漏洞 - 第246页-OGeek|极客世界-中国程序员成长平台

OGeek|极客世界-中国程序员成长平台 › 门户 ›漏洞

漏洞

RSS

下级分类:

CVE漏洞

CVE-2022-33756

CA Automic Automation 12.2 and 12.3 contain an entropy weakness vulnerability in the Automic AutomationEngine that could allow a remote attacker to potentially access sensitive data.……

作者：菜鸟教程小白 | 时间：2022-6-23 09:06 | 阅读：5 | 回复：0
CVE漏洞

CVE-2022-33755

CA Automic Automation 12.2 and 12.3 contain an insecure input handling vulnerability in the Automic Agent that could allow a remote attacker to potentially enumerate users.……

作者：菜鸟教程小白 | 时间：2022-6-23 09:06 | 阅读：5 | 回复：0
CVE漏洞

CVE-2022-33754

CA Automic Automation 12.2 and 12.3 contain an insufficient input validation vulnerability in the Automic agent that could allow a remote attacker to potentially execute arbitrary code.……

作者：菜鸟教程小白 | 时间：2022-6-23 09:06 | 阅读：5 | 回复：0
CVE漏洞

CVE-2022-33753

CA Automic Automation 12.2 and 12.3 contain an insecure file creation and handling vulnerability in the Automic agent that could allow a user to potentially elevate privileges.……

作者：菜鸟教程小白 | 时间：2022-6-23 09:06 | 阅读：5 | 回复：0
CVE漏洞

CVE-2022-33752

CA Automic Automation 12.2 and 12.3 contain an insufficient input validation vulnerability in the Automic agent that could allow a remote attacker to potentially execute arbitrary code.……

作者：菜鸟教程小白 | 时间：2022-6-23 09:06 | 阅读：5 | 回复：0
CVE漏洞

CVE-2022-33751

CA Automic Automation 12.2 and 12.3 contain an insecure memory handling vulnerability in the Automic agent that could allow a remote attacker to potentially access sensitive data.……

作者：菜鸟教程小白 | 时间：2022-6-23 09:06 | 阅读：6 | 回复：0
CVE漏洞

CVE-2022-33750

CA Automic Automation 12.2 and 12.3 contain an authentication error vulnerability in the Automic agent that could allow a remote attacker to potentially execute arbitrary commands.……

作者：菜鸟教程小白 | 时间：2022-6-23 09:06 | 阅读：7 | 回复：0
CVE漏洞

CVE-2022-33739

CA Clarity 15.8 and below and 15.9.0 contain an insecure XML parsing vulnerability that could allow a remote attacker to potentially view the contents of any file on the system.……

作者：菜鸟教程小白 | 时间：2022-6-23 09:06 | 阅读：7 | 回复：0
CVE漏洞

CVE-2022-31299

Haraj v3.7 was discovered to contain a reflected cross-site scripting (XSS) vulnerability in the User Upgrade Form.……

作者：菜鸟教程小白 | 时间：2022-6-23 09:06 | 阅读：7 | 回复：0
CVE漏洞

CVE-2022-26173

JForum v2.8.0 was discovered to contain a Cross-Site Request Forgery (CSRF) via http://target_host:port/jforum-2.8.0/jforum.page, which allows attackers to arbitrarily add admin accounts.……

作者：菜鸟教程小白 | 时间：2022-6-23 09:06 | 阅读：7 | 回复：0
CVE漏洞

CVE-2018-18907

An issue was discovered on D-Link DIR-850L 1.21WW devices. A partially completed WPA handshake is sufficient for obtaining full access to the wireless network. A client can access the network by sendi ...……

作者：菜鸟教程小白 | 时间：2022-6-23 09:06 | 阅读：7 | 回复：0
CVE漏洞

CVE-2021-46820

Arbitrary File Deletion vulnerability in XOS-Shop xos_shop_system 1.0.9 via current_manufacturer_image parameter to /shop/admin/categories.php……

作者：菜鸟教程小白 | 时间：2022-6-23 09:06 | 阅读：8 | 回复：0
CVE漏洞

CVE-2021-37764

Arbitrary File Deletion vulnerability in XOS-Shop xos_shop_system 1.0.9 via current_manufacturer_image parameter to /shop/admin/manufacturers.php.……

