漏洞 - 第243页-OGeek|极客世界-中国程序员成长平台

OGeek|极客世界-中国程序员成长平台 › 门户 ›漏洞

漏洞

RSS

下级分类:

CVE漏洞

CVE-2022-1603

The Mail Subscribe List WordPress plugin before 2.1.4 does not have CSRF check in place when deleting subscribed users, which could allow attackers to make a logged in admin perform such action and de ...……

作者：菜鸟教程小白 | 时间：2022-6-23 09:07 | 阅读：77 | 回复：0
CVE漏洞

CVE-2022-1472

The Better Find and Replace WordPress plugin before 1.3.6 does not properly sanitise, validate and escape various parameters before using them in an SQL statement, leading to an SQL Injection……

作者：菜鸟教程小白 | 时间：2022-6-23 09:07 | 阅读：64 | 回复：0
CVE漏洞

CVE-2022-1266

The Post Grid, Slider Carousel Ultimate WordPress plugin before 1.5.0 does not sanitise and escape the Header Title, which could allow high privilege users to perform Cross-Site Scripting attacks eve ...……

作者：菜鸟教程小白 | 时间：2022-6-23 09:07 | 阅读：79 | 回复：0
CVE漏洞

CVE-2022-0663

The Print, PDF, Email by PrintFriendly WordPress plugin before 5.2.3 does not sanitise and escape the Custom Button Text settings, which could allow high privilege users such as admin to perform cross ...……

作者：菜鸟教程小白 | 时间：2022-6-23 09:07 | 阅读：59 | 回复：0
CVE漏洞

CVE-2021-25121

The Rating by BestWebSoft WordPress plugin through 1.5 does not validate the submitted rating, allowing submission of long integer, causing a Denial of Service on the post/page when a user submit such ...……

作者：菜鸟教程小白 | 时间：2022-6-23 09:07 | 阅读：55 | 回复：0
CVE漏洞

CVE-2021-25104

The Ocean Extra WordPress plugin before 1.9.5 does not escape generated links which are then used when the OceanWP is active, leading to a Reflected Cross-Site Scripting issue……

作者：菜鸟教程小白 | 时间：2022-6-23 09:07 | 阅读：77 | 回复：0
CVE漏洞

CVE-2021-25088

The XML Sitemaps WordPress plugin before 4.1.3 does not sanitise and escape a settings before outputting it in the Debug page, which could allow high privilege users to perform Cross-Site Scripting at ...……

作者：菜鸟教程小白 | 时间：2022-6-23 09:07 | 阅读：49 | 回复：0
CVE漏洞

CVE-2022-31734

** Unsupported When Assigned ** Cisco Catalyst 2940 Series Switches provided by Cisco Systems, Inc. contain a reflected cross-site scripting vulnerability regarding error page generation. An arbitrary ...……

作者：菜鸟教程小白 | 时间：2022-6-23 09:07 | 阅读：60 | 回复：0
CVE漏洞

CVE-2022-2130

Cross-site Scripting (XSS) - Reflected in GitHub repository microweber/microweber prior to 1.2.17.……

作者：菜鸟教程小白 | 时间：2022-6-23 09:07 | 阅读：45 | 回复：0
CVE漏洞

CVE-2022-26669

ASUS Control Center is vulnerable to SQL injection. An authenticated remote attacker with general user privilege can inject SQL command to specific API parameters to acquire database schema or access ...……

作者：菜鸟教程小白 | 时间：2022-6-23 09:07 | 阅读：77 | 回复：0
CVE漏洞

CVE-2022-26668

ASUS Control Center API has a broken access control vulnerability. An unauthenticated remote attacker can call privileged API functions to perform partial system operations or cause partial disrupt of ...……

作者：菜鸟教程小白 | 时间：2022-6-23 09:07 | 阅读：74 | 回复：0
CVE漏洞

CVE-2022-21742

Realtek USB driver has a buffer overflow vulnerability due to insufficient parameter length verification in the API function. An unauthenticated LAN attacker can exploit this vulnerability to disrupt ...……

作者：菜鸟教程小白 | 时间：2022-6-23 09:07 | 阅读：85 | 回复：0
CVE漏洞

CVE-2021-45918

NHI’s health insurance web service component has insufficient validation for input string length, which can result in heap-based buffer overflow attack. A remote attacker can exploit this vulnerabili ...……

