• 设为首页
  • 点击收藏
  • 手机版
    手机扫一扫访问
    迪恩网络手机版
  • 关注官方公众号
    微信扫一扫关注
    迪恩网络公众号

漏洞

RSS

下级分类:

  • CVE-2021-40337
    CVE-2021-40337
    Cross-site Scripting (XSS) vulnerability in Hitachi Energy LinkOne allows an attacker that manages to exploit the vulnerability can take advantage to exploit multiple web attacks and stole sensitive i ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 07:51 | 阅读:15 | 回复:0
  • CVE-2021-40167
    CVE-2021-40167
    A malicious crafted dwf file when consumed through DesignReview.exe application could lead to memory corruption vulnerability by read access violation. This vulnerability in conjunction with other vul ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 07:51 | 阅读:16 | 回复:0
  • CVE-2021-40159
    CVE-2021-40159
    An Information Disclosure vulnerability for JT files in Autodesk Inventor 2022, 2021, 2020, 2019 may lead to code execution through maliciously crafted JT files.……
    作者:菜鸟教程小白 | 时间:2022-6-23 07:51 | 阅读:16 | 回复:0
  • CVE-2021-40158
    CVE-2021-40158
    A maliciously crafted JT file in Autodesk Inventor 2022, 2021, 2020, 2019 may be forced to read beyond allocated boundaries when parsing the JT file. This vulnerability can be exploited to execute arb ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 07:51 | 阅读:16 | 回复:0
  • CVE-2021-38129
    CVE-2021-38129
    Escalation of privileges vulnerability in Micro Focus in Micro Focus Operations Agent, affecting versions 12.x up to and including 12.21. The vulnerability could be exploited by a non-privileged local ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 07:51 | 阅读:16 | 回复:0
  • CVE-2022-0351
    CVE-2022-0351
    Access of Memory Location Before Start of Buffer in GitHub repository vim/vim prior to 8.2.……
    作者:菜鸟教程小白 | 时间:2022-6-23 07:51 | 阅读:17 | 回复:0
  • CVE-2021-39031
    CVE-2021-39031
    IBM WebSphere Application Server - Liberty 17.0.0.3 through 22.0.0.1 could allow a remote authenticated attacker to conduct an LDAP injection. By using a specially crafted request, an attacker could e ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 07:51 | 阅读:16 | 回复:0
  • CVE-2021-46087
    CVE-2021-46087
    In jfinal_cms = 5.1 0, there is a storage XSS vulnerability in the background system of CMS. Because developers do not filter the parameters submitted by the user input form, any user with background ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 07:51 | 阅读:14 | 回复:0
  • CVE-2021-46086
    CVE-2021-46086
    xzs-mysql = t3.4.0 is vulnerable to Insecure Permissions. The front end of this open source system is an online examination system. There is an unsafe vulnerability in the functional method of submitt ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 07:51 | 阅读:15 | 回复:0
  • CVE-2021-46085
    CVE-2021-46085
    OneBlog = 2.2.8 is vulnerable to Insecure Permissions. Low level administrators can delete high-level administrators beyond their authority.……
    作者:菜鸟教程小白 | 时间:2022-6-23 07:51 | 阅读:14 | 回复:0
  • CVE-2021-46084
    CVE-2021-46084
    uscat, as of 2021-12-28, is vulnerable to Cross Site Scripting (XSS) via close registration information input box.……
    作者:菜鸟教程小白 | 时间:2022-6-23 07:51 | 阅读:11 | 回复:0
  • CVE-2021-46083
    CVE-2021-46083
    uscat, as of 2021-12-28, is vulnerable to Cross Site Scripting (XSS) via the input box of the statistical code.……
    作者:菜鸟教程小白 | 时间:2022-6-23 07:51 | 阅读:11 | 回复:0
  • CVE-2021-46034
    CVE-2021-46034
    A problem was found in ForestBlog, as of 2021-12-29, there is a XSS vulnerability that can be injected through the nickname input box.……
    作者:菜鸟教程小白 | 时间:2022-6-23 07:51 | 阅读:11 | 回复:0
  • CVE-2021-43863
    CVE-2021-43863
    The Nextcloud Android app is the Android client for Nextcloud, a self-hosted productivity platform. The Nextcloud Android app uses content providers to manage its data. Prior to version 3.18.1, the pr ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 07:51 | 阅读:13 | 回复:0
  • CVE-2021-34870
    CVE-2021-34870
    This vulnerability allows network-adjacent attackers to disclose sensitive information on affected installations of NETGEAR XR1000 1.0.0.52_1.0.38 routers. Authentication is not required to exploit th ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 07:51 | 阅读:12 | 回复:0
  • CVE-2021-34869
    CVE-2021-34869
    This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop 16.1.3-49160. An attacker must first obtain the ability to execute low-privileged code o ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 07:51 | 阅读:12 | 回复:0
  • CVE-2021-34868
    CVE-2021-34868
    This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop 16.1.3-49160. An attacker must first obtain the ability to execute low-privileged code o ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 07:51 | 阅读:11 | 回复:0
  • CVE-2021-34867
