• 设为首页
  • 点击收藏
  • 手机版
    手机扫一扫访问
    迪恩网络手机版
  • 关注官方公众号
    微信扫一扫关注
    迪恩网络公众号
登陆 注册
描述文字
OGeek|极客世界-中国程序员成长平台 门户 漏洞

漏洞

RSS

下级分类:

  • CVE-2022-31763
    CVE漏洞
    CVE-2022-31763
    The kernel module has the null pointer and out-of-bounds array vulnerabilities. Successful exploitation of this vulnerability may affect system availability.……
    作者:菜鸟教程小白 | 时间:2022-6-23 09:04 | 阅读:9 | 回复:0
  • CVE-2022-31762
    CVE漏洞
    CVE-2022-31762
    The AMS module has a vulnerability in input validation. Successful exploitation of this vulnerability may cause privilege escalation.……
    作者:菜鸟教程小白 | 时间:2022-6-23 09:04 | 阅读:10 | 回复:0
  • CVE-2022-31759
    CVE漏洞
    CVE-2022-31759
    AppLink has a vulnerability of accessing uninitialized pointers. Successful exploitation of this vulnerability may affect system availability.……
    作者:菜鸟教程小白 | 时间:2022-6-23 09:04 | 阅读:10 | 回复:0
  • CVE-2022-31758
    CVE漏洞
    CVE-2022-31758
    The kernel module has the race condition vulnerability. Successful exploitation of this vulnerability may affect data confidentiality.……
    作者:菜鸟教程小白 | 时间:2022-6-23 09:04 | 阅读:10 | 回复:0
  • CVE-2022-31756
    CVE漏洞
    CVE-2022-31756
    The fingerprint sensor module has design defects. Successful exploitation of this vulnerability may affect data confidentiality.……
    作者:菜鸟教程小白 | 时间:2022-6-23 09:04 | 阅读:10 | 回复:0
  • CVE-2022-31755
    CVE漏洞
    CVE-2022-31755
    The communication module has a vulnerability of improper permission preservation. Successful exploitation of this vulnerability may affect system availability.……
    作者:菜鸟教程小白 | 时间:2022-6-23 09:04 | 阅读:9 | 回复:0
  • CVE-2022-31751
    CVE漏洞
    CVE-2022-31751
    The kernel emcom module has multi-thread contention. Successful exploitation of this vulnerability may affect system availability.……
    作者:菜鸟教程小白 | 时间:2022-6-23 09:04 | 阅读:10 | 回复:0
  • CVE-2021-46814
    CVE漏洞
    CVE-2021-46814
    The video framework has an out-of-bounds memory read/write vulnerability. Successful exploitation of this vulnerability may affect system availability.……
    作者:菜鸟教程小白 | 时间:2022-6-23 09:04 | 阅读:9 | 回复:0
  • CVE-2022-30311
    CVE漏洞
    CVE-2022-30311
    In Festo Controller CECC-X-M1 product family in multiple versions, the http-endpoint cecc-x-refresh-request POST request doesn’t check for port syntax. This can result in unauthorized execution o ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 09:04 | 阅读:10 | 回复:0
  • CVE-2022-30310
    CVE漏洞
    CVE-2022-30310
    In Festo Controller CECC-X-M1 product family in multiple versions, the http-endpoint cecc-x-acknerr-request POST request doesn’t check for port syntax. This can result in unauthorized execution o ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 09:04 | 阅读:10 | 回复:0
  • CVE-2022-30309
    CVE漏洞
    CVE-2022-30309
    In Festo Controller CECC-X-M1 product family in multiple versions, the http-endpoint cecc-x-web-viewer-request-off POST request doesn’t check for port syntax. This can result in unauthorized exec ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 09:04 | 阅读:10 | 回复:0
  • CVE-2022-30308
    CVE漏洞
    CVE-2022-30308
    In Festo Controller CECC-X-M1 product family in multiple versions, the http-endpoint cecc-x-web-viewer-request-on POST request doesn’t check for port syntax. This can result in unauthorized execu ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 09:04 | 阅读:10 | 回复:0
  • CVE-2022-29244
    CVE漏洞
    CVE-2022-29244
    npm pack ignores root-level .gitignore and .npmignore file exclusion directives when run in a workspace or with a workspace flag (ie. `--workspaces`, `--workspace=name`). Anyone who has run `npm pack` ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 09:04 | 阅读:10 | 回复:0
  • CVE-2022-24077
    CVE漏洞
    CVE-2022-24077
    Naver Cloud Explorer Beta allows the attacker to execute arbitrary code as System privilege via malicious DLL injection.……
