• 设为首页
  • 点击收藏
  • 手机版
    手机扫一扫访问
    迪恩网络手机版
  • 关注官方公众号
    微信扫一扫关注
    迪恩网络公众号

漏洞

RSS

下级分类:

  • CVE-2021-46485
    CVE-2021-46485
    Jsish v3.5.0 was discovered to contain a SEGV vulnerability via Jsi_ValueIsNumber at src/jsiValue.c. This vulnerability can lead to a Denial of Service (DoS).……
    作者:菜鸟教程小白 | 时间:2022-6-23 07:51 | 阅读:16 | 回复:0
  • CVE-2021-46484
    CVE-2021-46484
    Jsish v3.5.0 was discovered to contain a heap-use-after-free via Jsi_IncrRefCount in src/jsiValue.c. This vulnerability can lead to a Denial of Service (DoS).……
    作者:菜鸟教程小白 | 时间:2022-6-23 07:51 | 阅读:20 | 回复:0
  • CVE-2021-46428
    CVE-2021-46428
    A Remote Code Execution (RCE) vulnerability exists in Sourcecodester Simple Chatbot Application 1.0 ( and previous versions via the bot_avatar parameter in SystemSettings.php.……
    作者:菜鸟教程小白 | 时间:2022-6-23 07:51 | 阅读:22 | 回复:0
  • CVE-2021-46427
    CVE-2021-46427
    An SQL Injection vulnerability exists in Sourcecodester Simple Chatbot Application 1.0 via the message parameter in Master.php.……
    作者:菜鸟教程小白 | 时间:2022-6-23 07:51 | 阅读:23 | 回复:0
  • CVE-2021-46377
    CVE-2021-46377
    There is a front-end sql injection vulnerability in cszcms 1.2.9 via cszcms/controllers/Member.php#viewUser……
    作者:菜鸟教程小白 | 时间:2022-6-23 07:51 | 阅读:26 | 回复:0
  • CVE-2021-46102
    CVE-2021-46102
    From version 0.2.14 to 0.2.16 for Solana rBPF, function relocate in the file src/elf.rs has an integer overflow bug because the sym.st_value is read directly from ELF file without checking. If the sym ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 07:51 | 阅读:24 | 回复:0
  • CVE-2021-46097
    CVE-2021-46097
    Dolphinphp v1.5.0 contains a remote code execution vulnerability in /application/common.php#action_log……
    作者:菜鸟教程小白 | 时间:2022-6-23 07:51 | 阅读:29 | 回复:0
  • CVE-2021-46088
    CVE-2021-46088
    Zabbix 4.0 LTS, 4.2, 4.4, and 5.0 LTS is vulnerable to Remote Code Execution (RCE). Any user with the Zabbix Admin role is able to run custom shell script on the application server in the context of t ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 07:51 | 阅读:31 | 回复:0
  • CVE-2021-46065
    CVE-2021-46065
    A Cross-site scripting (XSS) vulnerability in Secondary Email Field in Zoho ManageEngine ServiceDesk Plus 11.3 Build 11306 allows an attackers to inject arbitrary JavaScript code.……
    作者:菜鸟教程小白 | 时间:2022-6-23 07:51 | 阅读:72 | 回复:0
  • CVE-2022-0348
    CVE-2022-0348
    Cross-site Scripting (XSS) - Stored in Packagist pimcore/pimcore prior to 10.2.……
    作者:菜鸟教程小白 | 时间:2022-6-23 07:51 | 阅读:41 | 回复:0
  • CVE-2021-28096
    CVE-2021-28096
    An issue was discovered in Stormshield SNS before 4.2.3 (when the proxy is used). An attacker can saturate the proxy connection table. This would result in the proxy denying any new connections.……
    作者:菜鸟教程小白 | 时间:2022-6-23 07:51 | 阅读:55 | 回复:0
  • CVE-2022-23181
    CVE-2022-23181
    The fix for bug CVE-2020-9484 introduced a time of check, time of use vulnerability into Apache Tomcat 10.1.0-M1 to 10.1.0-M8, 10.0.0-M5 to 10.0.14, 9.0.35 to 9.0.56 and 8.5.55 to 8.5.73 that allowed ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 07:51 | 阅读:77 | 回复:0
  • CVE-2021-44795
    CVE-2021-44795
    Single Connect does not perform an authorization check when using the sc-assigned-credential-ui module. A remote attacker could exploit this vulnerability to modify users permissions. The exploitation ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 07:51 | 阅读:71 | 回复:0
  • CVE-2021-44794
    CVE-2021-44794
    Single Connect does not perform an authorization check when using the sc-diagnostic-ui module. A remote attacker could exploit this vulnerability to access the device information page. The exploitatio ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 07:51 | 阅读:89 | 回复:0
