• 设为首页
  • 点击收藏
  • 手机版
    手机扫一扫访问
    迪恩网络手机版
  • 关注官方公众号
    微信扫一扫关注
    迪恩网络公众号

漏洞

RSS

下级分类:

  • CVE-2022-24988
    CVE-2022-24988
    In galois_2p8 before 0.1.2, PrimitivePolynomialField::new has an off-by-one buffer overflow for a vector.……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:17 | 回复:0
  • CVE-2021-45348
    CVE-2021-45348
    An Arbitrary File Deletion vulnerability exists in SourceCodester Attendance Management System v1.0 via the csv parameter in admin/pageUploadCSV.php, which can cause a Denial of Service (crash).……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:18 | 回复:0
  • CVE-2021-43106
    CVE-2021-43106
    A Header Injection vulnerability exists in Compass Plus TranzWare Online FIMI Web Interface Tranzware Online (TWO) 5.3.33.3 F38 and FIMI 4.2.19.4 25.The HTTP host header can be manipulated and cause t ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:16 | 回复:0
  • CVE-2019-16864
    CVE-2019-16864
    CompleteFTPService.exe in the server in EnterpriseDT CompleteFTP before 12.1.4 allows Remote Code Execution by leveraging a Windows user account that has SSH access. The exec command is always run as ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:21 | 回复:0
  • CVE-2022-25150
    CVE-2022-25150
    In Malwarebytes Binisoft Windows Firewall Control before 6.8.1.0, programs executed from the Tools tab can be used to escalate privileges.……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:19 | 回复:0
  • CVE-2022-0579
    CVE-2022-0579
    Improper Privilege Management in Packagist snipe/snipe-it prior to 5.3.9.……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:17 | 回复:0
  • CVE-2021-45347
    CVE-2021-45347
    An Incorrect Access Control vulnerability exists in zzcms 8.2, which lets a malicious user bypass authentication by changing the user name in the cookie to use any password.……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:16 | 回复:0
  • CVE-2021-45346
    CVE-2021-45346
    A Memory Leak vulnerabilty exists in SQLite Project SQLite3 3.35.1 and 3.37.0 via maliciously crafted SQL Queries (made via editing the Database File), it is possible to query a record, and leak subse ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:19 | 回复:0
  • CVE-2022-23367
    CVE-2022-23367
    Fulusso v1.1 was discovered to contain a DOM-based cross-site scripting (XSS) vulnerability in /BindAccount/SuccessTips.js. This vulnerability allows attackers to inject malicious code into a victim u ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:18 | 回复:0
  • CVE-2022-22854
    CVE-2022-22854
    An access control issue in hprms/admin/?page=user/list of Hospital Patient Record Management System v1.0 allows attackers to escalate privileges via accessing and editing the user list.……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:18 | 回复:0
  • CVE-2021-39080
    CVE-2021-39080
    Due to weak obfuscation, IBM Cognos Analytics Mobile for Android application prior to version 1.1.14 , an attacker could be able to reverse engineer the codebase to gain knowledge about the programmin ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:20 | 回复:0
  • CVE-2021-39079
    CVE-2021-39079
    IBM Cognos Analytics Mobile for Android applications prior to version 1.1.14 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thu ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:20 | 回复:0
  • CVE-2021-45392
    CVE-2021-45392
    A Buffer Overflow vulnerability exists in Tenda Router AX12 V22.03.01.21_CN in the sub_422CE4 function in page /goform/setIPv6Status via the prefixDelegate parameter, which causes a Denial of Service.……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:15 | 回复:0
  • CVE-2022-0512
    CVE-2022-0512
    Authorization Bypass Through User-Controlled Key in NPM url-parse prior to 1.5.6.……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:17 | 回复:0
  • CVE-2021-46371
    CVE-2021-46371
    antd-admin 5.5.0 is affected by an incorrect access control vulnerability. Unauthorized access to some interfaces in the foreground leads to leakage of sensitive information.……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:13 | 回复:0
  • CVE-2022-24686
    CVE-2022-24686
    HashiCorp Nomad and Nomad Enterprise 0.3.0 through 1.0.17, 1.1.11, and 1.2.5 artifact download functionality has a race condition such that the Nomad client agent could download the wrong artifact int ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:12 | 回复:0
  • CVE-2021-45421
    CVE-2021-45421
    ** UNSUPPORTED WHEN ASSIGNED ** Emerson Dixell XWEB-500 products are affected by information disclosure via directory listing. A potential attacker can use this misconfiguration to access all the file ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:13 | 回复:0
  • CVE-2021-45420
    CVE-2021-45420
    ** UNSUPPORTED WHEN ASSIGNED ** Emerson Dixell XWEB-500 products are affected by arbitrary file write vulnerability in /cgi-bin/logo_extra_upload.cgi, /cgi-bin/cal_save.cgi, and /cgi-bin/lo_utils.cgi. ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:10 | 回复:0
  • CVE-2022-24977
    CVE-2022-24977
    ImpressCMS before 1.4.2 allows unauthenticated remote code execution via ...../// directory traversal in origName or imageName, leading to unsafe interaction with the CKEditor processImage.php script. ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:10 | 回复:0
  • CVE-2022-24976
    CVE-2022-24976
