• 设为首页
  • 点击收藏
  • 手机版
    手机扫一扫访问
    迪恩网络手机版
  • 关注官方公众号
    微信扫一扫关注
    迪恩网络公众号

漏洞

RSS

下级分类:

  • CVE-2020-13675
    CVE-2020-13675
    Drupal's JSON:API and REST/File modules allow file uploads through their HTTP APIs. The modules do not correctly run all file validation, which causes an access bypass vulnerability. An attacker m ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:23 | 回复:0
  • CVE-2020-13674
    CVE-2020-13674
    The QuickEdit module does not properly validate access to routes, which could allow cross-site request forgery under some circumstances and lead to possible data integrity issues. Sites are only affec ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:24 | 回复:0
  • CVE-2020-13673
    CVE-2020-13673
    The Entity Embed module provides a filter to allow embedding entities in content fields. In certain circumstances, the filter could allow an unprivileged user to inject HTML into a page when it is acc ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:24 | 回复:0
  • CVE-2020-13672
    CVE-2020-13672
    Cross-site Scripting (XSS) vulnerability in Drupal core's sanitization API fails to properly filter cross-site scripting under certain circumstances. This issue affects: Drupal Core 9.1.x versions ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:26 | 回复:0
  • CVE-2020-13670
    CVE-2020-13670
    Information Disclosure vulnerability in file module of Drupal Core allows an attacker to gain access to the file metadata of a permanent private file that they do not have access to by guessing the ID ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:29 | 回复:0
  • CVE-2020-13669
    CVE-2020-13669
    Cross-site Scripting (XSS) vulnerability in ckeditor of Drupal Core allows attacker to inject XSS. This issue affects: Drupal Core 8.8.x versions prior to 8.8.10.; 8.9.x versions prior to 8.9.6; 9.0.x ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:29 | 回复:0
  • CVE-2020-13668
    CVE-2020-13668
    Access Bypass vulnerability in Drupal Core allows for an attacker to leverage the way that HTML is rendered for affected forms in order to exploit the vulnerability. This issue affects: Drupal Core 8. ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:32 | 回复:0
  • CVE-2021-45402
    CVE-2021-45402
    The check_alu_op() function in kernel/bpf/verifier.c in the Linux kernel through v5.16-rc5 did not properly update bounds while handling the mov32 instruction, which allows local users to obtain poten ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:47 | 回复:0
  • CVE-2021-38679
    CVE-2021-38679
    An improper authentication vulnerability has been reported to affect QNAP NAS running Kazoo Server. If exploited, this vulnerability allows attackers to compromise the security of the system. We have ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:34 | 回复:0
  • CVE-2022-24289
    CVE-2022-24289
    Hessian serialization is a network protocol that supports object-based transmission. Apache Cayenne's optional Remote Object Persistence (ROP) feature is a web services-based technology that provi ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:28 | 回复:0
  • CVE-2022-24112
    CVE-2022-24112
    An attacker can abuse the batch-requests plugin to send requests to bypass the IP restriction of Admin API. A default configuration of Apache APISIX (with default API key) is vulnerable to remote code ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:25 | 回复:0
  • CVE-2022-0560
    CVE-2022-0560
    Open Redirect in Packagist microweber/microweber prior to 1.2.11.……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:24 | 回复:0
  • CVE-2021-46355
    CVE-2021-46355
    OCS Inventory 2.9.1 is affected by Cross Site Scripting (XSS). To exploit the vulnerability, the attacker needs to manipulate the name of some device on your computer, such as a printer, replacing the ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:24 | 回复:0
  • CVE-2021-44521
    CVE-2021-44521
    When running Apache Cassandra with the following configuration: enable_user_defined_functions: true enable_scripted_user_defined_functions: true enable_user_defined_functions_threads: false it is poss ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:23 | 回复:0
  • CVE-2021-35077
    CVE-2021-35077
    Possible use after free scenario in compute offloads to DSP while multiple calls spawn a dynamic process in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Sna ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:19 | 回复:0
  • CVE-2021-35075
    CVE-2021-35075
    Possible null pointer dereference due to lack of WDOG structure validation during registration in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:20 | 回复:0
  • CVE-2021-35074
    CVE-2021-35074
    Possible integer overflow due to improper fragment datatype while calculating number of fragments in a request message in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdrago ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:22 | 回复:0
  • CVE-2021-35069
    CVE-2021-35069
    Improper validation of data length received from DMA buffer can lead to memory corruption. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industri ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:20 | 回复:0
  • CVE-2021-35068
    CVE-2021-35068
    Lack of null check while freeing the device information buffer in the Bluetooth HFP protocol can lead to a NULL pointer dereference in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Sna ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:17 | 回复:0
