• 设为首页
  • 点击收藏
  • 手机版
    手机扫一扫访问
    迪恩网络手机版
  • 关注官方公众号
    微信扫一扫关注
    迪恩网络公众号

漏洞

RSS

下级分类:

  • CVE-2022-0611
    CVE-2022-0611
    Improper Privilege Management in Packagist snipe/snipe-it prior to 5.3.11.……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:30 | 阅读:108 | 回复:0
  • CVE-2021-46252
    CVE-2021-46252
    A Cross-Site Request Forgery (CSRF) in RequirementsBypassPage.php of Scratch Wiki scratch-confirmaccount-v3 allows attackers to modify account request requirement bypasses.……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:30 | 阅读:78 | 回复:0
  • CVE-2021-46251
    CVE-2021-46251
    A reflected cross-site scripting (XSS) in ScratchOAuth2 before commit 1603f04e44ef67dde6ccffe866d2dca16defb293 allows attackers to execute arbitrary web scripts or HTML via a crafted POST request.……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:30 | 阅读:107 | 回复:0
  • CVE-2021-46250
    CVE-2021-46250
    An issue in SOA2Login::commented of ScratchOAuth2 before commit a91879bd58fa83b09283c0708a1864cdf067c64a allows attackers to authenticate as other users on downstream components that rely on ScratchOA ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:30 | 阅读:63 | 回复:0
  • CVE-2021-46249
    CVE-2021-46249
    An authorization bypass exploited by a user-controlled key in SpecificApps REST API in ScratchOAuth2 before commit d856dc704b2504cd3b92cf089fdd366dd40775d6 allows app owners to set flags that indicate ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:30 | 阅读:48 | 回复:0
  • CVE-2022-23643
    CVE-2022-23643
    Sourcegraph is a code search and navigation engine. Sourcegraph versions 3.35 and 3.36 reintroduced a previously fixed side-channel vulnerabilitity in the Code Monitoring feature where strings in priv ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:30 | 阅读:50 | 回复:0
  • CVE-2021-35380
    CVE-2021-35380
    A Directory Traversal vulnerability exists in Solari di Udine TermTalk Server (TTServer) 3.24.0.2, which lets an unauthenticated malicious user gain access to the files on the remote system by gaining ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:30 | 阅读:44 | 回复:0
  • CVE-2022-23641
    CVE-2022-23641
    Discourse is an open source discussion platform. In versions prior to 2.8.1 in the `stable` branch, 2.9.0.beta2 in the `beta` branch, and 2.9.0.beta2 in the `tests-passed` branch, users can trigger a ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:30 | 阅读:45 | 回复:0
  • CVE-2021-46321
    CVE-2021-46321
    Tenda AC Series Router AC11_V02.03.01.104_CN was discovered to contain a stack buffer overflow in the wifiBasicCfg module. This vulnerability allows attackers to cause a Denial of Service (DoS) via cr ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:30 | 阅读:44 | 回复:0
  • CVE-2021-46265
    CVE-2021-46265
    Tenda AC Series Router AC11_V02.03.01.104_CN was discovered to contain a stack buffer overflow in the wanBasicCfg module. This vulnerability allows attackers to cause a Denial of Service (DoS) via cra ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:30 | 阅读:35 | 回复:0
  • CVE-2021-46264
    CVE-2021-46264
    Tenda AC Series Router AC11_V02.03.01.104_CN was discovered to contain a stack buffer overflow in the onlineList module. This vulnerability allows attackers to cause a Denial of Service (DoS) via craf ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:30 | 阅读:37 | 回复:0
  • CVE-2021-46263
    CVE-2021-46263
    Tenda AC Series Router AC11_V02.03.01.104_CN was discovered to contain a stack buffer overflow in the wifiTime module. This vulnerability allows attackers to cause a Denial of Service (DoS) via crafte ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:30 | 阅读:33 | 回复:0
  • CVE-2021-46262
    CVE-2021-46262
    Tenda AC Series Router AC11_V02.03.01.104_CN was discovered to contain a stack buffer overflow in the PPPoE module. This vulnerability allows attackers to cause a Denial of Service (DoS) via crafted o ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:30 | 阅读:37 | 回复:0
