• 设为首页
  • 点击收藏
  • 手机版
    手机扫一扫访问
    迪恩网络手机版
  • 关注官方公众号
    微信扫一扫关注
    迪恩网络公众号

漏洞

RSS

下级分类:

  • CVE-2022-0538
    CVE-2022-0538
    Jenkins 2.333 and earlier, LTS 2.319.2 and earlier defines custom XStream converters that have not been updated to apply the protections for the vulnerability CVE-2021-43859 and allow unconstrained re ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:27 | 阅读:117 | 回复:0
  • CVE-2021-46360
    CVE-2021-46360
    Authenticated remote code execution (RCE) in Composr-CMS 10.0.39 and earlier allows remote attackers to execute arbitrary code via uploading a PHP shell through /adminzone/index.php?page=admin-command ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:27 | 阅读:86 | 回复:0
  • CVE-2021-46354
    CVE-2021-46354
    Thinfinity VirtualUI 2.1.28.0, 2.1.32.1 and 2.5.26.2, fixed in version 3.0 is affected by an information disclosure vulnerability in the parameter Addr in cmd site. The ability to send requests to oth ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:27 | 阅读:82 | 回复:0
  • CVE-2022-23378
    CVE-2022-23378
    A Cross-Site Scripting (XSS) vulnerability exists within the 3.2.2 version of TastyIgniter. The items%5B0%5D%5Bpath%5D parameter of a request made to /admin/allergens/edit/1 is vulnerable.……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:27 | 阅读:84 | 回复:0
  • CVE-2021-40837
    CVE-2021-40837
    A vulnerability affecting F-Secure antivirus engine before Capricorn update 2022-02-01_01 was discovered whereby decompression of ACE file causes the scanner service to stop. The vulnerability can be ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:27 | 阅读:55 | 回复:0
  • CVE-2021-25939
    CVE-2021-25939
    In ArangoDB, versions v3.7.0 through v3.9.0-alpha.1 have a feature which allows downloading a Foxx service from a publicly available URL. This feature does not enforce proper filtering of requests per ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:27 | 阅读:59 | 回复:0
  • CVE-2022-0536
    CVE-2022-0536
    Exposure of Sensitive Information to an Unauthorized Actor in NPM follow-redirects prior to 1.14.8.……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:27 | 阅读:64 | 回复:0
  • CVE-2021-37852
    CVE-2021-37852
    ESET products for Windows allows untrusted process to impersonate the client of a pipe, which can be leveraged by attacker to escalate privileges in the context of NT AUTHORITY\SYSTEM.……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:27 | 阅读:58 | 回复:0
  • CVE-2022-24694
    CVE-2022-24694
    In Mahara 20.10 before 20.10.4, 21.04 before 21.04.3, and 21.10 before 21.10.1, the names of folders in the Files area can be seen by a person not owning the folders. (Only folder names are affected. ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:27 | 阅读:74 | 回复:0
  • CVE-2022-0527
    CVE-2022-0527
    Cross-site Scripting (XSS) - Stored in GitHub repository chatwoot/chatwoot prior to 2.2.0.……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:27 | 阅读:84 | 回复:0
  • CVE-2022-0526
    CVE-2022-0526
    Cross-site Scripting (XSS) - Stored in GitHub repository chatwoot/chatwoot prior to 2.2.0.……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:27 | 阅读:81 | 回复:0
  • CVE-2022-24682
    CVE-2022-24682
    An issue was discovered in the Calendar feature in Zimbra Collaboration Suite 8.8.x before 8.8.15 patch 30 (update 1), as exploited in the wild starting in December 2021. An attacker could place HTML ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:27 | 阅读:164 | 回复:0
  • CVE-2022-0525
    CVE-2022-0525
    Out-of-bounds Read in Homebrew mruby prior to 3.2.……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:27 | 阅读:76 | 回复:0
  • CVE-2022-24677
    CVE-2022-24677
    Admin.php in HYBBS2 through 2.3.2 allows remote code execution because it writes plugin-related configuration information to conf.php.……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:27 | 阅读:73 | 回复:0
  • CVE-2022-24676
    CVE-2022-24676
    update_code in Admin.php in HYBBS2 through 2.3.2 allows arbitrary file upload via a crafted ZIP archive.……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:27 | 阅读:92 | 回复:0
  • CVE-2022-23627
    CVE-2022-23627
    ArchiSteamFarm (ASF) is a C# application with primary purpose of idling Steam cards from multiple accounts simultaneously. Due to a bug in ASF code, introduced in version V5.2.2.2, the program didn&#3 ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:27 | 阅读:63 | 回复:0
  • CVE-2021-45919
    CVE-2021-45919
    Studio 42 elFinder through 2.1.31 allows XSS via an SVG document.……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:27 | 阅读:65 | 回复:0
  • CVE-2021-45329
    CVE-2021-45329
    Cross Site Scripting (XSS) vulnerability exists in Gitea before 1.5.1 via the repository settings inside the external wiki/issue tracker URL field.……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:27 | 阅读:81 | 回复:0
  • CVE-2022-23626
    CVE-2022-23626
    m1k1o/blog is a lightweight self-hosted facebook-styled PHP blog. Errors from functions `imagecreatefrom*` and `image*` have not been checked properly. Although PHP issued warnings and the upload func ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:27 | 阅读:99 | 回复:0
  • CVE-2022-0524
    CVE-2022-0524
