• 设为首页
  • 点击收藏
  • 手机版
    手机扫一扫访问
    迪恩网络手机版
  • 关注官方公众号
    微信扫一扫关注
    迪恩网络公众号

漏洞

RSS

下级分类:

  • CVE-2021-46558
    CVE-2021-46558
    Multiple cross-site scripting (XSS) vulnerabilities in the Add User module of Issabel PBX 20200102 allows attackers to execute arbitrary web scripts or HTML via a crafted payload inserted into the use ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:93 | 回复:0
  • CVE-2021-46557
    CVE-2021-46557
    Vicidial 2.14-783a was discovered to contain a cross-site scripting (XSS) vulnerability via the input tabs.……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:54 | 回复:0
  • CVE-2022-0589
    CVE-2022-0589
    Cross-site Scripting (XSS) - Stored in Packagist librenms/librenms prior to 22.1.0.……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:40 | 回复:0
  • CVE-2022-0588
    CVE-2022-0588
    Exposure of Sensitive Information to an Unauthorized Actor in Packagist librenms/librenms prior to 22.2.0.……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:38 | 回复:0
  • CVE-2022-0587
    CVE-2022-0587
    Improper Authorization in Packagist librenms/librenms prior to 22.2.0.……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:43 | 回复:0
  • CVE-2021-43948
    CVE-2021-43948
    Affected versions of Atlassian Jira Service Management Server and Data Center allow authenticated remote attackers to view the names of private objects via an Improper Authorization vulnerability in t ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:49 | 回复:0
  • CVE-2021-43941
    CVE-2021-43941
    Affected versions of Atlassian Jira Server and Data Center allow remote attackers to modify several resources (including CsvFieldMappingsPage.jspa and ImporterValueMappingsPage.jspa) via a Cross-Site ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:56 | 回复:0
  • CVE-2021-43940
    CVE-2021-43940
    Affected versions of Atlassian Confluence Server and Data Center allow authenticated local attackers to achieve elevated privileges on the local system via a DLL Hijacking vulnerability in the Conflue ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:35 | 回复:0
  • CVE-2021-43953
    CVE-2021-43953
    Affected versions of Atlassian Jira Server and Data Center allow unauthenticated remote attackers to toggle the Thread Contention and CPU monitoring settings via a Cross-Site Request Forgery (CSRF) vu ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:74 | 回复:0
  • CVE-2021-43950
    CVE-2021-43950
    Affected versions of Atlassian Jira Service Management Server and Data Center allow authenticated remote attackers to view import source configuration information via a Broken Access Control vulnerabi ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:34 | 回复:0
  • CVE-2021-43952
    CVE-2021-43952
    Affected versions of Atlassian Jira Server and Data Center allow unauthenticated remote attackers to restore the default configuration of fields via a Cross-Site Request Forgery (CSRF) vulnerability i ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:27 | 回复:0
  • CVE-2022-21818
    CVE-2022-21818
    NVIDIA License System contains a vulnerability in the installation scripts for the DLS virtual appliance, where a user on a network after signing in to the portal can access other users’ credentials, ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:29 | 回复:0
  • CVE-2022-0580
    CVE-2022-0580
    Improper Access Control in Packagist librenms/librenms prior to 22.2.0.……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:29 | 回复:0
  • CVE-2022-25139
    CVE-2022-25139
    njs through 0.7.0, used in NGINX, was discovered to contain a heap use-after-free in njs_await_fulfilled.……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:38 | 回复:0
  • CVE-2022-24705
    CVE-2022-24705
    The rad_packet_recv function in radius/packet.c suffers from a memcpy buffer overflow, resulting in an overly-large recvfrom into a fixed buffer that causes a buffer overflow and overwrites arbitrary ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:46 | 回复:0
  • CVE-2022-24704
    CVE-2022-24704
    The rad_packet_recv function in opt/src/accel-pppd/radius/packet.c suffers from a buffer overflow vulnerability, whereby user input len is copied into a fixed buffer attr-val.integer without any bound ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:43 | 回复:0
  • CVE-2022-23992
    CVE-2022-23992
    XCOM Data Transport for Windows, Linux, and UNIX 11.6 releases contain a vulnerability due to insufficient input validation that could potentially allow remote attackers to execute arbitrary commands ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:55 | 回复:0
  • CVE-2022-23410
    CVE-2022-23410
    AXIS IP Utility before 4.18.0 allows for remote code execution and local privilege escalation by the means of DLL hijacking. IPUtility.exe would attempt to load DLLs from its current working directory ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:61 | 回复:0
  • CVE-2022-0586
    CVE-2022-0586
    Infinite loop in RTMPT protocol dissector in Wireshark 3.6.0 to 3.6.1 and 3.4.0 to 3.4.11 allows denial of service via packet injection or crafted capture file……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:46 | 回复:0
  • CVE-2022-0583
    CVE-2022-0583
