• 设为首页
  • 点击收藏
  • 手机版
    手机扫一扫访问
    迪恩网络手机版
  • 关注官方公众号
    微信扫一扫关注
    迪恩网络公众号

漏洞

RSS

下级分类:

  • CVE-2022-0509
    CVE-2022-0509
    Cross-site Scripting (XSS) - Stored in Packagist pimcore/pimcore prior to 10.3.1.……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:27 | 阅读:17 | 回复:0
  • CVE-2022-22146
    CVE-2022-22146
    Cross-site scripting vulnerability in TransmitMail 2.5.0 to 2.6.1 allows a remote unauthenticated attacker to inject an arbitrary script via unspecified vectors.……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:27 | 阅读:15 | 回复:0
  • CVE-2022-22142
    CVE-2022-22142
    Reflected cross-site scripting vulnerability in the checkbox of php_mailform versions prior to Version 1.40 allows a remote unauthenticated attacker to inject an arbitrary script via unspecified vecto ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:27 | 阅读:17 | 回复:0
  • CVE-2022-21805
    CVE-2022-21805
    Reflected cross-site scripting vulnerability in the attached file name of php_mailform versions prior to Version 1.40 allows a remote unauthenticated attacker to inject an arbitrary script via unspeci ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:27 | 阅读:17 | 回复:0
  • CVE-2022-21799
    CVE-2022-21799
    Cross-site scripting vulnerability in ELECOM LAN router WRC-300FEBK-R firmware v1.13 and earlier allows an attacker on the adjacent network to inject an arbitrary script via unspecified vectors.……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:27 | 阅读:17 | 回复:0
  • CVE-2022-21241
    CVE-2022-21241
    Cross-site scripting vulnerability in CSV+ prior to 0.8.1 allows a remote unauthenticated attacker to inject an arbitrary script or an arbitrary OS command via a specially crafted CSV file that contai ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:27 | 阅读:18 | 回复:0
  • CVE-2022-21193
    CVE-2022-21193
    Directory traversal vulnerability in TransmitMail 2.5.0 to 2.6.1 allows a remote unauthenticated attacker to obtain an arbitrary file on the server via unspecified vectors.……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:27 | 阅读:14 | 回复:0
  • CVE-2022-21173
    CVE-2022-21173
    Hidden functionality vulnerability in ELECOM LAN routers (WRH-300BK3 firmware v1.05 and earlier, WRH-300WH3 firmware v1.05 and earlier, WRH-300BK3-S firmware v1.05 and earlier, WRH-300DR3-S firmware v ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:27 | 阅读:21 | 回复:0
  • CVE-2022-0508
    CVE-2022-0508
    Server-Side Request Forgery (SSRF) in GitHub repository chocobozzz/peertube prior to f33e515991a32885622b217bf2ed1d1b0d9d6832……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:27 | 阅读:20 | 回复:0
  • CVE-2021-20877
    CVE-2021-20877
    Cross-site scripting vulnerability in Canon laser printers and small office multifunctional printers (LBP162L/LBP162, MF4890dw, MF269dw/MF265dw/MF264dw/MF262dw, MF249dw/MF245dw/MF244dw/MF242dw/MF232w, ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:27 | 阅读:20 | 回复:0
  • CVE-2022-0506
    CVE-2022-0506
    Cross-site Scripting (XSS) - Stored in Packagist microweber/microweber prior to 1.2.11.……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:27 | 阅读:16 | 回复:0
  • CVE-2022-0505
    CVE-2022-0505
    Cross-Site Request Forgery (CSRF) in Packagist microweber/microweber prior to 1.2.11.……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:27 | 阅读:17 | 回复:0
  • CVE-2022-0504
    CVE-2022-0504
    Generation of Error Message Containing Sensitive Information in Packagist microweber/microweber prior to 1.2.11.……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:27 | 阅读:16 | 回复:0
  • CVE-2022-24450
    CVE-2022-24450
    NATS nats-server before 2.7.2 has Incorrect Access Control. Any authenticated user can obtain the privileges of the System account by misusing the dynamically provisioned sandbox accounts feature.……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:27 | 阅读:14 | 回复:0
  • CVE-2022-23624
    CVE-2022-23624
    Frourio-express is a minimal full stack framework, for TypeScript. Frourio-express users who uses frourio-express version prior to v0.26.0 and integration with class-validator through `validators/` fo ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:27 | 阅读:14 | 回复:0
  • CVE-2022-23623
    CVE-2022-23623
    Frourio is a full stack framework, for TypeScript. Frourio users who uses frourio version prior to v0.26.0 and integration with class-validator through `validators/` folder are subject to a input vali ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:27 | 阅读:15 | 回复:0
  • CVE-2022-23613
    CVE-2022-23613
    xrdp is an open source remote desktop protocol (RDP) server. In affected versions an integer underflow leading to a heap overflow in the sesman server allows any unauthenticated attacker which is able ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:27 | 阅读:14 | 回复:0
  • CVE-2022-21712
    CVE-2022-21712
    twisted is an event-driven networking engine written in Python. In affected versions twisted exposes cookies and authorization headers when following cross-origin redirects. This issue is present in t ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:27 | 阅读:14 | 回复:0
  • CVE-2021-45281
    CVE-2021-45281
    QuickBox Pro v2.4.8 contains a cross-site scripting (XSS) vulnerability at adminuseredit.php?usertoedit=XSS, as the user supplied input for the value of this parameter is not properly sanitized.……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:27 | 阅读:14 | 回复:0
  • CVE-2021-3861
    CVE-2021-3861
    The RNDIS USB device class includes a buffer overflow vulnerability. Zephyr versions = v2.6.0 contain Heap-based Buffer Overflow (CWE-122). For more information, see https://github.com/zephyrproject-r ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:27 | 阅读:15 | 回复:0
  • CVE-2021-3835
    CVE-2021-3835
