• 设为首页
  • 点击收藏
  • 手机版
    手机扫一扫访问
    迪恩网络手机版
  • 关注官方公众号
    微信扫一扫关注
    迪恩网络公众号
登陆 注册
描述文字
OGeek|极客世界-中国程序员成长平台 门户 漏洞

漏洞

RSS

下级分类:

  • CVE-2022-28271
    CVE漏洞
    CVE-2022-28271
    Adobe Photoshop versions 22.5.6 (and earlier)and 23.2.2 (and earlier) are affected by a use-after-free vulnerability that could result in arbitrary code execution in the context of the current user. E ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 09:33 | 阅读:60 | 回复:0
  • CVE-2022-28270
    CVE漏洞
    CVE-2022-28270
    Adobe Photoshop versions 22.5.6 (and earlier) and 23.2.2 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 09:33 | 阅读:77 | 回复:0
  • CVE-2022-27909
    CVE漏洞
    CVE-2022-27909
    In Joomla component 'jDownloads 3.9.8.2 Stable' the remote user can change some parameters in the address bar and see the names of other users' files……
    作者:菜鸟教程小白 | 时间:2022-6-23 09:33 | 阅读:103 | 回复:0
  • CVE-2022-27784
    CVE漏洞
    CVE-2022-27784
    Adobe After Effects versions 22.2.1 (and earlier) and 18.4.5 (and earlier) are affected by a stack overflow vulnerability due to insecure handling of a crafted file, potentially resulting in arbitrary ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 09:33 | 阅读:84 | 回复:0
  • CVE-2022-27783
    CVE漏洞
    CVE-2022-27783
    Adobe After Effects versions 22.2.1 (and earlier) and 18.4.5 (and earlier) are affected by a stack overflow vulnerability due to insecure handling of a crafted file, potentially resulting in arbitrary ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 09:33 | 阅读:89 | 回复:0
  • CVE-2022-24105
    CVE漏洞
    CVE-2022-24105
    Adobe Photoshop versions 22.5.6 (and earlier)and 23.2.2 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current u ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 09:33 | 阅读:100 | 回复:0
  • CVE-2022-24099
    CVE漏洞
    CVE-2022-24099
    Adobe Photoshop versions 22.5.6 (and earlier)and 23.2.2 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 09:33 | 阅读:158 | 回复:0
  • CVE-2022-24098
    CVE漏洞
    CVE-2022-24098
    Adobe Photoshop versions 22.5.6 (and earlier)and 23.2.2 (and earlier) are affected by an improper input validation vulnerability when parsing a PCX file that could result in arbitrary code execution i ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 09:33 | 阅读:74 | 回复:0
  • CVE-2022-23802
    CVE漏洞
    CVE-2022-23802
    Joomla Guru extension 5.2.5 is affected by: Insecure Permissions. The impact is: obtain sensitive information (remote). The component is: Access to private information and components, possibility to v ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 09:33 | 阅读:48 | 回复:0
  • CVE-2022-23205
    CVE漏洞
    CVE-2022-23205
    Adobe Photoshop versions 22.5.6 (and earlier)and 23.2.2 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current u ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 09:33 | 阅读:40 | 回复:0
  • CVE-2021-27767
    CVE漏洞
    CVE-2021-27767
    The BigFix Console installer is created with InstallShield, which was affected by CVE-2021-41526, a vulnerability that could allow a local user to perform a privilege escalation. This vulnerability wa ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 09:33 | 阅读:41 | 回复:0
  • CVE-2021-27766
    CVE漏洞
    CVE-2021-27766
    The BigFix Client installer is created with InstallShield, which was affected by CVE-2021-41526, a vulnerability that could allow a local user to perform a privilege escalation. This vulnerability was ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 09:33 | 阅读:34 | 回复:0
  • CVE-2021-27765
    CVE漏洞
    CVE-2021-27765
    The BigFix Server API installer is created with InstallShield, which was affected by CVE-2021-41526, a vulnerability that could allow a local user to perform a privilege escalation. This vulnerability ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 09:33 | 阅读:32 | 回复:0
  • CVE-2021-27764
    CVE漏洞
    CVE-2021-27764
    Cookie without HTTPONLY flag set. NUMBER cookie(s) was set without Secure or HTTPOnly flags. The images show the cookie with the missing flag. (WebUI)……