  • CVE-2021-37354
    CVE-2021-37354
    Xerox Phaser 4622 v35.013.01.000 was discovered to contain a buffer overflow in the function sub_3226AC via the TIMEZONE variable. This vulnerability allows attackers to cause a Denial of Service (DoS ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:30 | 阅读:28 | 回复:0
  • CVE-2021-33945
    CVE-2021-33945
    RICOH Printer series SP products 320DN, SP 325DNw, SP 320SN, SP 320SFN, SP 325SNw, SP 325SFNw, SP 330SN, Aficio SP 3500SF, SP 221S, SP 220SNw, SP 221SNw, SP 221SF, SP 220SFNw, SP 221SFNw v1.06 were di ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:30 | 阅读:37 | 回复:0
  • CVE-2022-24589
    CVE-2022-24589
    Burden v3.0 was discovered to contain a stored cross-site scripting (XSS) in the Add Category function. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted paylo ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:30 | 阅读:41 | 回复:0
  • CVE-2022-23639
    CVE-2022-23639
    crossbeam-utils provides atomics, synchronization primitives, scoped threads, and other utilities for concurrent programming in Rust. crossbeam-utils prior to version 0.8.7 incorrectly assumed that th ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:30 | 阅读:49 | 回复:0
  • CVE-2021-42714
    CVE-2021-42714
    Splashtop Remote Client (Business Edition) through 3.4.8.3 creates a Temporary File in a Directory with Insecure Permissions.……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:30 | 阅读:45 | 回复:0
  • CVE-2021-42713
    CVE-2021-42713
    Splashtop Remote Client (Personal Edition) through 3.4.6.1 creates a Temporary File in a Directory with Insecure Permissions.……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:30 | 阅读:32 | 回复:0
  • CVE-2022-22770
    CVE-2022-22770
    The Web Server component of TIBCO Software Inc.'s TIBCO AuditSafe contains an easily exploitable vulnerability that allows an unauthenticated attacker with network access to execute API methods on ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:30 | 阅读:49 | 回复:0
  • CVE-2021-43050
    CVE-2021-43050
    The Auth Server component of TIBCO Software Inc.'s TIBCO BusinessConnect Container Edition contains an easily exploitable vulnerability that allows an unauthenticated attacker with local access to ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:30 | 阅读:37 | 回复:0
  • CVE-2021-43049
    CVE-2021-43049
    The Database component of TIBCO Software Inc.'s TIBCO BusinessConnect Container Edition contains an easily exploitable vulnerability that allows an unauthenticated attacker with network access to ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:30 | 阅读:44 | 回复:0
  • CVE-2022-25212
    CVE-2022-25212
    A cross-site request forgery (CSRF) vulnerability in Jenkins SWAMP Plugin 1.2.6 and earlier allows attackers to connect to an attacker-specified web server using attacker-specified credentials.……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:54 | 回复:0
  • CVE-2022-25211
    CVE-2022-25211
    A missing permission check in Jenkins SWAMP Plugin 1.2.6 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified web server using attacker-specified credentials.……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:58 | 回复:0
  • CVE-2022-25210
    CVE-2022-25210
    Jenkins Convertigo Mobile Platform Plugin 1.1 and earlier uses static fields to store job configuration information, allowing attackers with Item/Configure permission to capture passwords of the jobs ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:51 | 回复:0
  • CVE-2022-25209
    CVE-2022-25209
    Jenkins Chef Sinatra Plugin 1.20 and earlier does not configure its XML parser to prevent XML external entity (XXE) attacks.……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:56 | 回复:0
  • CVE-2022-25208
    CVE-2022-25208
    A missing permission check in Jenkins Chef Sinatra Plugin 1.20 and earlier allows attackers with Overall/Read permission to have Jenkins send an HTTP request to an attacker-controlled URL and have it ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:38 | 回复:0
