• 设为首页
  • 点击收藏
  • 手机版
    手机扫一扫访问
    迪恩网络手机版
  • 关注官方公众号
    微信扫一扫关注
    迪恩网络公众号

漏洞

RSS

下级分类:

  • CVE-2021-29838
    CVE-2021-29838
    IBM Security Guardium Insights 3.0 could allow a remote attacker to obtain sensitive information, caused by the failure to properly enable HTTP Strict Transport Security. An attacker could exploit thi ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 07:51 | 阅读:12 | 回复:0
  • CVE-2021-46386
    CVE-2021-46386
    https://gitee.com/mingSoft/MCMS MCMS =5.2.5 is affected by: File Upload. The impact is: execute arbitrary code (remote). The component is: net.mingsoft.basic.action.web.FileAction#upload. The attack v ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 07:51 | 阅读:14 | 回复:0
  • CVE-2021-46383
    CVE-2021-46383
    https://gitee.com/mingSoft/MCMS MCMS =5.2.5 is affected by: SQL Injection. The impact is: obtain sensitive information (remote). The component is: net.mingsoft.mdiy.action.web.DictAction#list. The att ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 07:51 | 阅读:13 | 回复:0
  • CVE-2021-46118
    CVE-2021-46118
    jpress 4.2.0 is vulnerable to remote code execution via io.jpress.module.article.kit.ArticleNotifyKit#doSendEmail. The admin panel provides a function through which attackers can edit the email templa ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 07:51 | 阅读:12 | 回复:0
  • CVE-2021-46116
    CVE-2021-46116
    jpress 4.2.0 is vulnerable to remote code execution via io.jpress.web.admin._TemplateController#doInstall. The admin panel provides a function through which attackers can install templates and inject ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 07:51 | 阅读:13 | 回复:0
  • CVE-2021-46115
    CVE-2021-46115
    jpress 4.2.0 is vulnerable to RCE via io.jpress.web.admin._TemplateController#doUploadFile. The admin panel provides a function through which attackers can upload templates and inject some malicious c ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 07:51 | 阅读:12 | 回复:0
  • CVE-2022-22851
    CVE-2022-22851
    A Stored Cross Site Scripting (XSS) vulnerability exists in Sourcecodtester Hospital's Patient Records Management System 1.0 via the specialization parameter in doctors.php……
    作者:菜鸟教程小白 | 时间:2022-6-23 07:51 | 阅读:13 | 回复:0
  • CVE-2022-0379
    CVE-2022-0379
    Cross-site Scripting (XSS) - Stored in Packagist microweber/microweber prior to 1.2.11.……
    作者:菜鸟教程小白 | 时间:2022-6-23 07:51 | 阅读:14 | 回复:0
  • CVE-2022-0378
    CVE-2022-0378
    Cross-site Scripting (XSS) - Reflected in Packagist microweber/microweber prior to 1.2.11.……
    作者:菜鸟教程小白 | 时间:2022-6-23 07:51 | 阅读:15 | 回复:0
  • CVE-2021-46117
    CVE-2021-46117
    jpress 4.2.0 is vulnerable to remote code execution via io.jpress.module.page.PageNotifyKit#doSendEmail. The admin panel provides a function through which attackers can edit the email templates and in ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 07:51 | 阅读:13 | 回复:0
  • CVE-2021-44692
    CVE-2021-44692
    BuddyBoss Platform through 1.8.0 allows remote attackers to obtain the email address of each user. When creating a new user, it generates a Unique ID for their profile. This UID is their private email ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 07:51 | 阅读:15 | 回复:0
  • CVE-2021-43334
    CVE-2021-43334
    BuddyBoss Platform through 1.8.0 allows XSS via the Group Name or Group Description field.……
    作者:菜鸟教程小白 | 时间:2022-6-23 07:51 | 阅读:13 | 回复:0
  • CVE-2021-45975
    CVE-2021-45975
    In ListCheck.exe in Acer Care Center 4.x before 4.00.3038, a vulnerability in the loading mechanism of Windows DLLs could allow a local attacker to perform a DLL hijacking attack. This vulnerability i ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 07:51 | 阅读:13 | 回复:0
