• 设为首页
  • 点击收藏
  • 手机版
    手机扫一扫访问
    迪恩网络手机版
  • 关注官方公众号
    微信扫一扫关注
    迪恩网络公众号

漏洞

RSS

下级分类:

  • CVE-2021-25115
    CVE-2021-25115
    The WP Photo Album Plus WordPress plugin before 8.0.10 was vulnerable to Stored Cross-Site Scripting (XSS). Error log content was handled improperly, therefore any user, even unauthenticated, could ca ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:114 | 回复:0
  • CVE-2021-25110
    CVE-2021-25110
    The Futurio Extra WordPress plugin before 1.6.3 allows any logged in user, such as subscriber, to extract any other user's email address.……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:71 | 回复:0
  • CVE-2021-25109
    CVE-2021-25109
    The Futurio Extra WordPress plugin before 1.6.3 is affected by a SQL Injection vulnerability that could be used by high privilege users to extract data from the database as well as used to perform Cro ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:67 | 回复:0
  • CVE-2021-25107
    CVE-2021-25107
    The Form Store to DB WordPress plugin before 1.1.1 does not sanitise and escape parameter keys before outputting it back in the created entry, allowing unauthenticated attacker to perform Cross-Site S ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:72 | 回复:0
  • CVE-2021-25050
    CVE-2021-25050
    The Remove Footer Credit WordPress plugin before 1.0.11 does properly sanitise its settings, allowing high privilege users to perform Cross-Site Scripting attacks even when the unfiltered_html is disa ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:65 | 回复:0
  • CVE-2021-25033
    CVE-2021-25033
    The WordPress Newsletter Plugin WordPress plugin before 1.6.5 does not validate the to parameter before redirecting the user to its given value, leading to an open redirect issue……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:53 | 回复:0
  • CVE-2021-25018
    CVE-2021-25018
    The PPOM for WooCommerce WordPress plugin before 24.0 does not have authorisation and CSRF checks in the ppom_settings_panel_action AJAX action, allowing any authenticated to call it and set arbitrary ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:38 | 回复:0
  • CVE-2021-25014
    CVE-2021-25014
    The Ibtana WordPress plugin before 1.1.4.9 does not have authorisation and CSRF checks in the ive_save_general_settings AJAX action, allowing any authenticated users, such as subscriber to call it and ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:42 | 回复:0
  • CVE-2021-24904
    CVE-2021-24904
    The Mortgage Calculators WP WordPress plugin before 1.56 does not implement any sanitisation on the color setting of the background of a calculator, which could allow high privilege users to perform S ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:21 | 回复:0
  • CVE-2021-24874
    CVE-2021-24874
    The Newsletter, SMTP, Email marketing and Subscribe forms by Sendinblue WordPress plugin before 3.1.31 does not escape the lang and pid parameter before outputting them back in attributes, leading to ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:17 | 回复:0
  • CVE-2021-24446
    CVE-2021-24446
    The Remove Footer Credit WordPress plugin before 1.0.6 does not have CSRF check in place when saving its settings, which could allow attacker to make logged in admins change them and lead to Stored XS ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:20 | 回复:0
  • CVE-2022-22765
    CVE-2022-22765
    BD Viper LT system, versions 2.0 and later, contains hardcoded credentials. If exploited, threat actors may be able to access, modify or delete sensitive information, including electronic protected he ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:21 | 回复:0
  • CVE-2022-0311
    CVE-2022-0311
    Heap buffer overflow in Task Manager in Google Chrome prior to 97.0.4692.99 allowed a remote attacker who convinced a user to engage in specific user interaction to potentially exploit heap corruption ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:19 | 回复:0
  • CVE-2022-0310
    CVE-2022-0310
    Heap buffer overflow in Task Manager in Google Chrome prior to 97.0.4692.99 allowed a remote attacker to potentially exploit heap corruption via specific user interactions.……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:19 | 回复:0
  • CVE-2022-0309
    CVE-2022-0309
    Inappropriate implementation in Autofill in Google Chrome prior to 97.0.4692.99 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page.……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:19 | 回复:0
  • CVE-2022-0308
    CVE-2022-0308
    Use after free in Data Transfer in Google Chrome on Chrome OS prior to 97.0.4692.99 allowed a remote attacker who convinced a user to engage in specific user interaction to potentially exploit heap co ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:14 | 回复:0
  • CVE-2022-0307
    CVE-2022-0307
    Use after free in Optimization Guide in Google Chrome prior to 97.0.4692.99 allowed a remote attacker who convinced a user to engage in specific user interaction to potentially exploit heap corruption ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:13 | 回复:0
  • CVE-2022-0306
    CVE-2022-0306
    Heap buffer overflow in PDFium in Google Chrome prior to 97.0.4692.99 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:15 | 回复:0
  • CVE-2022-0305
    CVE-2022-0305
    Inappropriate implementation in Service Worker API in Google Chrome prior to 97.0.4692.99 allowed a remote attacker who had compromised the renderer process to bypass site isolation via a crafted HTML ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:17 | 回复:0
