• 设为首页
  • 点击收藏
  • 手机版
    手机扫一扫访问
    迪恩网络手机版
  • 关注官方公众号
    微信扫一扫关注
    迪恩网络公众号

漏洞

RSS

下级分类:

  • CVE-2022-23563
    CVE-2022-23563
    Tensorflow is an Open Source Machine Learning Framework. In multiple places, TensorFlow uses `tempfile.mktemp` to create temporary files. While this is acceptable in testing, in utilities and librarie ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:27 | 阅读:64 | 回复:0
  • CVE-2022-23562
    CVE-2022-23562
    Tensorflow is an Open Source Machine Learning Framework. The implementation of `Range` suffers from integer overflows. These can trigger undefined behavior or, in some scenarios, extremely large alloc ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:27 | 阅读:54 | 回复:0
  • CVE-2022-23561
    CVE-2022-23561
    Tensorflow is an Open Source Machine Learning Framework. An attacker can craft a TFLite model that would cause a write outside of bounds of an array in TFLite. In fact, the attacker can override the l ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:27 | 阅读:58 | 回复:0
  • CVE-2022-23560
    CVE-2022-23560
    Tensorflow is an Open Source Machine Learning Framework. An attacker can craft a TFLite model that would allow limited reads and writes outside of arrays in TFLite. This exploits missing validation in ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:27 | 阅读:47 | 回复:0
  • CVE-2022-23559
    CVE-2022-23559
    Tensorflow is an Open Source Machine Learning Framework. An attacker can craft a TFLite model that would cause an integer overflow in embedding lookup operations. Both `embedding_size` and `lookup_siz ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:27 | 阅读:33 | 回复:0
  • CVE-2022-23558
    CVE-2022-23558
    Tensorflow is an Open Source Machine Learning Framework. An attacker can craft a TFLite model that would cause an integer overflow in `TfLiteIntArrayCreate`. The `TfLiteIntArrayGetSizeInBytes` returns ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:27 | 阅读:33 | 回复:0
  • CVE-2022-23557
    CVE-2022-23557
    Tensorflow is an Open Source Machine Learning Framework. An attacker can craft a TFLite model that would trigger a division by zero in `BiasAndClamp` implementation. There is no check that the `bias_s ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:27 | 阅读:16 | 回复:0
  • CVE-2022-23379
    CVE-2022-23379
    Emlog v6.0 was discovered to contain a SQL injection vulnerability via the $TagID parameter of getblogidsfromtagid().……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:27 | 阅读:20 | 回复:0
  • CVE-2022-22987
    CVE-2022-22987
    The affected product has a hardcoded private key available inside the project folder, which may allow an attacker to achieve Web Server login and perform further actions.……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:27 | 阅读:21 | 回复:0
  • CVE-2022-22939
    CVE-2022-22939
    VMware Cloud Foundation contains an information disclosure vulnerability due to logging of credentials in plain-text within multiple log files on the SDDC Manager. A malicious actor with root access o ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:27 | 阅读:25 | 回复:0
  • CVE-2022-22804
    CVE-2022-22804
    A CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability exists that could allow an authenticated attacker to view data, change settings, or ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:27 | 阅读:25 | 回复:0
  • CVE-2022-22727
    CVE-2022-22727
    A CWE-20: Improper Input Validation vulnerability exists that could allow an unauthenticated attacker to view data, change settings, impact availability of the software, or potentially impact a user?s ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:27 | 阅读:25 | 回复:0
  • CVE-2022-22726
    CVE-2022-22726
    A CWE-20: Improper Input Validation vulnerability exists that could allow arbitrary files on the server to be read by authenticated users through a limited operating system service account. Affected P ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:27 | 阅读:27 | 回复:0
  • CVE-2022-22725
    CVE-2022-22725
    A CWE-120: Buffer Copy without Checking Size of Input vulnerability exists that could lead to a buffer overflow causing program crashes and arbitrary code execution when specially crafted packets are ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:27 | 阅读:22 | 回复:0
  • CVE-2022-22724
    CVE-2022-22724
    A CWE-400: Uncontrolled Resource Consumption vulnerability exists that could cause a denial of service on ports 80 (HTTP) and 502 (Modbus), when sending a large number of TCP RST or FIN packets to any ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:27 | 阅读:20 | 回复:0
  • CVE-2022-22723
    CVE-2022-22723
    A CWE-120: Buffer Copy without Checking Size of Input vulnerability exists that could lead to a buffer overflow causing program crashes and arbitrary code execution when specially crafted packets are ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:27 | 阅读:20 | 回复:0
  • CVE-2022-22722
    CVE-2022-22722
    A CWE-798: Use of Hard-coded Credentials vulnerability exists that could result in information disclosure. If an attacker were to obtain the SSH cryptographic key for the device and take active contro ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:27 | 阅读:18 | 回复:0
  • CVE-2022-22689
    CVE-2022-22689
    CA Harvest Software Change Manager versions 13.0.3, 13.0.4, 14.0.0, and 14.0.1, contain a vulnerability in the CSV export functionality, due to insufficient input validation, that can allow a privileg ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:27 | 阅读:19 | 回复:0
  • CVE-2022-22150
    CVE-2022-22150
    A memory corruption vulnerability exists in the JavaScript engine of Foxit Software’s PDF Reader, version 11.1.0.52543. A specially-crafted PDF document can trigger an exception which is improperly h ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:27 | 阅读:19 | 回复:0
  • CVE-2022-0498
    CVE-2022-0498
    ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none.……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:27 | 阅读:17 | 回复:0