  • CVE-2021-22600
    CVE-2021-22600
    A double free bug in packet_set_ring() in net/packet/af_packet.c can be exploited by a local user through crafted syscalls to escalate privileges or deny service. We recommend upgrading kernel past th ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 07:51 | 阅读:16 | 回复:0
  • CVE-2021-22570
    CVE-2021-22570
    Nullptr dereference when a null char is present in a proto symbol. The symbol is parsed incorrectly, leading to an unchecked call into the proto file's name during generation of the resulting erro ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 07:51 | 阅读:15 | 回复:0
  • CVE-2022-0362
    CVE-2022-0362
    SQL Injection in Packagist showdoc/showdoc prior to 2.10.3.……
    作者:菜鸟教程小白 | 时间:2022-6-23 07:51 | 阅读:18 | 回复:0
  • CVE-2022-0361
    CVE-2022-0361
    Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2.……
    作者:菜鸟教程小白 | 时间:2022-6-23 07:51 | 阅读:18 | 回复:0
  • CVE-2022-0203
    CVE-2022-0203
    Improper Access Control in GitHub repository crater-invoice/crater prior to 6.0.2.……
    作者:菜鸟教程小白 | 时间:2022-6-23 07:51 | 阅读:16 | 回复:0
  • CVE-2022-0359
    CVE-2022-0359
    Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2.……
    作者:菜鸟教程小白 | 时间:2022-6-23 07:51 | 阅读:32 | 回复:0
  • CVE-2021-44123
    CVE-2021-44123
    SPIP 4.0.0 is affected by a remote command execution vulnerability. To exploit the vulnerability, an attacker must craft a malicious picture with a double extension, upload it and then click on it to ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 07:51 | 阅读:28 | 回复:0
  • CVE-2021-44122
    CVE-2021-44122
    SPIP 4.0.0 is affected by a Cross Site Request Forgery (CSRF) vulnerability in ecrire/public/aiguiller.php, ecrire/public/balises.php, ecrire/balise/formulaire_.php. To exploit the vulnerability, a vi ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 07:51 | 阅读:31 | 回复:0
  • CVE-2021-44120
    CVE-2021-44120
    SPIP 4.0.0 is affected by a Cross Site Scripting (XSS) vulnerability in ecrire/public/interfaces.php, adding the function safehtml to the vulnerable fields. An editor is able to modify his personal in ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 07:51 | 阅读:51 | 回复:0
  • CVE-2021-44118
    CVE-2021-44118
    SPIP 4.0.0 is affected by a Cross Site Scripting (XSS) vulnerability. To exploit the vulnerability, a visitor must browse to a malicious SVG file. The vulnerability allows an authenticated attacker to ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 07:51 | 阅读:62 | 回复:0
  • CVE-2022-22932
    CVE-2022-22932
    Apache Karaf obr:* commands and run goal on the karaf-maven-plugin have partial path traversal which allows to break out of expected folder. The risk is low as obr:* commands are not very used and the ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 07:51 | 阅读:59 | 回复:0
  • CVE-2022-0251
    CVE-2022-0251
    Cross-site Scripting (XSS) - Stored in GitHub repository pimcore/pimcore prior to 10.2.10.……
    作者:菜鸟教程小白 | 时间:2022-6-23 07:51 | 阅读:54 | 回复:0
  • CVE-2021-41766
    CVE-2021-41766
    Apache Karaf allows monitoring of applications and the Java runtime by using the Java Management Extensions (JMX). JMX is a Java RMI based technology that relies on Java serialized objects for client ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 07:51 | 阅读:69 | 回复:0
  • CVE-2022-0375
    CVE-2022-0375
    Cross-site Scripting (XSS) - Stored in Packagist remdex/livehelperchat prior to 3.93v.……
    作者:菜鸟教程小白 | 时间:2022-6-23 07:51 | 阅读:96 | 回复:0
  • CVE-2022-0374
    CVE-2022-0374
    Cross-site Scripting (XSS) - Stored in Packagist remdex/livehelperchat prior to 3.93v.……
    作者:菜鸟教程小白 | 时间:2022-6-23 07:51 | 阅读:46 | 回复:0
