• 设为首页
  • 点击收藏
  • 手机版
    手机扫一扫访问
    迪恩网络手机版
  • 关注官方公众号
    微信扫一扫关注
    迪恩网络公众号

漏洞

RSS

下级分类:

  • CVE-2021-4220
    CVE-2021-4220
    ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none.……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:30 | 阅读:6 | 回复:0
  • CVE-2021-4134
    CVE-2021-4134
    The Fancy Product Designer WordPress plugin is vulnerable to SQL Injection due to insufficient escaping and parameterization of the ID parameter found in the ~/inc/api/class-view.php file which allows ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:30 | 阅读:6 | 回复:0
  • CVE-2021-4106
    CVE-2021-4106
    A vulnerability in Snow Inventory Java Scanner allows an attacker to run malicious code at a higher level of privileges. This issue affects: SNOW Snow Inventory Java Scanner 1.0……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:30 | 阅读:8 | 回复:0
  • CVE-2021-3648
    CVE-2021-3648
    ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2021-3530. Reason: This candidate is a reservation duplicate of CVE-2021-3530. Notes: All CVE users should reference CVE-2021-3530 instea ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:30 | 阅读:8 | 回复:0
  • CVE-2021-3557
    CVE-2021-3557
    A flaw was found in argocd. Any unprivileged user is able to deploy argocd in their namespace and with the created ServiceAccount argocd-argocd-server, the unprivileged user is able to read all resour ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:30 | 阅读:8 | 回复:0
  • CVE-2021-3551
    CVE-2021-3551
    A flaw was found in the PKI-server, where the spkispawn command, when run in debug mode, stores admin credentials in the installation log file. This flaw allows a local attacker to retrieve the file t ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:30 | 阅读:7 | 回复:0
  • CVE-2021-39301
    CVE-2021-39301
    Potential vulnerabilities have been identified in UEFI firmware (BIOS) for some PC products which may allow escalation of privilege and arbitrary code execution.……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:30 | 阅读:9 | 回复:0
  • CVE-2021-39300
    CVE-2021-39300
    Potential vulnerabilities have been identified in UEFI firmware (BIOS) for some PC products which may allow escalation of privilege and arbitrary code execution.……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:30 | 阅读:9 | 回复:0
  • CVE-2021-39299
    CVE-2021-39299
    Potential vulnerabilities have been identified in UEFI firmware (BIOS) for some PC products which may allow escalation of privilege and arbitrary code execution.……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:30 | 阅读:9 | 回复:0
  • CVE-2021-39298
    CVE-2021-39298
    A potential vulnerability in AMD System Management Mode (SMM) interrupt handler may allow an attacker with high privileges to access the SMM resulting in arbitrary code execution which could be used b ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:30 | 阅读:8 | 回复:0
  • CVE-2021-39297
    CVE-2021-39297
    Potential vulnerabilities have been identified in UEFI firmware (BIOS) for some PC products which may allow escalation of privilege and arbitrary code execution.……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:30 | 阅读:9 | 回复:0
  • CVE-2021-23682
    CVE-2021-23682
    This affects the package litespeed.js before 0.3.12; the package appwrite/server-ce from 0.12.0 and before 0.12.2, before 0.11.1. When parsing the query string in the getJsonFromUrl function, the key ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:30 | 阅读:9 | 回复:0
  • CVE-2021-22050
    CVE-2021-22050
    ESXi contains a slow HTTP POST denial-of-service vulnerability in rhttpproxy. A malicious actor with network access to ESXi may exploit this issue to create a denial-of-service condition by overwhelmi ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:30 | 阅读:9 | 回复:0
  • CVE-2021-22043
    CVE-2021-22043
    VMware ESXi contains a TOCTOU (Time-of-check Time-of-use) vulnerability that exists in the way temporary files are handled. A malicious actor with access to settingsd, may exploit this issue to escala ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:30 | 阅读:10 | 回复:0
  • CVE-2021-22042
    CVE-2021-22042
    VMware ESXi contains an unauthorized access vulnerability due to VMX having access to settingsd authorization tickets. A malicious actor with privileges within the VMX process only, may be able to acc ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:30 | 阅读:12 | 回复:0
  • CVE-2021-22041
    CVE-2021-22041
    VMware ESXi, Workstation, and Fusion contain a double-fetch vulnerability in the UHCI USB controller. A malicious actor with local administrative privileges on a virtual machine may exploit this issue ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:30 | 阅读:11 | 回复:0
  • CVE-2021-22040
    CVE-2021-22040
    VMware ESXi, Workstation, and Fusion contain a use-after-free vulnerability in the XHCI USB controller. A malicious actor with local administrative privileges on a virtual machine may exploit this iss ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:30 | 阅读:11 | 回复:0
  • CVE-2021-21966
    CVE-2021-21966
    An information disclosure vulnerability exists in the HTTP Server /ping.html functionality of Texas Instruments CC3200 SimpleLink Solution NWP 2.9.0.0. A specially-crafted HTTP request can lead to an ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:30 | 阅读:11 | 回复:0
  • CVE-2021-21958
    CVE-2021-21958
    A heap-based buffer overflow vulnerability exists in the Hword HwordApp.dll functionality of Hancom Office 2020 11.0.0.2353. A specially-crafted malformed file can lead to memory corruption and potent ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:30 | 阅读:11 | 回复:0