作者：菜鸟教程小白 | 时间：2022-6-23 09:07 | 阅读：163 | 回复：0
CVE漏洞

CVE-2017-20064

A vulnerability was found in Elefant CMS 1.3.12-RC. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /designer/add/layout. The manipulation lead ...……

作者：菜鸟教程小白 | 时间：2022-6-23 09:07 | 阅读：375 | 回复：0
CVE漏洞

CVE-2017-20063

A vulnerability was found in Elefant CMS 1.3.12-RC. It has been classified as critical. Affected is an unknown function of the file /filemanager/upload/drop of the component File Upload. The manipulat ...……

作者：菜鸟教程小白 | 时间：2022-6-23 09:07 | 阅读：134 | 回复：0
CVE漏洞

CVE-2017-20062

A vulnerability was found in Elefant CMS 1.3.12-RC and classified as problematic. This issue affects some unknown processing. The manipulation leads to cross-site request forgery. The attack may be in ...……

作者：菜鸟教程小白 | 时间：2022-6-23 09:07 | 阅读：66 | 回复：0
CVE漏洞

CVE-2017-20061

A vulnerability has been found in Elefant CMS 1.3.12-RC and classified as problematic. This vulnerability affects unknown code of the file /admin/extended. The manipulation of the argument name with t ...……

作者：菜鸟教程小白 | 时间：2022-6-23 09:07 | 阅读：61 | 回复：0
CVE漏洞

CVE-2017-20060

A vulnerability, which was classified as problematic, was found in Elefant CMS 1.3.12-RC. This affects an unknown part of the component Blog Post Handler. The manipulation leads to basic cross site sc ...……

作者：菜鸟教程小白 | 时间：2022-6-23 09:07 | 阅读：67 | 回复：0
CVE漏洞

CVE-2017-20059

A vulnerability, which was classified as problematic, has been found in Elefant CMS 1.3.12-RC. Affected by this issue is some unknown functionality of the component Title Handler. The manipulation wit ...……

作者：菜鸟教程小白 | 时间：2022-6-23 09:07 | 阅读：54 | 回复：0
CVE漏洞

CVE-2017-20058

A vulnerability classified as problematic was found in Elefant CMS 1.3.12-RC. Affected by this vulnerability is an unknown functionality of the component Version Comparison. The manipulation leads to ...……

作者：菜鸟教程小白 | 时间：2022-6-23 09:07 | 阅读：63 | 回复：0
CVE漏洞

CVE-2017-20057

A vulnerability classified as problematic has been found in Elefant CMS 1.3.12-RC. Affected is an unknown function. The manipulation of the argument username leads to basic cross site scripting (Persi ...……

作者：菜鸟教程小白 | 时间：2022-6-23 09:07 | 阅读：71 | 回复：0
CVE漏洞

CVE-2022-2023

Incorrect Use of Privileged APIs in GitHub repository polonel/trudesk prior to 1.2.4.……

作者：菜鸟教程小白 | 时间：2022-6-23 09:07 | 阅读：79 | 回复：0
CVE漏洞

CVE-2022-1836

** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2022-33981. Reason: This candidate is a reservation duplicate of CVE-2022-33981. Notes: All CVE users should reference CVE-2022-33981 ins ...……

作者：菜鸟教程小白 | 时间：2022-6-23 09:07 | 阅读：112 | 回复：0
CVE漏洞

CVE-2022-34006

An issue was discovered in TitanFTP (aka Titan FTP) NextGen before 1.2.1050. When installing, Microsoft SQL Express 2019 installs by default with an SQL instance running as SYSTEM with BUILTIN\Users a ...……

作者：菜鸟教程小白 | 时间：2022-6-23 09:07 | 阅读：92 | 回复：0
CVE漏洞

CVE-2022-34005

An issue was discovered in TitanFTP (aka Titan FTP) NextGen before 1.2.1050. There is Remote Code Execution due to a hardcoded password for the sa account on the Microsoft SQL Express 2019 instance in ...……

作者：菜鸟教程小白 | 时间：2022-6-23 09:07 | 阅读：82 | 回复：0
CVE漏洞

CVE-2022-34000

libjxl 0.6.1 has an assertion failure in LowMemoryRenderPipeline::Init() in render_pipeline/low_memory_render_pipeline.cc.……