    作者:菜鸟教程小白 | 时间:2022-6-23 09:33 | 阅读:23 | 回复:0
  • CVE-2021-27762
    CVE漏洞
    CVE-2021-27762
    Misconfigured security-related HTTP headers: Several security-related headers were missing or mis-configured on the web responses……
    作者:菜鸟教程小白 | 时间:2022-6-23 09:33 | 阅读:29 | 回复:0
  • CVE-2021-27761
    CVE漏洞
    CVE-2021-27761
    Weak web transport security (Weak TLS): An attacker may be able to decrypt the data using attacks……
    作者:菜鸟教程小白 | 时间:2022-6-23 09:33 | 阅读:23 | 回复:0
  • CVE-2021-27760
    CVE漏洞
    CVE-2021-27760
    An issue was discovered in the Sametime chat feature in the Notes 11.0 - 11.0.1 FP4 clients. An authenticated Sametime chat user could cause Remote Code Execution on another chat client by sending a s ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 09:33 | 阅读:24 | 回复:0
  • CVE-2021-27759
    CVE漏洞
    CVE-2021-27759
    This vulnerability arises because the application allows the user to perform some sensitive action without verifying that the request was sent intentionally. An attacker can cause a victim's brows ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 09:33 | 阅读:25 | 回复:0
  • CVE-2021-27758
    CVE漏洞
    CVE-2021-27758
    There is a security vulnerability in login form related to Cross-site Request Forgery which prevents user to login after attacker spam to login and system blocked victim's account.……
    作者:菜鸟教程小白 | 时间:2022-6-23 09:33 | 阅读:20 | 回复:0
  • CVE-2021-27751
    CVE漏洞
    CVE-2021-27751
    HCL Commerce is affected by an Insufficient Session Expiration vulnerability. After the session expires, in some circumstances, parts of the application are still accessible.……
    作者:菜鸟教程小白 | 时间:2022-6-23 09:33 | 阅读:28 | 回复:0
  • CVE-2019-12254
    CVE漏洞
    CVE-2019-12254
    In multiple Tecson Tankspion and GOKs SmartBox 4 products the affected application doesn't properly restrict access to an endpoint that is responsible for saving settings, to a unauthenticated use ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 09:33 | 阅读:15 | 回复:0
  • CVE-2022-29421
    CVE漏洞
    CVE-2022-29421
    Reflected Cross-Site Scripting (XSS) vulnerability in Adam Skaat's Countdown Clock plugin on WordPress via ycd_type vulnerable parameter.……
    作者:菜鸟教程小白 | 时间:2022-6-23 09:33 | 阅读:18 | 回复:0
  • CVE-2022-29420
    CVE漏洞
    CVE-2022-29420
    Authenticated (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Adam Skaat's Countdown Clock plugin = 2.3.2 at WordPress via ycd-circle-countdown-before-countdown and ycd-circle-countdo ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 09:33 | 阅读:19 | 回复:0
  • CVE-2022-28545
    CVE漏洞
    CVE-2022-28545
    FUDforum 3.1.1 is vulnerable to Stored XSS.……
    作者:菜鸟教程小白 | 时间:2022-6-23 09:33 | 阅读:18 | 回复:0
  • CVE-2022-28507
    CVE漏洞
    CVE-2022-28507
    Dragon Path Technologies Bharti Airtel Routers Hardware BDT-121 version 1.0 is vulnerable to Cross Site Scripting (XSS) via Dragon path router admin page.……
    作者:菜鸟教程小白 | 时间:2022-6-23 09:33 | 阅读:19 | 回复:0
  • CVE-2022-28165
    CVE漏洞
    CVE-2022-28165
    A vulnerability in the role-based access control (RBAC) functionality of the Brocade SANNav before 2.2.0 could allow an authenticated, remote attacker to access resources that they should not be able ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 09:33 | 阅读:15 | 回复:0
  • CVE-2022-27183
    CVE漏洞
    CVE-2022-27183
    The Monitoring Console app configured in Distributed mode allows for a Reflected XSS in a query parameter in Splunk Enterprise versions before 8.1.4. The Monitoring Console app is a bundled app includ ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 09:33 | 阅读:18 | 回复:0
  • CVE-2022-26889
    CVE漏洞
    CVE-2022-26889
    In Splunk Enterprise versions before 8.1.2, the uri path to load a relative resource within a web page is vulnerable to path traversal. It allows an attacker to potentially inject arbitrary content in ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 09:33 | 阅读:16 | 回复:0