  • CVE-2020-6922
    CVE-2020-6922
    Potential security vulnerabilities including compromise of integrity, and allowed communication with untrusted clients has been identified in HP Support Assistant software.……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:30 | 阅读:14 | 回复:0
  • CVE-2020-6921
    CVE-2020-6921
    Potential security vulnerabilities including compromise of integrity, and allowed communication with untrusted clients has been identified in HP Support Assistant software.……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:30 | 阅读:13 | 回复:0
  • CVE-2020-6920
    CVE-2020-6920
    Potential security vulnerabilities including compromise of integrity, and allowed communication with untrusted clients has been identified in HP Support Assistant software.……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:30 | 阅读:12 | 回复:0
  • CVE-2020-6919
    CVE-2020-6919
    Potential security vulnerabilities including compromise of integrity, and allowed communication with untrusted clients has been identified in HP Support Assistant software.……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:30 | 阅读:13 | 回复:0
  • CVE-2020-6918
    CVE-2020-6918
    Potential security vulnerabilities including compromise of integrity, and allowed communication with untrusted clients has been identified in HP Support Assistant software.……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:30 | 阅读:11 | 回复:0
  • CVE-2020-6917
    CVE-2020-6917
    Potential security vulnerabilities including compromise of integrity, and allowed communication with untrusted clients has been identified in HP Support Assistant software.……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:30 | 阅读:14 | 回复:0
  • CVE-2019-4352
    CVE-2019-4352
    IBM Maximo Anywhere 7.6.4.0 applications could allow obfuscation of the application source code. IBM X-Force ID: 161494.……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:30 | 阅读:16 | 回复:0
  • CVE-2019-4351
    CVE-2019-4351
    IBM Maximo Anywhere 7.6.4.0 applications could disclose sensitive information to a user with physical access to the device. IBM X-Force ID: 161493.……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:30 | 阅读:17 | 回复:0
  • CVE-2019-4291
    CVE-2019-4291
    IBM Maximo Anywhere 7.6.4.0 could allow an attacker to reverse engineer the application due to the lack of binary protection precautions. IBM X-Force ID: 160697.……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:30 | 阅读:17 | 回复:0
  • CVE-2021-26726
    CVE-2021-26726
    A remote code execution vulnerability affecting a Valmet DNA service listening on TCP port 1517, allows an attacker to execute commands with SYSTEM privileges This issue affects: Valmet DNA versions f ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:30 | 阅读:22 | 回复:0
  • CVE-2021-45391
    CVE-2021-45391
    A Buffer Overflow vulnerability exists in Tenda Router AX12 V22.03.01.21_CN in the sub_422CE4 function in the goform/setIPv6Status binary file /usr/sbin/httpd via the conType parameter, which causes a ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:30 | 阅读:21 | 回复:0
  • CVE-2022-23358
    CVE-2022-23358
    EasyCMS v1.6 allows for SQL injection via ArticlemAction.class.php. In the background, search terms provided by the user were not sanitized and were used directly to construct a SQL statement.……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:30 | 阅读:24 | 回复:0
  • CVE-2022-0559
    CVE-2022-0559
    Use After Free in GitHub repository radareorg/radare2 prior to 5.6.2.……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:30 | 阅读:23 | 回复:0
  • CVE-2021-46388
    CVE-2021-46388
    ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: Reason: The issue is not a vulnerability (fails CNT2) - Has no impact on availability, integrity or confidence as only documented html templa ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:30 | 阅读:25 | 回复:0
  • CVE-2022-0614
    CVE-2022-0614
    Use of Out-of-range Pointer Offset in Homebrew mruby prior to 3.2.……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:30 | 阅读:19 | 回复:0
  • CVE-2022-0613
    CVE-2022-0613
    Authorization Bypass Through User-Controlled Key in NPM urijs prior to 1.19.8.……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:30 | 阅读:23 | 回复:0
  • CVE-2022-0612
    CVE-2022-0612
    Cross-site Scripting (XSS) - Stored in Packagist remdex/livehelperchat prior to 3.93v.……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:30 | 阅读:25 | 回复:0
  • CVE-2022-25242
    CVE-2022-25242
    In FileCloud before 21.3, file upload is not protected against Cross-Site Request Forgery (CSRF).……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:30 | 阅读:56 | 回复:0
  • CVE-2022-25241
    CVE-2022-25241
    In FileCloud before 21.3, the CSV user import functionality is vulnerable to Cross-Site Request Forgery (CSRF).……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:30 | 阅读:55 | 回复:0
  • CVE-2022-25236
    CVE-2022-25236
    xmlparse.c in Expat (aka libexpat) before 2.4.5 allows attackers to insert namespace-separator characters into namespace URIs.……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:30 | 阅读:51 | 回复:0
  • CVE-2022-25235
    CVE-2022-25235
    xmltok_impl.c in Expat (aka libexpat) before 2.4.5 lacks certain validation of encoding, such as checks for whether a UTF-8 character is valid in a certain context.……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:30 | 阅读:71 | 回复:0

关注我们

极客给你想要的成长

关注极客中国获取最新资讯

热门推荐
阅读排行榜

扫描微信二维码

查看手机版网站

随时了解更新最新资讯

139-2527-9053

在线客服(服务时间 9:00~18:00)

在线QQ客服
地址:深圳市南山区西丽大学城创智工业园
电邮:jeky_zhao#qq.com
移动电话:139-2527-9053

Powered by 互联科技 X3.4© 2001-2213 极客世界.|Sitemap