作者：菜鸟教程小白 | 时间：2022-6-23 09:07 | 阅读：57 | 回复：0
CVE漏洞

CVE-2022-2129

Out-of-bounds Write in GitHub repository vim/vim prior to 8.2.……

作者：菜鸟教程小白 | 时间：2022-6-23 09:07 | 阅读：44 | 回复：0
CVE漏洞

CVE-2022-2126

Out-of-bounds Read in GitHub repository vim/vim prior to 8.2.……

作者：菜鸟教程小白 | 时间：2022-6-23 09:07 | 阅读：33 | 回复：0
CVE漏洞

CVE-2022-2125

Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2.……

作者：菜鸟教程小白 | 时间：2022-6-23 09:07 | 阅读：30 | 回复：0
CVE漏洞

CVE-2022-23071

In Recipes, versions 0.9.1 through 1.2.5 are vulnerable to Server Side Request Forgery (SSRF), in the “Import Recipe” functionality. When an attacker enters the localhost URL, a low privileged attac ...……

作者：菜鸟教程小白 | 时间：2022-6-23 09:07 | 阅读：47 | 回复：0
CVE漏洞

CVE-2022-2124

Buffer Over-read in GitHub repository vim/vim prior to 8.2.……

作者：菜鸟教程小白 | 时间：2022-6-23 09:07 | 阅读：29 | 回复：0
CVE漏洞

CVE-2014-125025

A vulnerability classified as problematic has been found in FFmpeg 2.0. This affects the function decode_pulses. The manipulation leads to memory corruption. It is possible to initiate the attack remo ...……

作者：菜鸟教程小白 | 时间：2022-6-23 09:07 | 阅读：33 | 回复：0
CVE漏洞

CVE-2014-125024

A vulnerability was found in FFmpeg 2.0. It has been rated as critical. Affected by this issue is the function lag_decode_frame. The manipulation leads to memory corruption. The attack may be launched ...……

作者：菜鸟教程小白 | 时间：2022-6-23 09:07 | 阅读：30 | 回复：0
CVE漏洞

CVE-2014-125023

A vulnerability was found in FFmpeg 2.0. It has been declared as problematic. Affected by this vulnerability is the function truemotion1_decode_header of the component Truemotion1 Handler. The manipul ...……

作者：菜鸟教程小白 | 时间：2022-6-23 09:07 | 阅读：20 | 回复：0
CVE漏洞

CVE-2014-125022

A vulnerability was found in FFmpeg 2.0. It has been classified as problematic. Affected is the function shorten_decode_frame of the component Bitstream Buffer. The manipulation leads to memory corrup ...……

作者：菜鸟教程小白 | 时间：2022-6-23 09:07 | 阅读：21 | 回复：0
CVE漏洞

CVE-2014-125021

A vulnerability was found in FFmpeg 2.0 and classified as problematic. This issue affects the function cmv_process_header. The manipulation leads to memory corruption. The attack may be initiated remo ...……

作者：菜鸟教程小白 | 时间：2022-6-23 09:07 | 阅读：21 | 回复：0
CVE漏洞

CVE-2014-125020

A vulnerability has been found in FFmpeg 2.0 and classified as critical. This vulnerability affects the function decode_update_thread_context. The manipulation leads to memory corruption. The attack c ...……

作者：菜鸟教程小白 | 时间：2022-6-23 09:07 | 阅读：20 | 回复：0
CVE漏洞

CVE-2014-125019

A vulnerability, which was classified as problematic, was found in FFmpeg 2.0. This affects the function decode_nal_unit of the component Slice Segment Handler. The manipulation leads to memory corrup ...……

作者：菜鸟教程小白 | 时间：2022-6-23 09:07 | 阅读：17 | 回复：0
CVE漏洞

CVE-2014-125018

A vulnerability, which was classified as problematic, has been found in FFmpeg 2.0. Affected by this issue is the function decode_slice_header. The manipulation leads to memory corruption. The attack ...……

作者：菜鸟教程小白 | 时间：2022-6-23 09:07 | 阅读：14 | 回复：0
CVE漏洞

CVE-2022-33987

The got package before 12.1.0 for Node.js allows a redirect to a UNIX socket.……

作者：菜鸟教程小白 | 时间：2022-6-23 09:07 | 阅读：18 | 回复：0