  • CVE-2022-26070
    CVE漏洞
    CVE-2022-26070
    When handling a mismatched pre-authentication cookie, the application leaks the internal error message in the response, which contains the Splunk Enterprise local system path. The vulnerability impact ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 09:33 | 阅读:18 | 回复:0
  • CVE-2022-1053
    CVE漏洞
    CVE-2022-1053
    Keylime does not enforce that the agent registrar data is the same when the tenant uses it for validation of the EK and identity quote and the verifier for validating the integrity quote. This allows ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 09:33 | 阅读:21 | 回复:0
  • CVE-2021-42743
    CVE漏洞
    CVE-2021-42743
    A misconfiguration in the node default path allows for local privilege escalation from a lower privileged user to the Splunk user in Splunk Enterprise versions before 8.1.1 on Windows.……
    作者:菜鸟教程小白 | 时间:2022-6-23 09:33 | 阅读:20 | 回复:0
  • CVE-2021-36912
    CVE漏洞
    CVE-2021-36912
    Stored Cross-Site Scripting (XSS) vulnerability in Andrea Pernici News Sitemap for Google plugin = 1.0.16 on WordPress, attackers must have contributor or higher user role.……
    作者:菜鸟教程小白 | 时间:2022-6-23 09:33 | 阅读:18 | 回复:0
  • CVE-2021-33845
    CVE漏洞
    CVE-2021-33845
    The Splunk Enterprise REST API allows enumeration of usernames via the lockout error message. The potential vulnerability impacts Splunk Enterprise instances before 8.1.7 when configured to repress ve ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 09:33 | 阅读:20 | 回复:0
  • CVE-2021-31559
    CVE漏洞
    CVE-2021-31559
    A crafted request bypasses S2S TCP Token authentication writing arbitrary events to an index in Splunk Enterprise Indexer 8.1 versions before 8.1.5 and 8.2 versions before 8.2.1. The vulnerability imp ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 09:33 | 阅读:20 | 回复:0
  • CVE-2021-26253
    CVE漏洞
    CVE-2021-26253
    A potential vulnerability in Splunk Enterprise's implementation of DUO MFA allows for bypassing the MFA verification in Splunk Enterprise versions before 8.1.6. The potential vulnerability impacts ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 09:33 | 阅读:21 | 回复:0
  • CVE-2022-28164
    CVE漏洞
    CVE-2022-28164
    Brocade SANnav before SANnav 2.2.0 application uses the Blowfish symmetric encryption algorithm for the storage of passwords. This could allow an authenticated attacker to decrypt stored account passw ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 09:33 | 阅读:21 | 回复:0
  • CVE-2022-28163
    CVE漏洞
    CVE-2022-28163
    In Brocade SANnav before Brocade SANnav 2.2.0, multiple endpoints associated with Zone management are susceptible to SQL injection, allowing an attacker to run arbitrary SQL commands.……
    作者:菜鸟教程小白 | 时间:2022-6-23 09:33 | 阅读:22 | 回复:0
  • CVE-2022-21934
    CVE漏洞
    CVE-2022-21934
    Under certain circumstances an authenticated user could lock other users out of the system or take over their accounts in Metasys ADS/ADX/OAS server 10 versions prior to 10.1.5 and Metasys ADS/ADX/OAS ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 09:33 | 阅读:26 | 回复:0
  • CVE-2021-39027
    CVE漏洞
    CVE-2021-39027
    IBM Guardium Data Encryption (GDE) 4.0.0 and 5.0.0 prepares a structured message for communication with another component, but encoding or escaping of the data is either missing or done incorrectly. A ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 09:33 | 阅读:22 | 回复:0
  • CVE-2021-39023
    CVE漏洞
    CVE-2021-39023
    IBM Guardium Data Encryption (GDE) 4.0.0 and 5.0.0 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information co ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 09:33 | 阅读:18 | 回复:0

关注我们

极客给你想要的成长

关注极客中国获取最新资讯

加入Q群 官方微博
热门推荐
More+
专题导读
More+
热门话题
More+
阅读排行榜

扫描微信二维码

查看手机版网站

随时了解更新最新资讯

139-2527-9053

在线客服(服务时间 9:00~18:00)

在线QQ客服
地址:深圳市南山区西丽大学城创智工业园
电邮:jeky_zhao#qq.com
移动电话:139-2527-9053

Powered by 互联科技 X3.4© 2001-2213 极客世界.|Sitemap