  • CVE-2022-25207
    CVE-2022-25207
    A cross-site request forgery (CSRF) vulnerability in Jenkins Chef Sinatra Plugin 1.20 and earlier allows attackers to have Jenkins send an HTTP request to an attacker-controlled URL and have it parse ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:44 | 回复:0
  • CVE-2022-25206
    CVE-2022-25206
    A missing check in Jenkins dbCharts Plugin 0.5.2 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified database via JDBC using attacker-specified credentials.……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:44 | 回复:0
  • CVE-2022-25205
    CVE-2022-25205
    A cross-site request forgery (CSRF) vulnerability in Jenkins dbCharts Plugin 0.5.2 and earlier allows attackers to connect to an attacker-specified database via JDBC using attacker-specified credentia ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:50 | 回复:0
  • CVE-2022-25204
    CVE-2022-25204
    Jenkins Doktor Plugin 0.4.1 and earlier implements functionality that allows agent processes to render files on the controller as Markdown or Asciidoc, and error messages allow attackers able to contr ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:54 | 回复:0
  • CVE-2022-25203
    CVE-2022-25203
    Jenkins Team Views Plugin 0.9.0 and earlier does not escape team names, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Overall/Read permission.……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:54 | 回复:0
  • CVE-2022-25202
    CVE-2022-25202
    Jenkins Promoted Builds (Simple) Plugin 1.9 and earlier does not escape the name of custom promotion levels, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers wit ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:37 | 回复:0
  • CVE-2022-25201
    CVE-2022-25201
    Missing permission checks in Jenkins Checkmarx Plugin 2022.1.2 and earlier allow attackers with Overall/Read permission to connect to an attacker-specified webserver using attacker-specified credentia ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:59 | 回复:0
  • CVE-2022-25200
    CVE-2022-25200
    A cross-site request forgery (CSRF) vulnerability in Jenkins Checkmarx Plugin 2022.1.2 and earlier allows attackers to connect to an attacker-specified webserver using attacker-specified credentials I ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:89 | 回复:0
  • CVE-2022-25199
    CVE-2022-25199
    A missing permission check in Jenkins SCP publisher Plugin 1.8 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified SSH server using attacker-specified credent ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:73 | 回复:0
  • CVE-2022-25198
    CVE-2022-25198
    A cross-site request forgery (CSRF) vulnerability in Jenkins SCP publisher Plugin 1.8 and earlier allows attackers to connect to an attacker-specified SSH server using attacker-specified credentials.……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:57 | 回复:0
  • CVE-2022-25197
    CVE-2022-25197
    Jenkins HashiCorp Vault Plugin 336.v182c0fbaaeb7 and earlier implements functionality that allows agent processes to read arbitrary files on the Jenkins controller file system.……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:40 | 回复:0
  • CVE-2022-25196
    CVE-2022-25196
    Jenkins GitLab Authentication Plugin 1.13 and earlier records the HTTP Referer header as part of the URL query parameters when the authentication process starts, allowing attackers with access to Jenk ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:33 | 回复:0
  • CVE-2022-25195
    CVE-2022-25195
    A missing permission check in Jenkins autonomiq Plugin 1.15 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified URL using attacker-specified credentials.……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:33 | 回复:0

关注我们

极客给你想要的成长

关注极客中国获取最新资讯

热门推荐
阅读排行榜

扫描微信二维码

查看手机版网站

随时了解更新最新资讯

139-2527-9053

在线客服(服务时间 9:00~18:00)

在线QQ客服
地址:深圳市南山区西丽大学城创智工业园
电邮:jeky_zhao#qq.com
移动电话:139-2527-9053

Powered by 互联科技 X3.4© 2001-2213 极客世界.|Sitemap