漏洞 - 第245页-OGeek|极客世界-中国程序员成长平台

OGeek|极客世界-中国程序员成长平台 › 门户 ›漏洞

漏洞

RSS

下级分类:

CVE漏洞

CVE-2022-22485

In some cases, an unsuccessful attempt to log into IBM Spectrum Protect Operations Center 8.1.0.000 through 8.1.14.000 does not cause the administrator's invalid sign-on count to be incremented on ...……

作者：菜鸟教程小白 | 时间：2022-6-23 09:07 | 阅读：159 | 回复：0
CVE漏洞

CVE-2022-31357

Online Ordering System v2.3.2 was discovered to contain a SQL injection vulnerability via /ordering/admin/inventory/index.php?view=editid=.……

作者：菜鸟教程小白 | 时间：2022-6-23 09:07 | 阅读：81 | 回复：0
CVE漏洞

CVE-2022-31356

Online Ordering System v2.3.2 was discovered to contain a SQL injection vulnerability via /ordering/admin/store/index.php?view=editid=.……

作者：菜鸟教程小白 | 时间：2022-6-23 09:07 | 阅读：54 | 回复：0
CVE漏洞

CVE-2022-31355

Online Ordering System v2.3.2 was discovered to contain a SQL injection vulnerability via /ordering/index.php?q=categorysearch=.……

作者：菜鸟教程小白 | 时间：2022-6-23 09:07 | 阅读：51 | 回复：0
CVE漏洞

CVE-2022-31246

paymentrequest.py in Electrum before 4.2.2 allows a file:// URL in the r parameter of a payment request (e.g., within QR code data). On Windows, this can lead to capture of credentials over SMB. On Li ...……

作者：菜鸟教程小白 | 时间：2022-6-23 09:07 | 阅读：59 | 回复：0
CVE漏洞

CVE-2021-40903

A vulnerability in Antminer Monitor 0.50.0 exists because of backdoor or misconfiguration inside a settings file in flask server. Settings file has a predefined secret string, which would be randomly ...……

作者：菜鸟教程小白 | 时间：2022-6-23 09:07 | 阅读：45 | 回复：0
CVE漏洞

CVE-2022-33915

Versions of the Amazon AWS Apache Log4j hotpatch package before log4j-cve-2021-44228-hotpatch-1.3.5 are affected by a race condition that could lead to a local privilege escalation. This Hotpatch pack ...……

作者：菜鸟教程小白 | 时间：2022-6-23 09:07 | 阅读：32 | 回复：0
CVE漏洞

CVE-2022-33912

A permission issue affects users that deployed the shipped version of the Checkmk Debian package. Packages created by the agent bakery (enterprise editions only) were not affected. Using the shipped v ...……

作者：菜鸟教程小白 | 时间：2022-6-23 09:07 | 阅读：38 | 回复：0
CVE漏洞

CVE-2022-32276

** DISPUTED ** Grafana 8.4.3 allows unauthenticated access via (for example) a /dashboard/snapshot/*?orgId=0 URI. NOTE: the vendor considers this a UI bug, not a vulnerability.……

作者：菜鸟教程小白 | 时间：2022-6-23 09:07 | 阅读：37 | 回复：0
CVE漏洞

CVE-2022-31784

A vulnerability in the management interface of MiVoice Business through 9.3 PR1 and MiVoice Business Express through 8.0 SP3 PR3 could allow an unauthenticated attacker (that has network access to the ...……

作者：菜鸟教程小白 | 时间：2022-6-23 09:07 | 阅读：35 | 回复：0
CVE漏洞

CVE-2022-31296

Online Discussion Forum Site 1 was discovered to contain a blind SQL injection vulnerability via the component /odfs/posts/view_post.php.……

作者：菜鸟教程小白 | 时间：2022-6-23 09:07 | 阅读：28 | 回复：0
CVE漏洞

CVE-2022-2113

Cross-site Scripting (XSS) - Stored in GitHub repository inventree/inventree prior to 0.7.2.……

作者：菜鸟教程小白 | 时间：2022-6-23 09:07 | 阅读：26 | 回复：0
CVE漏洞

CVE-2022-2112

Improper Neutralization of Formula Elements in a CSV File in GitHub repository inventree/inventree prior to 0.7.2.……