    作者:菜鸟教程小白 | 时间:2022-6-23 09:04 | 阅读:12 | 回复:0
  • CVE-2022-1969
    CVE漏洞
    CVE-2022-1969
    The Mobile browser color select plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.0.1. This is due to missing or incorrect nonce validation on the ad ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 09:04 | 阅读:13 | 回复:0
  • CVE-2022-1961
    CVE漏洞
    CVE-2022-1961
    The Google Tag Manager for WordPress (GTM4WP) plugin is vulnerable to Stored Cross-Site Scripting due to insufficient escaping via the `gtm4wp-options` parameter found in the `~/public/frontend.php` f ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 09:04 | 阅读:13 | 回复:0
  • CVE-2022-1820
    CVE漏洞
    CVE-2022-1820
    The Keep Backup Daily plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘t’ parameter in versions up to, and including, 2.0.2 due to insufficient input sanitization and ou ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 09:04 | 阅读:16 | 回复:0
  • CVE-2022-1768
    CVE漏洞
    CVE-2022-1768
    The RSVPMaker plugin for WordPress is vulnerable to unauthenticated SQL Injection due to insufficient escaping and parameterization on user supplied data passed to multiple SQL queries in the ~/rsvpma ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 09:04 | 阅读:15 | 回复:0
  • CVE-2022-1750
    CVE漏洞
    CVE-2022-1750
    The Sticky Popup plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘ popup_title' parameter in versions up to, and including, 1.2 due to insufficient input sanitization an ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 09:04 | 阅读:15 | 回复:0
  • CVE-2022-1749
    CVE漏洞
    CVE-2022-1749
    The WPMK Ajax Finder WordPress plugin is vulnerable to Cross-Site Request Forgery via the createplugin_atf_admin_setting_page() function found in the ~/inc/config/create-plugin-config.php file due to ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 09:04 | 阅读:15 | 回复:0
  • CVE-2022-1659
    CVE漏洞
    CVE-2022-1659
    Vulnerable versions of the JupiterX Core (= 2.0.6) plugin register an AJAX action jupiterx_conditional_manager which can be used to call any function in the includes/condition/class-condition-manager. ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 09:04 | 阅读:16 | 回复:0
  • CVE-2022-1658
    CVE漏洞
    CVE-2022-1658
    Vulnerable versions of the Jupiter Theme (= 6.10.1) allow arbitrary plugin deletion by any authenticated user, including users with the subscriber role, via the abb_remove_plugin AJAX action registere ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 09:04 | 阅读:18 | 回复:0
  • CVE-2022-1657
    CVE漏洞
    CVE-2022-1657
    Vulnerable versions of the Jupiter (= 6.10.1) and JupiterX (= 2.0.6) Themes allow logged-in users, including subscriber-level users, to perform Path Traversal and Local File inclusion. In the JupiterX ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 09:04 | 阅读:19 | 回复:0
  • CVE-2022-1654
    CVE漏洞
    CVE-2022-1654
    Jupiter Theme = 6.10.1 and JupiterX Core Plugin = 2.0.7 allow any authenticated attacker, including a subscriber or customer-level attacker, to gain administrative privileges via the abb_uninstall_tem ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 09:04 | 阅读:22 | 回复:0
  • CVE-2022-0209
    CVE漏洞
    CVE-2022-0209
    The Mitsol Social Post Feed plugin for WordPress is vulnerable to Stored Cross-Site Scripting in versions up to, and including, 1.10 due to insufficient input sanitization and output escaping on the a ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 09:04 | 阅读:22 | 回复:0
  • CVE-2022-31400
    CVE漏洞
    CVE-2022-31400
    A cross-site scripting (XSS) vulnerability in /staff/setup/email-addresses of Helpdeskz v2.0.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the email n ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 09:04 | 阅读:26 | 回复:0
  • CVE-2022-31398