作者：菜鸟教程小白 | 时间：2022-6-23 09:06 | 阅读：8 | 回复：0
CVE漏洞

CVE-2021-36609

Cross Site Scripting (XSS) vulnerability in webTareas 2.2p1 via the Name field to /linkedcontent/editfolder.php.……

作者：菜鸟教程小白 | 时间：2022-6-23 09:06 | 阅读：8 | 回复：0
CVE漏洞

CVE-2021-36608

Cross Site Scripting (XSS) vulnerability in webTareas 2.2p1 via the Name field to /projects/editproject.php.……

作者：菜鸟教程小白 | 时间：2022-6-23 09:06 | 阅读：8 | 回复：0
CVE漏洞

CVE-2021-33295

Cross Site Scripting (XSS) vulnerability in Joplin Desktop App before 1.8.5 allows attackers to execute aribrary code due to improper sanitizing of html.……

作者：菜鸟教程小白 | 时间：2022-6-23 09:06 | 阅读：8 | 回复：0
CVE漏洞

CVE-2020-28865

An issue was discovered in PowerJob through 3.2.2, allows attackers to change arbitrary user passwords via the id parameter to /appinfo/save.……

作者：菜鸟教程小白 | 时间：2022-6-23 09:06 | 阅读：8 | 回复：0
CVE漏洞

CVE-2020-25459

An issue was discovered in function sync_tree in hetero_decision_tree_guest.py in WeBank FATE (Federated AI Technology Enabler) 0.1 through 1.4.2 allows attackers to read sensitive information during ...……

作者：菜鸟教程小白 | 时间：2022-6-23 09:06 | 阅读：8 | 回复：0
CVE漏洞

CVE-2022-31295

An issue in the delete_post() function of Online Discussion Forum Site 1 allows unauthenticated attackers to arbitrarily delete posts.……

作者：菜鸟教程小白 | 时间：2022-6-23 09:06 | 阅读：8 | 回复：0
CVE漏洞

CVE-2022-31464

Insecure permissions configuration in Adaware Protect v1.2.439.4251 allows attackers to escalate privileges via changing the service binary path.……

作者：菜鸟教程小白 | 时间：2022-6-23 09:06 | 阅读：17 | 回复：0
CVE漏洞

CVE-2022-27512

Temporary disruption of the ADM license service. The impact of this includes preventing new licenses from being issued or renewed by Citrix ADM.……

作者：菜鸟教程小白 | 时间：2022-6-23 09:06 | 阅读：15 | 回复：0
CVE漏洞

CVE-2022-27511

Corruption of the system by a remote, unauthenticated user. The impact of this can include the reset of the administrator password at the next device reboot, allowing an attacker with ssh access to co ...……

作者：菜鸟教程小白 | 时间：2022-6-23 09:06 | 阅读：72 | 回复：0
CVE漏洞

CVE-2022-24562

In IOBit IOTransfer 4.3.1.1561, an unauthenticated attacker can send GET and POST requests to Airserv and gain arbitrary read/write access to the entire file-system (with admin privileges) on the vict ...……

作者：菜鸟教程小白 | 时间：2022-6-23 09:06 | 阅读：54 | 回复：0
CVE漏洞

CVE-2020-35597

Victor CMS 1.0 is vulnerable to SQL injection via c_id parameter of admin_edit_comment.php, p_id parameter of admin_edit_post.php, u_id parameter of admin_edit_user.php, and edit parameter of admin_up ...……

作者：菜鸟教程小白 | 时间：2022-6-23 09:06 | 阅读：28 | 回复：0
CVE漏洞

CVE-2022-32547

In ImageMagick, there is load of misaligned address for type 'double', which requires 8 byte alignment and for type 'float', which requires 4 byte alignment at MagickCore/property.c. W ...……

作者：菜鸟教程小白 | 时间：2022-6-23 09:06 | 阅读：34 | 回复：0
CVE漏洞

CVE-2022-32546

A vulnerability was found in ImageMagick, causing an outside the range of representable values of type 'unsigned long' at coders/pcl.c, when crafted or untrusted input is processed. This leads ...……