作者：菜鸟教程小白 | 时间：2022-6-23 09:07 | 阅读：27 | 回复：0
CVE漏洞

CVE-2022-2111

Unrestricted Upload of File with Dangerous Type in GitHub repository inventree/inventree prior to 0.7.2.……

作者：菜鸟教程小白 | 时间：2022-6-23 09:07 | 阅读：24 | 回复：0
CVE漏洞

CVE-2021-45026

ASG technologies ASG-Zena Cross Platform Server Enterprise Edition 4.2.1 is vulnerable to Cross Site Scripting (XSS).……

作者：菜鸟教程小白 | 时间：2022-6-23 09:07 | 阅读：25 | 回复：0
CVE漏洞

CVE-2021-45025

ASG technologies ( A Rocket Software Company) ASG-Zena Cross Platform Server Enterprise Edition 4.2.1 is vulnerable to Cleartext Storage of Sensitive Information in a Cookie.……

作者：菜鸟教程小白 | 时间：2022-6-23 09:07 | 阅读：28 | 回复：0
CVE漏洞

CVE-2021-45024

ASG technologies ( A Rocket Software Company) ASG-Zena Cross Platform Server Enterprise Edition 4.2.1 is vulnerable to XML External Entity (XXE).……

作者：菜鸟教程小白 | 时间：2022-6-23 09:06 | 阅读：24 | 回复：0
CVE漏洞

CVE-2021-41490

Memory leaks in LazyPRM.cpp of OMPL v1.5.0 can cause unexpected behavior.……

作者：菜鸟教程小白 | 时间：2022-6-23 09:06 | 阅读：23 | 回复：0
CVE漏洞

CVE-2021-41408

VoIPmonitor WEB GUI up to version 24.61 is affected by SQL injection through the api.php file and user parameter.……

作者：菜鸟教程小白 | 时间：2022-6-23 09:06 | 阅读：21 | 回复：0
CVE漏洞

CVE-2020-36549

A vulnerability classified as critical was found in GE Voluson S8. Affected is the underlying Windows XP operating system. Missing patches might introduce an excessive attack surface. Access to the lo ...……

作者：菜鸟教程小白 | 时间：2022-6-23 09:06 | 阅读：24 | 回复：0
CVE漏洞

CVE-2020-36548

A vulnerability classified as problematic has been found in GE Voluson S8. Affected is the file /uscgi-bin/users.cgi of the Service Browser. The manipulation leads to improper authentication and eleva ...……

作者：菜鸟教程小白 | 时间：2022-6-23 09:06 | 阅读：21 | 回复：0
CVE漏洞

CVE-2020-36547

A vulnerability was found in GE Voluson S8. It has been rated as critical. This issue affects the Service Browser which itroduces hard-coded credentials. Attacking locally is a requirement. It is reco ...……

作者：菜鸟教程小白 | 时间：2022-6-23 09:06 | 阅读：14 | 回复：0
CVE漏洞

CVE-2019-12359

An issue was discovered in zzcms 2019. There is a SQL injection Vulnerability in /admin/ztliuyan_sendmail.php (when the attacker has admin authority) via the id parameter.……

作者：菜鸟教程小白 | 时间：2022-6-23 09:06 | 阅读：13 | 回复：0
CVE漏洞

CVE-2019-12358

An issue was discovered in zzcms 2019. There is a SQL injection Vulnerability in /dl/dl_sendsms.php (when the attacker has dls_print authority) via a dlid cookie.……

作者：菜鸟教程小白 | 时间：2022-6-23 09:06 | 阅读：16 | 回复：0
CVE漏洞

CVE-2019-12357

An issue was discovered in zzcms 2019. There is a SQL injection Vulnerability in /admin/deluser.php (when the attacker has admin authority) via the id parameter.……

作者：菜鸟教程小白 | 时间：2022-6-23 09:06 | 阅读：17 | 回复：0
CVE漏洞

CVE-2019-12356

An issue was discovered in zzcms 2019. There is a SQL injection Vulnerability in /user/dls_download.php (when the attacker has dls_download authority) via the id parameter.……

作者：菜鸟教程小白 | 时间：2022-6-23 09:06 | 阅读：21 | 回复：0
CVE漏洞

CVE-2019-12355

An issue was discovered in zzcms 2019. There is a SQL injection Vulnerability in /user/dls_print.php (when the attacker has dls_print authority) via the id parameter.……