    CVE漏洞
    CVE-2022-31398
    A cross-site scripting (XSS) vulnerability in /staff/tools/custom-fields of Helpdeskz v2.0.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the email nam ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 09:04 | 阅读:29 | 回复:0
  • CVE-2022-31041
    CVE漏洞
    CVE-2022-31041
    Open Forms is an application for creating and publishing smart forms. Open Forms supports file uploads as one of the form field types. These fields can be configured to allow only certain file extensi ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 09:04 | 阅读:28 | 回复:0
  • CVE-2022-2067
    CVE漏洞
    CVE-2022-2067
    SQL Injection in GitHub repository francoisjacquet/rosariosis prior to 9.0.……
    作者:菜鸟教程小白 | 时间:2022-6-23 09:04 | 阅读:29 | 回复:0
  • CVE-2022-2066
    CVE漏洞
    CVE-2022-2066
    Cross-site Scripting (XSS) - Reflected in GitHub repository neorazorx/facturascripts prior to 2022.06.……
    作者:菜鸟教程小白 | 时间:2022-6-23 09:04 | 阅读:20 | 回复:0
  • CVE-2022-2065
    CVE漏洞
    CVE-2022-2065
    Cross-site Scripting (XSS) - Stored in GitHub repository neorazorx/facturascripts prior to 2022.06.……
    作者:菜鸟教程小白 | 时间:2022-6-23 09:04 | 阅读:22 | 回复:0
  • CVE-2022-1985
    CVE漏洞
    CVE-2022-1985
    The Download Manager Plugin for WordPress is vulnerable to reflected Cross-Site Scripting in versions up to, and including 3.2.42. This is due to insufficient input sanitization and output escaping on ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 09:04 | 阅读:21 | 回复:0
  • CVE-2022-1918
    CVE漏洞
    CVE-2022-1918
    The ToolBar to Share plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 2.0. This is due to missing nonce validation on the plugin_toolbar_comparte page ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 09:04 | 阅读:21 | 回复:0
  • CVE-2022-1900
    CVE漏洞
    CVE-2022-1900
    The Copify plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.3.0. This is due to missing nonce validation on the CopifySettings page. This makes it p ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 09:04 | 阅读:18 | 回复:0
  • CVE-2022-1822
    CVE漏洞
    CVE-2022-1822
    The Zephyr Project Manager plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘project’ parameter in versions up to, and including, 3.2.40 due to insufficient input sanitiz ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 09:04 | 阅读:19 | 回复:0
  • CVE-2022-1814
    CVE漏洞
    CVE-2022-1814
    The WP Admin Style WordPress plugin through 0.1.2 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 09:04 | 阅读:17 | 回复:0
  • CVE-2022-1800
    CVE漏洞
    CVE-2022-1800
    The Export any WordPress data to XML/CSV WordPress plugin before 1.3.5 does not sanitize the cpt POST parameter when exporting post data before using it in a database query, leading to an SQL injectio ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 09:04 | 阅读:16 | 回复:0
  • CVE-2022-1793
    CVE漏洞
    CVE-2022-1793
    The Private Files WordPress plugin through 0.40 is missing CSRF check when disabling the protection, which could allow attackers to make a logged in admin perform such action via a CSRF attack and mak ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 09:04 | 阅读:16 | 回复:0
  • CVE-2022-1792
    CVE漏洞
    CVE-2022-1792
    The Quick Subscribe WordPress plugin through 1.7.1 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack and ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 09:04 | 阅读:14 | 回复:0
  • CVE-2022-1791
    CVE漏洞
    CVE-2022-1791
    The One Click Plugin Updater WordPress plugin through 2.4.14 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 09:04 | 阅读:11 | 回复:0

关注我们

极客给你想要的成长

关注极客中国获取最新资讯

加入Q群 官方微博
热门推荐
More+
专题导读
More+
热门话题
More+
阅读排行榜

扫描微信二维码

查看手机版网站

随时了解更新最新资讯

139-2527-9053

在线客服(服务时间 9:00~18:00)

在线QQ客服
地址:深圳市南山区西丽大学城创智工业园
电邮:jeky_zhao#qq.com
移动电话:139-2527-9053

Powered by 互联科技 X3.4© 2001-2213 极客世界.|Sitemap