  • CVE-2021-44793
    CVE-2021-44793
    Single Connect does not perform an authorization check when using the sc-reports-ui module. A remote attacker could exploit this vulnerability to access the device configuration page and export the da ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 07:51 | 阅读:121 | 回复:0
  • CVE-2021-44792
    CVE-2021-44792
    Single Connect does not perform an authorization check when using the log-monitor module. A remote attacker could exploit this vulnerability to access the logging interface. The exploitation of this v ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 07:51 | 阅读:258 | 回复:0
  • CVE-2021-44121
    CVE-2021-44121
    ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none.……
    作者:菜鸟教程小白 | 时间:2022-6-23 07:51 | 阅读:108 | 回复:0
  • CVE-2022-0372
    CVE-2022-0372
    Cross-site Scripting (XSS) - Stored in Packagist bytefury/crater prior to 6.0.2.……
    作者:菜鸟教程小白 | 时间:2022-6-23 07:51 | 阅读:62 | 回复:0
  • CVE-2022-22828
    CVE-2022-22828
    An insecure direct object reference for the file-download URL in Synametrics SynaMan before 5.0 allows a remote attacker to access unshared files via a modified base64-encoded filename string.……
    作者:菜鸟教程小白 | 时间:2022-6-23 07:51 | 阅读:70 | 回复:0
  • CVE-2022-0387
    CVE-2022-0387
    Cross-site Scripting (XSS) - Stored in Packagist remdex/livehelperchat prior to 3.93v.……
    作者:菜鸟教程小白 | 时间:2022-6-23 07:51 | 阅读:46 | 回复:0
  • CVE-2022-0370
    CVE-2022-0370
    Cross-site Scripting (XSS) - Stored in Packagist remdex/livehelperchat prior to 3.93v.……
    作者:菜鸟教程小白 | 时间:2022-6-23 07:51 | 阅读:60 | 回复:0
  • CVE-2022-21723
    CVE-2022-21723
    PJSIP is a free and open source multimedia communication library written in C language implementing standard based protocols such as SIP, SDP, RTP, STUN, TURN, and ICE. In versions 2.11.1 and prior, p ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 07:51 | 阅读:51 | 回复:0
  • CVE-2022-21722
    CVE-2022-21722
    PJSIP is a free and open source multimedia communication library written in C language implementing standard based protocols such as SIP, SDP, RTP, STUN, TURN, and ICE. In version 2.11.1 and prior, th ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 07:51 | 阅读:39 | 回复:0
  • CVE-2021-41166
    CVE-2021-41166
    The Nextcloud Android app is the Android client for Nextcloud, a self-hosted productivity platform. An issue in versions prior to 3.17.1 may lead to sensitive information disclosure. An unauthorized a ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 07:51 | 阅读:36 | 回复:0
  • CVE-2021-32849
    CVE-2021-32849
    Gerapy is a distributed crawler management framework. Prior to version 0.9.9, an authenticated user could execute arbitrary commands. This issue is fixed in version 0.9.9. There are no known workaroun ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 07:51 | 阅读:40 | 回复:0
  • CVE-2021-32841
    CVE-2021-32841
    SharpZipLib (or #ziplib) is a Zip, GZip, Tar and BZip2 library. Starting version 1.3.0 and prior to version 1.3.3, a check was added if the destination file is under destination directory. However, it ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 07:51 | 阅读:52 | 回复:0
  • CVE-2022-23967
    CVE-2022-23967
    In TightVNC 1.3.10, there is an integer signedness error and resultant heap-based buffer overflow in InitialiseRFBConnection in rfbproto.c (for the vncviewer component). There is no check on the size ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 07:51 | 阅读:25 | 回复:0
  • CVE-2021-32842
    CVE-2021-32842