    Atheme IRC Services before 7.2.12, when used in conjunction with InspIRCd, allows authentication bypass by ending an IRC handshake at a certain point during a challenge-response login sequence.……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:9 | 回复:0
  • CVE-2022-24110
    CVE-2022-24110
    Kiteworks MFT 7.5 may allow an unauthorized user to reset other users' passwords. This is fixed in version 7.6 and later.……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:9 | 回复:0
  • CVE-2022-0576
    CVE-2022-0576
    Cross-site Scripting (XSS) - Generic in Packagist librenms/librenms prior to 22.1.0.……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:12 | 回复:0
  • CVE-2022-0575
    CVE-2022-0575
    Cross-site Scripting (XSS) - Stored in Packagist librenms/librenms prior to 22.2.0.……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:13 | 回复:0
  • CVE-2022-0572
    CVE-2022-0572
    Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2.……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:13 | 回复:0
  • CVE-2022-0571
    CVE-2022-0571
    Cross-site Scripting (XSS) - Reflected in GitHub repository phoronix-test-suite/phoronix-test-suite prior to 10.8.2.……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:15 | 回复:0
  • CVE-2022-0570
    CVE-2022-0570
    Heap-based Buffer Overflow in Homebrew mruby prior to 3.2.……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:18 | 回复:0
  • CVE-2022-0569
    CVE-2022-0569
    Exposure of Sensitive Information to an Unauthorized Actor in Packagist snipe/snipe-it prior to v5.3.9.……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:20 | 回复:0
  • CVE-2022-0565
    CVE-2022-0565
    Exposure of Sensitive Information to an Unauthorized Actor in Packagist pimcore/pimcore prior to 10.3.1.……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:22 | 回复:0
  • CVE-2022-0214
    CVE-2022-0214
    The Popup | Custom Popup Builder WordPress plugin before 1.3.1 autoload data from its popup on every pages, as such data can be sent by unauthenticated user, and is not validated in length, this could ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:20 | 回复:0
  • CVE-2022-0212
    CVE-2022-0212
    The SpiderCalendar WordPress plugin through 1.5.65 does not sanitise and escape the callback parameter before outputting it back in the page via the window AJAX action (available to both unauthenticat ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:22 | 回复:0
  • CVE-2022-0208
    CVE-2022-0208
    The MapPress Maps for WordPress plugin before 2.73.4 does not sanitise and escape the mapid parameter before outputting it back in the Bad mapid error message, leading to a Reflected Cross-Site Script ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:23 | 回复:0
  • CVE-2022-0206
    CVE-2022-0206
    The NewStatPress WordPress plugin before 1.3.6 does not properly escape the whatX parameters before outputting them back in attributes, leading to Reflected Cross-Site Scripting issues……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:26 | 回复:0
  • CVE-2022-0201
    CVE-2022-0201
    The Permalink Manager Lite WordPress plugin before 2.2.15 and Permalink Manager Pro WordPress plugin before 2.2.15 do not sanitise and escape query parameters before outputting them back in the debug ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:29 | 回复:0
  • CVE-2022-0200
    CVE-2022-0200
    Themify Portfolio Post WordPress plugin before 1.1.7 does not sanitise and escape the num_of_pages parameter before outputting it back the response of the themify_create_popup_page_pagination AJAX act ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:34 | 回复:0
  • CVE-2022-0193
    CVE-2022-0193
    The Complianz WordPress plugin before 6.0.0 does not escape the s parameter before outputting it back in an attribute in an admin page, leading to a Reflected Cross-Site Scripting……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:40 | 回复:0
  • CVE-2022-0190
    CVE-2022-0190
    The Ad Invalid Click Protector (AICP) WordPress plugin before 1.2.6 is affected by a SQL Injection in the id parameter of the delete action.……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:34 | 回复:0
  • CVE-2022-0188
    CVE-2022-0188
    The CMP WordPress plugin before 4.0.19 allows any user, even not logged in, to arbitrarily change the coming soon page layout.……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:46 | 回复:0
  • CVE-2022-0176
    CVE-2022-0176
    The PowerPack Lite for Beaver Builder WordPress plugin before 1.2.9.3 does not sanitise and escape the tab parameter before outputting it back in an admin page, leading to a Reflected Cross-Site Scrip ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:90 | 回复:0
  • CVE-2021-45444
    CVE-2021-45444
    In zsh before 5.8.1, an attacker can achieve code execution if they control a command output inside the prompt, as demonstrated by a %F argument. This occurs because of recursive PROMPT_SUBST expansio ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:106 | 回复:0
  • CVE-2021-44879
    CVE-2021-44879
    In gc_data_segment in fs/f2fs/gc.c in the Linux kernel before 5.16.3, special files are not considered, leading to a move_data_page NULL pointer dereference.……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:152 | 回复:0

关注我们

极客给你想要的成长

关注极客中国获取最新资讯

热门推荐
阅读排行榜

扫描微信二维码

查看手机版网站

随时了解更新最新资讯

139-2527-9053

在线客服(服务时间 9:00~18:00)

在线QQ客服
地址:深圳市南山区西丽大学城创智工业园
电邮:jeky_zhao#qq.com
移动电话:139-2527-9053

Powered by 互联科技 X3.4© 2001-2213 极客世界.|Sitemap