileges to root via a crafted payload.……

作者：菜鸟教程小白 | 时间：2022-6-23 09:34 | 阅读：51 | 回复：0
CVE漏洞

CVE-2022-28895

A command injection vulnerability in the component /setnetworksettings/IPAddress of D-Link DIR882 DIR882A1_FW130B06 allows attackers to escalate privileges to root via a crafted payload.……

作者：菜鸟教程小白 | 时间：2022-6-23 09:34 | 阅读：57 | 回复：0