  • CVE-2022-0304
    CVE-2022-0304
    Use after free in Bookmarks in Google Chrome prior to 97.0.4692.99 allowed a remote attacker who convinced a user to engage in specific user interactions to potentially exploit heap corruption via a c ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:14 | 回复:0
  • CVE-2022-0302
    CVE-2022-0302
    Use after free in Omnibox in Google Chrome prior to 97.0.4692.99 allowed an attacker who convinced a user to engage in specific user interactions to potentially exploit heap corruption via a crafted H ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:14 | 回复:0
  • CVE-2022-0301
    CVE-2022-0301
    Heap buffer overflow in DevTools in Google Chrome prior to 97.0.4692.99 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted H ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:14 | 回复:0
  • CVE-2022-0300
    CVE-2022-0300
    Use after free in Text Input Method Editor in Google Chrome on Android prior to 97.0.4692.99 allowed a remote attacker who convinced a user to engage in specific user interactions to potentially explo ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:11 | 回复:0
  • CVE-2022-0298
    CVE-2022-0298
    Use after free in Scheduling in Google Chrome prior to 97.0.4692.99 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:10 | 回复:0
  • CVE-2022-0297
    CVE-2022-0297
    Use after free in Vulkan in Google Chrome prior to 97.0.4692.99 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:13 | 回复:0
  • CVE-2022-0296
    CVE-2022-0296
    Use after free in Printing in Google Chrome prior to 97.0.4692.99 allowed a remote attacker who convinced the user to engage is specific user interactions to potentially exploit heap corruption via a ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:10 | 回复:0
  • CVE-2022-0295
    CVE-2022-0295
    Use after free in Omnibox in Google Chrome prior to 97.0.4692.99 allowed a remote attacker who convinced the user to engage is specific user interactions to potentially exploit heap corruption via a c ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:9 | 回复:0
  • CVE-2022-0294
    CVE-2022-0294
    Inappropriate implementation in Push messaging in Google Chrome prior to 97.0.4692.99 allowed a remote attacker who had compromised the renderer process to bypass site isolation via a crafted HTML pag ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:9 | 回复:0
  • CVE-2022-0293
    CVE-2022-0293
    Use after free in Web packaging in Google Chrome prior to 97.0.4692.99 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:7 | 回复:0
  • CVE-2022-0292
    CVE-2022-0292
    Inappropriate implementation in Fenced Frames in Google Chrome prior to 97.0.4692.99 allowed a remote attacker who had compromised the renderer process to bypass navigation restrictions via a crafted ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:8 | 回复:0
  • CVE-2022-0291
    CVE-2022-0291
    Inappropriate implementation in Storage in Google Chrome prior to 97.0.4692.99 allowed a remote attacker who had compromised the renderer process to bypass site isolation via a crafted HTML page.……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:8 | 回复:0
  • CVE-2022-0290
    CVE-2022-0290
    Use after free in Site isolation in Google Chrome prior to 97.0.4692.99 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page.……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:7 | 回复:0
  • CVE-2022-0289
    CVE-2022-0289
    Use after free in Safe browsing in Google Chrome prior to 97.0.4692.99 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:6 | 回复:0
  • CVE-2022-0120
    CVE-2022-0120
    Inappropriate implementation in Passwords in Google Chrome prior to 97.0.4692.71 allowed a remote attacker to potentially leak cross-origin data via a malicious website.……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:7 | 回复:0
  • CVE-2022-0118
    CVE-2022-0118
    Inappropriate implementation in WebShare in Google Chrome prior to 97.0.4692.71 allowed a remote attacker to potentially hide the contents of the Omnibox (URL bar) via a crafted HTML page.……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:7 | 回复:0
  • CVE-2022-0117
    CVE-2022-0117
    Policy bypass in Blink in Google Chrome prior to 97.0.4692.71 allowed a remote attacker to leak cross-origin data via a crafted HTML page.……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:7 | 回复:0
  • CVE-2022-0116
    CVE-2022-0116
    Inappropriate implementation in Compositing in Google Chrome prior to 97.0.4692.71 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page.……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:6 | 回复:0
  • CVE-2022-0115
    CVE-2022-0115
    Uninitialized use in File API in Google Chrome prior to 97.0.4692.71 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page.……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:6 | 回复:0
  • CVE-2022-0114
    CVE-2022-0114
    Out of bounds memory access in Blink Serial API in Google Chrome prior to 97.0.4692.71 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page and virtual serial port ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:6 | 回复:0
  • CVE-2022-0113
    CVE-2022-0113
    Inappropriate implementation in Blink in Google Chrome prior to 97.0.4692.71 allowed a remote attacker to leak cross-origin data via a crafted HTML page.……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:5 | 回复:0

关注我们

极客给你想要的成长

关注极客中国获取最新资讯

热门推荐
阅读排行榜

扫描微信二维码

查看手机版网站

随时了解更新最新资讯

139-2527-9053

在线客服(服务时间 9:00~18:00)

在线QQ客服
地址:深圳市南山区西丽大学城创智工业园
电邮:jeky_zhao#qq.com
移动电话:139-2527-9053

Powered by 互联科技 X3.4© 2001-2213 极客世界.|Sitemap