    SharpZipLib (or #ziplib) is a Zip, GZip, Tar and BZip2 library. Starting version 1.0.0 and prior to version 1.3.3, a check was added if the destination file is under a destination directory. However, ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 07:51 | 阅读:30 | 回复:0
  • CVE-2021-32840
    CVE-2021-32840
    SharpZipLib (or #ziplib) is a Zip, GZip, Tar and BZip2 library. Prior to version 1.3.3, a TAR file entry `../evil.txt` may be extracted in the parent directory of `destFolder`. This leads to arbitrary ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 07:51 | 阅读:36 | 回复:0
  • CVE-2022-22852
    CVE-2022-22852
    A Stored Cross Site Scripting (XSS) vulnerability exists in Sourcecodtester Hospital's Patient Records Management System 1.0 via the description parameter in room_list.……
    作者:菜鸟教程小白 | 时间:2022-6-23 07:51 | 阅读:33 | 回复:0
  • CVE-2022-21686
    CVE-2022-21686
    PrestaShop is an Open Source e-commerce platform. Starting with version 1.7.0.0 and ending with version 1.7.8.3, an attacker is able to inject twig code inside the back office when using the legacy la ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 07:51 | 阅读:37 | 回复:0
  • CVE-2022-23993
    CVE-2022-23993
    /usr/local/www/pkg.php in pfSense CE before 2.6.0 and pfSense Plus before 22.01 uses $_REQUEST in a PHP echo call, causing XSS.……
    作者:菜鸟教程小白 | 时间:2022-6-23 07:51 | 阅读:24 | 回复:0
  • CVE-2022-23990
    CVE-2022-23990
    Expat (aka libexpat) before 2.4.4 has an integer overflow in the doProlog function.……
    作者:菜鸟教程小白 | 时间:2022-6-23 07:51 | 阅读:18 | 回复:0
  • CVE-2022-22850
    CVE-2022-22850
    A Stored Cross Site Scripting (XSS) vulnerability exists in Sourcecodtester Hospital's Patient Records Management System 1.0 via the description parameter in room_types.……
    作者:菜鸟教程小白 | 时间:2022-6-23 07:51 | 阅读:10 | 回复:0
  • CVE-2021-46385
    CVE-2021-46385
    https://gitee.com/mingSoft/MCMS MCMS =5.2.5 is affected by: SQL Injection. The impact is: obtain sensitive information (remote). The component is: net.mingsoft.mdiy.action.FormDataAction#queryData. Th ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 07:51 | 阅读:13 | 回复:0
  • CVE-2021-46114
    CVE-2021-46114
    jpress v 4.2.0 is vulnerable to RCE via io.jpress.module.product.ProductNotifyKit#doSendEmail. The admin panel provides a function through which attackers can edit the email templates and inject some ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 07:51 | 阅读:14 | 回复:0
  • CVE-2022-0368
    CVE-2022-0368
    Out-of-bounds Read in GitHub repository vim/vim prior to 8.2.……
    作者:菜鸟教程小白 | 时间:2022-6-23 07:51 | 阅读:12 | 回复:0
  • CVE-2021-46561
    CVE-2021-46561
    controller/org.controller/org.controller.js in the CVE Services API 1.1.1 before 5c50baf3bda28133a3bc90b854765a64fb538304 allows an organizational administrator to transfer a user account to an arbitr ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 07:51 | 阅读:12 | 回复:0
  • CVE-2021-29846
    CVE-2021-29846
    IBM Security Guardium Insights 3.0 could allow an authenticated user to obtain sensitive information due to insufficient session expiration. IBM X-Force ID: 205256.……
    作者:菜鸟教程小白 | 时间:2022-6-23 07:51 | 阅读:12 | 回复:0
  • CVE-2021-29845
    CVE-2021-29845
    IBM Security Guardium Insights 3.0 could allow an authenticated user to perform unauthorized actions due to improper input validation. IBM X-Force ID: 205255.……
    作者:菜鸟教程小白 | 时间:2022-6-23 07:51 | 阅读:12 | 回复:0

关注我们

极客给你想要的成长

关注极客中国获取最新资讯

热门推荐
阅读排行榜

扫描微信二维码

查看手机版网站

随时了解更新最新资讯

139-2527-9053

在线客服(服务时间 9:00~18:00)

在线QQ客服
地址:深圳市南山区西丽大学城创智工业园
电邮:jeky_zhao#qq.com
移动电话:139-2527-9053

Powered by 互联科技 X3.4© 2001-2213 极客世界.|Sitemap