    Crash in the PVFS protocol dissector in Wireshark 3.6.0 to 3.6.1 and 3.4.0 to 3.4.11 allows denial of service via packet injection or crafted capture file……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:31 | 回复:0
  • CVE-2022-0582
    CVE-2022-0582
    Unaligned access in the CSN.1 protocol dissector in Wireshark 3.6.0 to 3.6.1 and 3.4.0 to 3.4.11 allows denial of service via packet injection or crafted capture file……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:43 | 回复:0
  • CVE-2022-0581
    CVE-2022-0581
    Crash in the CMS protocol dissector in Wireshark 3.6.0 to 3.6.1 and 3.4.0 to 3.4.11 allows denial of service via packet injection or crafted capture file……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:39 | 回复:0
  • CVE-2021-4201
    CVE-2021-4201
    Missing access control in ForgeRock Access Management 7.1.0 and earlier versions on all platforms allows remote unauthenticated attackers to hijack sessions, including potentially admin-level sessions ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:23 | 回复:0
  • CVE-2021-46463
    CVE-2021-46463
    njs through 0.7.1, used in NGINX, was discovered to contain a control flow hijack caused by a Type Confusion vulnerability in njs_promise_perform_then().……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:25 | 回复:0
  • CVE-2021-46462
    CVE-2021-46462
    njs through 0.7.1, used in NGINX, was discovered to contain a segmentation violation via njs_object_set_prototype in /src/njs_object.c.……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:23 | 回复:0
  • CVE-2021-46461
    CVE-2021-46461
    njs through 0.7.0, used in NGINX, was discovered to contain an out-of-bounds array access via njs_vmcode_typeof in /src/njs_vmcode.c.……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:22 | 回复:0
  • CVE-2021-45005
    CVE-2021-45005
    Artifex MuJS v1.1.3 was discovered to contain a heap buffer overflow which is caused by conflicting JumpList of nested try/finally statements.……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:22 | 回复:0
  • CVE-2022-24206
    CVE-2022-24206
    Tongda2000 v11.10 was discovered to contain a SQL injection vulnerability in /mobile_seal/get_seal.php via the DEVICE_LIST parameter.……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:18 | 回复:0
  • CVE-2022-23902
    CVE-2022-23902
    Tongda2000 v11.10 was discovered to contain a SQL injection vulnerability in export_data.php via the d_name parameter.……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:22 | 回复:0
  • CVE-2022-23638
    CVE-2022-23638
    svg-sanitizer is a SVG/XML sanitizer written in PHP. A cross-site scripting vulnerability impacts all users of the `svg-sanitizer` library prior to version 0.15.0. This issue is fixed in version 0.15. ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:17 | 回复:0
  • CVE-2022-23637
    CVE-2022-23637
    K-Box is a web-based application to manage documents, images, videos and geodata. Prior to version 0.33.1, a stored Cross-Site-Scripting (XSS) vulnerability is present in the markdown editor used by t ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:18 | 回复:0
  • CVE-2022-23391
    CVE-2022-23391
    A cross-site scripting (XSS) vulnerability in Pybbs v6.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload inserted into the Search box.……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:19 | 回复:0
  • CVE-2022-23390
    CVE-2022-23390
    An issue in the getType function of BBS Forum v5.3 and below allows attackers to upload arbitrary files.……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:23 | 回复:0
  • CVE-2022-23389
    CVE-2022-23389
    PublicCMS v4.0 was discovered to contain a remote code execution (RCE) vulnerability via the cmdarray parameter.……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:17 | 回复:0
  • CVE-2022-23337
    CVE-2022-23337
    DedeCMS v5.7.87 was discovered to contain a SQL injection vulnerability in article_coonepage_rule.php via the ids parameter.……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:20 | 回复:0
  • CVE-2022-23336
    CVE-2022-23336
    S-CMS v5.0 was discovered to contain a SQL injection vulnerability in member_pay.php via the O_id parameter.……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:17 | 回复:0
  • CVE-2022-23335
    CVE-2022-23335
    Metinfo v7.5.0 was discovered to contain a SQL injection vulnerability in language_general.class.php via doModifyParameter.……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:17 | 回复:0
  • CVE-2022-22295
    CVE-2022-22295
    Metinfo v7.5.0 was discovered to contain a SQL injection vulnerability in parameter_admin.class.php via the table_para parameter.……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:16 | 回复:0
  • CVE-2021-45310
    CVE-2021-45310
    Sangoma Technologies Corporation Switchvox Version 102409 is affected by an information disclosure vulnerability due to an improper access restriction. Users information such as first name, last name, ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:16 | 回复:0
  • CVE-2019-25057
    CVE-2019-25057
    In Corda before 4.1, the meaning of serialized data can be modified via an attacker-controlled CustomSerializer.……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:17 | 回复:0

关注我们

极客给你想要的成长

关注极客中国获取最新资讯

热门推荐
阅读排行榜

扫描微信二维码

查看手机版网站

随时了解更新最新资讯

139-2527-9053

在线客服(服务时间 9:00~18:00)

在线QQ客服
地址:深圳市南山区西丽大学城创智工业园
电邮:jeky_zhao#qq.com
移动电话:139-2527-9053

Powered by 互联科技 X3.4© 2001-2213 极客世界.|Sitemap