作者：菜鸟教程小白 | 时间：2022-6-23 09:06 | 阅读：16 | 回复：0
CVE漏洞

CVE-2019-12354

An issue was discovered in zzcms 2019. There is a SQL injection Vulnerability in /admin/showbad.php (when the attacker has admin authority) via the id parameter.……

作者：菜鸟教程小白 | 时间：2022-6-23 09:06 | 阅读：12 | 回复：0
CVE漏洞

CVE-2019-12353

An issue was discovered in zzcms 2019. There is a SQL injection Vulnerability in /admin/dl_sendmail.php (when the attacker has admin authority) via the id parameter.……

作者：菜鸟教程小白 | 时间：2022-6-23 09:06 | 阅读：10 | 回复：0
CVE漏洞

CVE-2019-12352

An issue was discovered in zzcms 2019. There is a SQL injection Vulnerability in /dl/dl_sendmail.php (when the attacker has dls_print authority) via a dlid cookie.……

作者：菜鸟教程小白 | 时间：2022-6-23 09:06 | 阅读：10 | 回复：0
CVE漏洞

CVE-2018-25044

A vulnerability, which was classified as critical, has been found in uTorrent. This issue affects some unknown processing of the component Guest Account. The manipulation leads to privilege escalation ...……

作者：菜鸟教程小白 | 时间：2022-6-23 09:06 | 阅读：10 | 回复：0
CVE漏洞

CVE-2018-25043

A vulnerability classified as critical was found in uTorrent. This vulnerability affects unknown code of the component PRNG. The manipulation leads to weak authentication. The attack can be initiated ...……

作者：菜鸟教程小白 | 时间：2022-6-23 09:06 | 阅读：10 | 回复：0
CVE漏洞

CVE-2018-25042

A vulnerability classified as critical has been found in uTorrent. This affects an unknown part. The manipulation leads to memory corruption. It is possible to initiate the attack remotely. It is reco ...……

作者：菜鸟教程小白 | 时间：2022-6-23 09:06 | 阅读：10 | 回复：0
CVE漏洞

CVE-2018-25041

A vulnerability was found in uTorrent. It has been rated as critical. Affected by this issue is some unknown functionality of the component JSON RPC Server. The manipulation leads to privilege escalat ...……

作者：菜鸟教程小白 | 时间：2022-6-23 09:06 | 阅读：9 | 回复：0
CVE漏洞

CVE-2018-25040

A vulnerability was found in uTorrent Web. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the component HTTP RPC Server. The manipulation leads to priv ...……

作者：菜鸟教程小白 | 时间：2022-6-23 09:06 | 阅读：8 | 回复：0
CVE漏洞

CVE-2022-30329

An issue was found on TRENDnet TEW-831DR 1.0 601.130.1.1356 devices. An OS injection vulnerability exists within the web interface, allowing an attacker with valid credentials to execute arbitrary she ...……

作者：菜鸟教程小白 | 时间：2022-6-23 09:06 | 阅读：7 | 回复：0
CVE漏洞

CVE-2022-30328

An issue was found on TRENDnet TEW-831DR 1.0 601.130.1.1356 devices. The username and password setup for the web interface does not require entering the existing password. A malicious user can change ...……

作者：菜鸟教程小白 | 时间：2022-6-23 09:06 | 阅读：7 | 回复：0
CVE漏洞

CVE-2022-30327

An issue was found on TRENDnet TEW-831DR 1.0 601.130.1.1356 devices. The web interface is vulnerable to CSRF. An attacker can change the pre-shared key of the Wi-Fi router if the interface's IP ad ...……

作者：菜鸟教程小白 | 时间：2022-6-23 09:06 | 阅读：6 | 回复：0
CVE漏洞

CVE-2022-30326

An issue was found on TRENDnet TEW-831DR 1.0 601.130.1.1356 devices. The network pre-shared key field on the web interface is vulnerable to XSS. An attacker can use a simple XSS payload to crash the b ...……

作者：菜鸟教程小白 | 时间：2022-6-23 09:06 | 阅读：5 | 回复：0
CVE漏洞

CVE-2022-30325

An issue was found on TRENDnet TEW-831DR 1.0 601.130.1.1356 devices. The default pre-shared key for the Wi-Fi networks is the same for every router except for the last four digits. The device default ...……

作者：菜鸟教程小白 | 时间：2022-6-23 09:06 | 阅读：5 | 回复：0