  • CVE-2022-21944
    CVE-2022-21944
    A UNIX Symbolic Link (Symlink) Following vulnerability in the systemd service file for watchman of openSUSE Backports SLE-15-SP3, Factory allows local attackers to escalate to root. This issue affects ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 07:51 | 阅读:41 | 回复:0
  • CVE-2022-23968
    CVE-2022-23968
    Xerox VersaLink devices on specific versions of firmware before 2022-01-26 allow remote attackers to brick the device via a crafted TIFF file in an unauthenticated HTTP POST request. There is a perman ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 07:51 | 阅读:52 | 回复:0
  • CVE-2019-25056
    CVE-2019-25056
    In Bromite through 78.0.3904.130, there are adblock rules in the release APK; therefore, probing which resources are blocked and which aren't can identify the application version and defeat the Us ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 07:51 | 阅读:42 | 回复:0
  • CVE-2022-0355
    CVE-2022-0355
    Exposure of Sensitive Information to an Unauthorized Actor in NPM simple-get prior to 4.0.1.……
    作者:菜鸟教程小白 | 时间:2022-6-23 07:51 | 阅读:30 | 回复:0
  • CVE-2021-46560
    CVE-2021-46560
    The firmware on Moxa TN-5900 devices through 3.1 allows command injection that could lead to device damage.……
    作者:菜鸟教程小白 | 时间:2022-6-23 07:51 | 阅读:29 | 回复:0
  • CVE-2021-46559
    CVE-2021-46559
    The firmware on Moxa TN-5900 devices through 3.1 has a weak algorithm that allows an attacker to defeat an inspection mechanism for integrity protection.……
    作者:菜鸟教程小白 | 时间:2022-6-23 07:51 | 阅读:26 | 回复:0
  • CVE-2022-23959
    CVE-2022-23959
    In Varnish Cache before 6.6.2 and 7.x before 7.0.2, Varnish Cache 6.0 LTS before 6.0.10, and and Varnish Enterprise (Cache Plus) 4.1.x before 4.1.11r6 and 6.0.x before 6.0.9r4, request smuggling can o ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 07:51 | 阅读:25 | 回复:0
  • CVE-2021-36348
    CVE-2021-36348
    iDRAC9 versions prior to 5.00.20.00 contain an input injection vulnerability. A remote authenticated malicious user with low privileges may potentially exploit this vulnerability to cause information ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 07:51 | 阅读:18 | 回复:0
  • CVE-2021-36347
    CVE-2021-36347
    iDRAC9 versions prior to 5.00.20.00 and iDRAC8 versions prior to 2.82.82.82 contain a stack-based buffer overflow vulnerability. An authenticated remote attacker with high privileges could potentially ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 07:51 | 阅读:19 | 回复:0
  • CVE-2021-36346
    CVE-2021-36346
    Dell iDRAC 8 prior to version 2.82.82.82 contain a denial of service vulnerability. An unauthenticated remote attacker could potentially exploit this vulnerability to deny access to the iDRAC webserve ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 07:51 | 阅读:22 | 回复:0
  • CVE-2021-36296
    CVE-2021-36296
    Dell VNX2 OE for File versions 8.1.21.266 and earlier, contain an authenticated remote code execution vulnerability. A remote malicious user with privileges may exploit this vulnerability to execute c ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 07:51 | 阅读:19 | 回复:0
  • CVE-2021-36295
    CVE-2021-36295
    Dell VNX2 OE for File versions 8.1.21.266 and earlier, contain an authenticated remote code execution vulnerability. A remote malicious user with privileges may exploit this vulnerability to execute c ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 07:51 | 阅读:15 | 回复:0

关注我们

极客给你想要的成长

关注极客中国获取最新资讯

热门推荐
阅读排行榜

扫描微信二维码

查看手机版网站

随时了解更新最新资讯

139-2527-9053

在线客服(服务时间 9:00~18:00)

在线QQ客服
地址:深圳市南山区西丽大学城创智工业园
电邮:jeky_zhao#qq.com
移动电话:139-2527-9053

Powered by 互联科技 X3.4© 2001-2213 极客世界.|Sitemap