作者：菜鸟教程小白 | 时间：2022-6-23 09:06 | 阅读：28 | 回复：0
CVE漏洞

CVE-2022-32545

A vulnerability was found in ImageMagick, causing an outside the range of representable values of type 'unsigned char' at coders/psd.c, when crafted or untrusted input is processed. This leads ...……

作者：菜鸟教程小白 | 时间：2022-6-23 09:06 | 阅读：57 | 回复：0
CVE漏洞

CVE-2022-31301

Haraj v3.7 was discovered to contain a stored cross-site scripting (XSS) vulnerability in the Post Ads component.……

作者：菜鸟教程小白 | 时间：2022-6-23 09:06 | 阅读：27 | 回复：0
CVE漏洞

CVE-2022-31294

An issue in the save_users() function of Online Discussion Forum Site 1 allows unauthenticated attackers to arbitrarily create or update user accounts.……

作者：菜鸟教程小白 | 时间：2022-6-23 09:06 | 阅读：48 | 回复：0
CVE漏洞

CVE-2022-30664

Adobe Animate version 22.0.5 (and earlier) is affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this is ...……

作者：菜鸟教程小白 | 时间：2022-6-23 09:06 | 阅读：41 | 回复：0
CVE漏洞

CVE-2022-30657

Adobe InCopy versions 17.2 (and earlier) and 16.4.1 (and earlier) are affected by a Use-After-Free vulnerability that could result in arbitrary code execution in the context of the current user. Explo ...……

作者：菜鸟教程小白 | 时间：2022-6-23 09:06 | 阅读：41 | 回复：0
CVE漏洞

CVE-2022-30656

Adobe InCopy versions 17.2 (and earlier) and 16.4.1 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. ...……

作者：菜鸟教程小白 | 时间：2022-6-23 09:06 | 阅读：39 | 回复：0
CVE漏洞

CVE-2022-30655

Adobe InCopy versions 17.2 (and earlier) and 16.4.1 (and earlier) are affected by a Use-After-Free vulnerability that could result in arbitrary code execution in the context of the current user. Explo ...……

作者：菜鸟教程小白 | 时间：2022-6-23 09:06 | 阅读：36 | 回复：0
CVE漏洞

CVE-2022-30654

Adobe InCopy versions 17.2 (and earlier) and 16.4.1 (and earlier) are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current ...……

作者：菜鸟教程小白 | 时间：2022-6-23 09:06 | 阅读：47 | 回复：0
CVE漏洞

CVE-2022-30653

Adobe InCopy versions 17.2 (and earlier) and 16.4.1 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. ...……

作者：菜鸟教程小白 | 时间：2022-6-23 09:06 | 阅读：51 | 回复：0
CVE漏洞

CVE-2022-30652

Adobe InCopy versions 17.2 (and earlier) and 16.4.1 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. ...……

作者：菜鸟教程小白 | 时间：2022-6-23 09:06 | 阅读：78 | 回复：0
CVE漏洞

CVE-2022-30651

Adobe InCopy versions 17.2 (and earlier) and 16.4.1 (and earlier) are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an alloc ...……

作者：菜鸟教程小白 | 时间：2022-6-23 09:06 | 阅读：32 | 回复：0
CVE漏洞

CVE-2022-30650

Adobe InCopy versions 17.2 (and earlier) and 16.4.1 (and earlier) are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current ...……

作者：菜鸟教程小白 | 时间：2022-6-23 09:06 | 阅读：91 | 回复：0
CVE漏洞

CVE-2022-2085

A NULL pointer dereference vulnerability was found in Ghostscript, which occurs when it tries to render a large number of bits in memory. When allocating a buffer device, it relies on an init_device_p ...……

作者：菜鸟教程小白 | 时间：2022-6-23 09:06 | 阅读：39 | 回复：0
CVE漏洞

CVE-2022-29866

OPC UA .NET Standard Stack 1.04.368 allows a remote attacker to exhaust the memory resources of a server via a crafted request that triggers Uncontrolled Resource Consumption.……

作者：菜鸟教程小白 | 时间：2022-6-23 09:06 | 阅读：37 | 回复：0