    Business Logic Errors in GitHub repository publify/publify prior to 9.2.7.……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:27 | 阅读:103 | 回复:0
  • CVE-2022-21713
    CVE-2022-21713
    Grafana is an open-source platform for monitoring and observability. Affected versions of Grafana expose multiple API endpoints which do not properly handle user authorization. `/teams/:teamId` will a ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:27 | 阅读:214 | 回复:0
  • CVE-2022-21703
    CVE-2022-21703
    Grafana is an open-source platform for monitoring and observability. Affected versions are subject to a cross site request forgery vulnerability which allows attackers to elevate their privileges by m ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:27 | 阅读:116 | 回复:0
  • CVE-2022-0523
    CVE-2022-0523
    Expired Pointer Dereference in GitHub repository radareorg/radare2 prior to 5.6.2.……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:27 | 阅读:76 | 回复:0
  • CVE-2022-0522
    CVE-2022-0522
    Access of Memory Location Before Start of Buffer in NPM radare2.js prior to 5.6.2.……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:27 | 阅读:76 | 回复:0
  • CVE-2022-0521
    CVE-2022-0521
    Access of Memory Location After End of Buffer in GitHub repository radareorg/radare2 prior to 5.6.2.……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:27 | 阅读:52 | 回复:0
  • CVE-2022-0520
    CVE-2022-0520
    Use After Free in NPM radare2.js prior to 5.6.2.……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:27 | 阅读:59 | 回复:0
  • CVE-2022-0519
    CVE-2022-0519
    Buffer Access with Incorrect Length Value in GitHub repository radareorg/radare2 prior to 5.6.2.……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:27 | 阅读:59 | 回复:0
  • CVE-2022-0518
    CVE-2022-0518
    Heap-based Buffer Overflow in GitHub repository radareorg/radare2 prior to 5.6.2.……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:27 | 阅读:42 | 回复:0
  • CVE-2022-21702
    CVE-2022-21702
    Grafana is an open-source platform for monitoring and observability. In affected versions an attacker could serve HTML content thru the Grafana datasource or plugin proxy and trick a user to visit thi ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:27 | 阅读:37 | 回复:0
  • CVE-2022-0139
    CVE-2022-0139
    Use After Free in GitHub repository radareorg/radare2 prior to 5.6.0.……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:27 | 阅读:32 | 回复:0
  • CVE-2021-45328
    CVE-2021-45328
    Gitea before 1.4.3 is affected by URL Redirection to Untrusted Site ('Open Redirect') via internal URLs.……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:27 | 阅读:33 | 回复:0
  • CVE-2022-0510
    CVE-2022-0510
    Cross-site Scripting (XSS) - Reflected in Packagist pimcore/pimcore prior to 10.3.1.……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:27 | 阅读:26 | 回复:0
  • CVE-2021-45327
    CVE-2021-45327
    Gitea before 1.11.2 is affected by Trusting HTTP Permission Methods on the Server Side when referencing the vulnerable admin or user API. which could let a remote malisious user execute arbitrary code ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:27 | 阅读:20 | 回复:0
  • CVE-2021-45326
    CVE-2021-45326
    Cross Site Request Forgery (CSRF) vulnerability exists in Gitea before 1.5.2 via API routes.This can be dangerous especially with state altering POST requests.……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:27 | 阅读:19 | 回复:0
  • CVE-2021-45325
    CVE-2021-45325
    Server Side Request Forgery (SSRF) vulneraility exists in Gitea before 1.7.0 using the OpenID URL.……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:27 | 阅读:15 | 回复:0
  • CVE-2021-44957
    CVE-2021-44957
    Global buffer overflow vulnerability exist in ffjpeg through 01.01.2021. It is similar to CVE-2020-23705. Issue is in the jfif_encode function at ffjpeg/src/jfif.c (line 708) could cause a Denial of S ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:27 | 阅读:16 | 回复:0
  • CVE-2021-44956
    CVE-2021-44956
    Two Heap based buffer overflow vulnerabilities exist in ffjpeg through 01.01.2021. It is similar to CVE-2020-23852. Issues that are in the jfif_decode function at ffjpeg/src/jfif.c (line 552) could ca ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:27 | 阅读:17 | 回复:0
  • CVE-2021-44864
    CVE-2021-44864
    TP-Link WR886N 3.0 1.0.1 Build 150127 Rel.34123n is vulnerable to Buffer Overflow. Authenticated attackers can crash router httpd services via /userRpm/PingIframeRpm.htm request which contains redunda ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:27 | 阅读:18 | 回复:0
  • CVE-2022-23340
    CVE-2022-23340
    Joplin 2.6.10 allows remote attackers to execute system commands through malicious code in user search results.……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:27 | 阅读:20 | 回复:0
  • CVE-2022-23331
    CVE-2022-23331
    In DataEase v1.6.1, an authenticated user can gain unauthorized access to all user information and can change the administrator password.……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:27 | 阅读:18 | 回复:0

关注我们

极客给你想要的成长

关注极客中国获取最新资讯

热门推荐
阅读排行榜

扫描微信二维码

查看手机版网站

随时了解更新最新资讯

139-2527-9053

在线客服(服务时间 9:00~18:00)

在线QQ客服
地址:深圳市南山区西丽大学城创智工业园
电邮:jeky_zhao#qq.com
移动电话:139-2527-9053

Powered by 互联科技 X3.4© 2001-2213 极客世界.|Sitemap