  • CVE-2021-30326
    CVE-2021-30326
    Possible assertion due to improper size validation while processing the DownlinkPreemption IE in an RRC Reconfiguration/RRC Setup message in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivit ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:17 | 回复:0
  • CVE-2021-30325
    CVE-2021-30325
    Possible out of bound access of DCI resources due to lack of validation process and resource allocation in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snap ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:15 | 回复:0
  • CVE-2021-30324
    CVE-2021-30324
    Possible out of bound write due to lack of boundary check for the maximum size of buffer when sending a DCI packet to remote process in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Sn ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:13 | 回复:0
  • CVE-2021-30323
    CVE-2021-30323
    Improper validation of maximum size of data write to EFS file can lead to memory corruption in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobil ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:13 | 回复:0
  • CVE-2021-30322
    CVE-2021-30322
    Possible out of bounds write due to improper validation of number of GPIOs configured in an internal parameters array in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consum ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:12 | 回复:0
  • CVE-2021-30318
    CVE-2021-30318
    Improper validation of input when provisioning the HDCP key can lead to memory corruption in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industria ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:11 | 回复:0
  • CVE-2021-30317
    CVE-2021-30317
    Improper validation of program headers containing ELF metadata can lead to image verification bypass in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Co ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:10 | 回复:0
  • CVE-2021-30309
    CVE-2021-30309
    Improper size validation of QXDM commands can lead to memory corruption in Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:9 | 回复:0
  • CVE-2022-0557
    CVE-2022-0557
    OS Command Injection in Packagist microweber/microweber prior to 1.2.11.……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:9 | 回复:0
  • CVE-2022-24961
    CVE-2022-24961
    In Portainer Agent before 2.11.1, an API server can continue running even if not associated with a Portainer instance in the past few days.……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:9 | 回复:0
  • CVE-2022-24959
    CVE-2022-24959
    An issue was discovered in the Linux kernel before 5.16.5. There is a memory leak in yam_siocdevprivate in drivers/net/hamradio/yam.c.……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:8 | 回复:0
  • CVE-2022-24958
    CVE-2022-24958
    drivers/usb/gadget/legacy/inode.c in the Linux kernel through 5.16.8 mishandles dev-buf release.……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:8 | 回复:0
  • CVE-2022-24955
    CVE-2022-24955
    Foxit PDF Reader before 11.2.1 and Foxit PDF Editor before 11.2.1 have an Uncontrolled Search Path Element for DLL files.……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:6 | 回复:0
  • CVE-2022-24954
    CVE-2022-24954
    Foxit PDF Reader before 11.2.1 and Foxit PDF Editor before 11.2.1 have a Stack-Based Buffer Overflow related to XFA, for the 'subform colSpan=-2' and 'draw colSpan=1' substrings. ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:6 | 回复:0
  • CVE-2022-23806
    CVE-2022-23806
    Curve.IsOnCurve in crypto/elliptic in Go before 1.16.14 and 1.17.x before 1.17.7 can incorrectly return true in situations with a big.Int value that is not a valid field element.……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:6 | 回复:0
  • CVE-2022-23773
    CVE-2022-23773
    cmd/go in Go before 1.16.14 and 1.17.x before 1.17.7 can misinterpret branch names that falsely appear to be version tags. This can lead to incorrect access control if an actor is supposed to be able ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:6 | 回复:0
  • CVE-2022-23772
    CVE-2022-23772
    Rat.SetString in math/big in Go before 1.16.14 and 1.17.x before 1.17.7 has an overflow that can lead to Uncontrolled Memory Consumption.……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:6 | 回复:0
  • CVE-2022-24647
    CVE-2022-24647
    Cuppa CMS v1.0 was discovered to contain an arbitrary file deletion vulnerability via the unlink() function.……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:6 | 回复:0
  • CVE-2022-24646
    CVE-2022-24646
    Hospital Management System v4.0 was discovered to contain a SQL injection vulnerability in /Hospital-Management-System-master/contact.php via the txtMsg parameters.……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:6 | 回复:0
  • CVE-2021-44970
    CVE-2021-44970
    MiniCMS v1.11 was discovered to contain a cross-site scripting (XSS) vulnerability via /mc-admin/page-edit.php.……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:6 | 回复:0
  • CVE-2021-44969
    CVE-2021-44969
    Taocms v3.0.2 was discovered to contain a cross-site scripting (XSS) vulnerability via the Management Column component.……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:6 | 回复:0

关注我们

极客给你想要的成长

关注极客中国获取最新资讯

热门推荐
阅读排行榜

扫描微信二维码

查看手机版网站

随时了解更新最新资讯

139-2527-9053

在线客服(服务时间 9:00~18:00)

在线QQ客服
地址:深圳市南山区西丽大学城创智工业园
电邮:jeky_zhao#qq.com
移动电话:139-2527-9053

Powered by 互联科技 X3.4© 2001-2213 极客世界.|Sitemap