    Buffer overflow in usb device class. Zephyr versions = v2.6.0 contain Heap-based Buffer Overflow (CWE-122). For more information, see https://github.com/zephyrproject-rtos/zephyr/security/advisories/G ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:27 | 阅读:14 | 回复:0
  • CVE-2022-21816
    CVE-2022-21816
    NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager (nvidia.ko), where a user in the guest OS can cause a GPU interrupt storm on the hypervisor host, leading to a denial of servic ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:27 | 阅读:15 | 回复:0
  • CVE-2022-21815
    CVE-2022-21815
    NVIDIA GPU Display Driver for Windows contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for private IOCTLs where a NULL pointer dereference in the kernel, created within user mo ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:27 | 阅读:14 | 回复:0
  • CVE-2022-21814
    CVE-2022-21814
    NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel driver package, where improper handling of insufficient permissions or privileges may allow an unprivileged local user limite ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:27 | 阅读:14 | 回复:0
  • CVE-2022-21813
    CVE-2022-21813
    NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel driver, where improper handling of insufficient permissions or privileges may allow an unprivileged local user limited write ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:27 | 阅读:13 | 回复:0
  • CVE-2022-22931
    CVE-2022-22931
    Fix of CVE-2021-40525 do not prepend delimiters upon valid directory validations. Affected implementations include: - maildir mailbox store - Sieve file repository This enables a user to access other ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:27 | 阅读:17 | 回复:0
  • CVE-2021-42833
    CVE-2021-42833
    A Use of Hardcoded Credentials vulnerability exists in AquaView versions 1.60, 7.x, and 8.x that could allow an authenticated local attacker to manipulate users and system settings.……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:27 | 阅读:15 | 回复:0
  • CVE-2022-23263
    CVE-2022-23263
    Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-23262.……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:27 | 阅读:15 | 回复:0
  • CVE-2022-23262
    CVE-2022-23262
    Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-23263.……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:27 | 阅读:15 | 回复:0
  • CVE-2022-23261
    CVE-2022-23261
    Microsoft Edge (Chromium-based) Tampering Vulnerability.……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:27 | 阅读:16 | 回复:0
  • CVE-2022-0149
    CVE-2022-0149
    The WooCommerce Stored Exporter WordPress plugin before 2.7.1 was affected by a Reflected Cross-Site Scripting (XSS) vulnerability in the woo_ce admin page.……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:27 | 阅读:15 | 回复:0
  • CVE-2022-0148
    CVE-2022-0148
    The All-in-one Floating Contact Form, Call, Chat, and 50+ Social Icon Tabs WordPress plugin before 2.0.4 was vulnerable to reflected XSS on the my-sticky-elements-leads admin page.……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:27 | 阅读:16 | 回复:0
  • CVE-2021-25114
    CVE-2021-25114
    The Paid Memberships Pro WordPress plugin before 2.6.7 does not escape the discount_code in one of its REST route (available to unauthenticated users) before using it in a SQL statement, leading to a ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:27 | 阅读:16 | 回复:0
  • CVE-2021-25108
    CVE-2021-25108
    The IP2Location Country Blocker WordPress plugin before 2.26.6 does not have CSRF check in the ip2location_country_blocker_save_rules AJAX action, allowing attackers to make a logged in admin block ar ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:27 | 阅读:18 | 回复:0
  • CVE-2021-25106
    CVE-2021-25106
    The Privacy Policy Generator, Terms Conditions Generator WordPress Plugin : WPLegalPages WordPress plugin before 2.7.1 does not check for authorisation and has a flawed CSRF logic when saving its set ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:27 | 阅读:18 | 回复:0
  • CVE-2021-25105
    CVE-2021-25105
    The Ivory Search WordPress plugin before 5.4.1 does not escape some of the Form settings, which could allow high privilege users to perform Cross-Site Scripting attacks even when the unfiltered_html c ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:27 | 阅读:19 | 回复:0
  • CVE-2021-25103
    CVE-2021-25103
    The Translate WordPress with GTranslate WordPress plugin before 2.9.7 does not sanitise and escape the body parameter in the url_addon/gtranslate-email.php file before outputting it back in the page, ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:27 | 阅读:18 | 回复:0
  • CVE-2021-25096
    CVE-2021-25096
    The IP2Location Country Blocker WordPress plugin before 2.26.5 bans can be bypassed by using a specific parameter in the URL……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:27 | 阅读:25 | 回复:0
  • CVE-2021-25095
    CVE-2021-25095
    The IP2Location Country Blocker WordPress plugin before 2.26.5 does not have authorisation and CSRF checks in the ip2location_country_blocker_save_rules AJAX action, allowing any authenticated users, ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:27 | 阅读:24 | 回复:0
  • CVE-2021-25084
    CVE-2021-25084
    The Advanced Cron Manager WordPress plugin before 2.4.2 and Advanced Cron Manager Pro WordPress plugin before 2.5.3 do not have authorisation checks in some of their AJAX actions, allowing any authent ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:27 | 阅读:26 | 回复:0

关注我们

极客给你想要的成长

关注极客中国获取最新资讯

热门推荐
阅读排行榜

扫描微信二维码

查看手机版网站

随时了解更新最新资讯

139-2527-9053

在线客服(服务时间 9:00~18:00)

在线QQ客服
地址:深圳市南山区西丽大学城创智工业园
电邮:jeky_zhao#qq.com
移动电话:139-2527-9053

Powered by 互联科技 X3.4© 2001-2213 极客世界.|Sitemap