  • CVE-2022-0487
    CVE-2022-0487
    A use-after-free vulnerability was found in rtsx_usb_ms_drv_remove in drivers/memstick/host/rtsx_usb_ms.c in memstick in the Linux kernel. In this flaw, a local attacker with a user privilege may impa ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:27 | 阅读:17 | 回复:0
  • CVE-2022-0484
    CVE-2022-0484
    Lack of validation of URLs causes Mirantis Container Cloud Lens Extension before v3.1.1 to open external programs other than the default browser to perform sign on to a new cluster. An attacker could ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:27 | 阅读:19 | 回复:0
  • CVE-2022-0481
    CVE-2022-0481
    NULL Pointer Dereference in Homebrew mruby prior to 3.2.……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:27 | 阅读:18 | 回复:0
  • CVE-2022-0472
    CVE-2022-0472
    Unrestricted Upload of File with Dangerous Type in Packagist jsdecena/laracom prior to v2.0.9.……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:27 | 阅读:19 | 回复:0
  • CVE-2022-0381
    CVE-2022-0381
    The Embed Swagger WordPress plugin is vulnerable to Reflected Cross-Site Scripting due to insufficient escaping/sanitization and validation via the url parameter found in the ~/swagger-iframe.php file ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:27 | 阅读:18 | 回复:0
  • CVE-2022-0380
    CVE-2022-0380
    The Fotobook WordPress plugin is vulnerable to Reflected Cross-Site Scripting due to insufficient escaping and the use of $_SERVER found in the ~/options-fotobook.php file which allows attackers to in ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:27 | 阅读:19 | 回复:0
  • CVE-2022-0365
    CVE-2022-0365
    The affected product is vulnerable to an authenticated OS command injection, which may allow an attacker to inject and execute arbitrary shell commands as the Admin (root) user.……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:27 | 阅读:21 | 回复:0
  • CVE-2022-0317
    CVE-2022-0317
    An improper input validation vulnerability in go-attestation before 0.3.3 allows local users to provide a maliciously-formed Quote over no/some PCRs, causing AKPublic.Verify to succeed despite the inc ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:27 | 阅读:20 | 回复:0
  • CVE-2022-0264
    CVE-2022-0264
    A vulnerability was found in the Linux kernel's eBPF verifier when handling internal data structures. Internal memory locations could be returned to userspace. A local attacker with the permission ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:27 | 阅读:19 | 回复:0
  • CVE-2022-0227
    CVE-2022-0227
    ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. Reason: This CVE has been rejected as it was incorrectly assigned. All references and descriptions in this candidate have been removed to prevent acciden ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:27 | 阅读:18 | 回复:0
  • CVE-2022-0218
    CVE-2022-0218
    The WP HTML Mail WordPress plugin is vulnerable to unauthorized access which allows unauthenticated attackers to retrieve and modify theme settings due to a missing capability check on the /themesetti ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:27 | 阅读:20 | 回复:0
  • CVE-2021-4154
    CVE-2021-4154
    A use-after-free flaw was found in cgroup1_parse_param in kernel/cgroup/cgroup-v1.c in the Linux kernel's cgroup v1 parser. A local attacker with a user privilege could cause a privilege escalatio ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:27 | 阅读:20 | 回复:0
  • CVE-2021-4043
    CVE-2021-4043
    NULL Pointer Dereference in GitHub repository gpac/gpac prior to 1.1.0.……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:27 | 阅读:20 | 回复:0
  • CVE-2021-44779
    CVE-2021-44779
    Unauthenticated SQL Injection (SQLi) vulnerability discovered in AutoResponder WordPress plugin (versions = 2.3), vulnerable at (listid). No patched version available, plugin closed.……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:27 | 阅读:19 | 回复:0
  • CVE-2021-44206
    CVE-2021-44206
    Local privilege escalation due to DLL hijacking vulnerability in Acronis Media Builder service. The following products are affected: Acronis Cyber Protect Home Office (Windows) before build 39612, Acr ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:27 | 阅读:27 | 回复:0
  • CVE-2021-44205
    CVE-2021-44205
    Local privilege escalation due to DLL hijacking vulnerability. The following products are affected: Acronis Cyber Protect Home Office (Windows) before build 39612, Acronis True Image 2021 (Windows) be ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:27 | 阅读:28 | 回复:0
  • CVE-2021-44204
    CVE-2021-44204
    Local privilege escalation via named pipe due to improper access control checks. The following products are affected: Acronis Cyber Protect 15 (Windows) before build 28035, Acronis Agent (Windows) bef ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:27 | 阅读:53 | 回复:0
  • CVE-2021-43841
    CVE-2021-43841
    XWiki is a generic wiki platform offering runtime services for applications built on top of it. When using default XWiki configuration, it's possible for an attacker to upload an SVG containing a ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:27 | 阅读:40 | 回复:0
  • CVE-2021-40420
    CVE-2021-40420
    A use-after-free vulnerability exists in the JavaScript engine of Foxit Software’s PDF Reader, version 11.1.0.52543. A specially-crafted PDF document can trigger the reuse of previously freed memory, ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:27 | 阅读:33 | 回复:0
  • CVE-2021-40403
    CVE-2021-40403
    An information disclosure vulnerability exists in the pick-and-place rotation parsing functionality of Gerbv 2.7.0 and dev (commit b5f1eacd), and Gerbv forked 2.8.0. A specially-crafted pick-and-place ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:27 | 阅读:38 | 回复:0

关注我们

极客给你想要的成长

关注极客中国获取最新资讯

热门推荐
阅读排行榜

扫描微信二维码

查看手机版网站

随时了解更新最新资讯

139-2527-9053

在线客服(服务时间 9:00~18:00)

在线QQ客服
地址:深圳市南山区西丽大学城创智工业园
电邮:jeky_zhao#qq.com
移动电话:139-2527-9053

Powered by 互联科技 X3.4© 2001-2213 极客世界.|Sitemap