    CVE-2021-34867
    This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop 16.1.3-49160. An attacker must first obtain the ability to execute high-privileged code ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 07:51 | 阅读:12 | 回复:0
  • CVE-2021-34866
    CVE-2021-34866
    This vulnerability allows local attackers to escalate privileges on affected installations of Linux Kernel 5.14-rc3. An attacker must first obtain the ability to execute low-privileged code on the tar ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 07:51 | 阅读:10 | 回复:0
  • CVE-2021-34865
    CVE-2021-34865
    This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of multiple NETGEAR routers. Authentication is not required to exploit this vulnerability. The s ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 07:51 | 阅读:12 | 回复:0
  • CVE-2021-46089
    CVE-2021-46089
    In JeecgBoot 3.0, there is a SQL injection vulnerability that can operate the database with root privileges.……
    作者:菜鸟教程小白 | 时间:2022-6-23 07:48 | 阅读:11 | 回复:0
  • CVE-2021-46033
    CVE-2021-46033
    In ForestBlog, as of 2021-12-28, File upload can bypass verification.……
    作者:菜鸟教程小白 | 时间:2022-6-23 07:48 | 阅读:10 | 回复:0
  • CVE-2021-3850
    CVE-2021-3850
    Authentication Bypass by Primary Weakness in GitHub repository adodb/adodb prior to 5.20.21.……
    作者:菜鸟教程小白 | 时间:2022-6-23 07:48 | 阅读:9 | 回复:0
  • CVE-2022-23035
    CVE-2022-23035
    Insufficient cleanup of passed-through device IRQs The management of IRQs associated with physical devices exposed to x86 HVM guests involves an iterative operation in particular when cleaning up afte ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 07:48 | 阅读:8 | 回复:0
  • CVE-2022-23034
    CVE-2022-23034
    A PV guest could DoS Xen while unmapping a grant To address XSA-380, reference counting was introduced for grant mappings for the case where a PV guest would have the IOMMU enabled. PV guests can requ ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 07:48 | 阅读:7 | 回复:0
  • CVE-2022-23033
    CVE-2022-23033
    arm: guest_physmap_remove_page not removing the p2m mappings The functions to remove one or more entries from a guest p2m pagetable on Arm (p2m_remove_mapping, guest_physmap_remove_page, and p2m_set_e ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 07:48 | 阅读:8 | 回复:0
  • CVE-2022-21697
    CVE-2022-21697
    Jupyter Server Proxy is a Jupyter notebook server extension to proxy web services. Versions of Jupyter Server Proxy prior to 3.2.1 are vulnerable to Server-Side Request Forgery (SSRF). Any user deploy ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 07:48 | 阅读:8 | 回复:0
  • CVE-2021-45847
    CVE-2021-45847
    Several missing input validations in the 3MF parser component of Slic3r libslic3r 1.3.0 can each allow an attacker to cause an application crash using a crafted 3MF input file.……
    作者:菜鸟教程小白 | 时间:2022-6-23 07:48 | 阅读:6 | 回复:0
  • CVE-2021-45846
    CVE-2021-45846
    A flaw in the AMF parser of Slic3r libslic3r 1.3.0 allows an attacker to cause an application crash using a crafted AMF document, where a metadata tag lacks a type attribute.……
    作者:菜鸟教程小白 | 时间:2022-6-23 07:48 | 阅读:8 | 回复:0
  • CVE-2022-23945
    CVE-2022-23945
    Missing authentication on ShenYu Admin when register by HTTP. This issue affected Apache ShenYu 2.4.0 and 2.4.1.……
    作者:菜鸟教程小白 | 时间:2022-6-23 07:48 | 阅读:8 | 回复:0
  • CVE-2022-23944
    CVE-2022-23944
    User can access /plugin api without authentication. This issue affected Apache ShenYu 2.4.0 and 2.4.1.……
    作者:菜鸟教程小白 | 时间:2022-6-23 07:48 | 阅读:9 | 回复:0
  • CVE-2022-23223
    CVE-2022-23223
    The HTTP response will disclose the user password. This issue affected Apache ShenYu 2.4.0 and 2.4.1.……
    作者:菜鸟教程小白 | 时间:2022-6-23 07:48 | 阅读:11 | 回复:0
  • CVE-2021-46113
    CVE-2021-46113
    In MartDevelopers KEA-Hotel-ERP open source as of 12-31-2021, a remote code execution vulnerability can be exploited by uploading PHP files using the file upload vulnerability in this service.……
    作者:菜鸟教程小白 | 时间:2022-6-23 07:48 | 阅读:13 | 回复:0
  • CVE-2021-45845
    CVE-2021-45845
    The Path Sanity Check script of FreeCAD 0.19 is vulnerable to OS command injection, allowing an attacker to execute arbitrary commands via a crafted FCStd document.……
    作者:菜鸟教程小白 | 时间:2022-6-23 07:48 | 阅读:12 | 回复:0
  • CVE-2021-45844
    CVE-2021-45844
    Improper sanitization in the invocation of ODA File Converter from FreeCAD 0.19 allows an attacker to inject OS commands via a crafted filename.……
    作者:菜鸟教程小白 | 时间:2022-6-23 07:48 | 阅读:13 | 回复:0
  • CVE-2021-45803
    CVE-2021-45803
    MartDevelopers iResturant 1.0 is vulnerable to SQL Injection. SQL Injection occurs because this view parameter value is added to the SQL query without additional verification when viewing reservation.……
    作者:菜鸟教程小白 | 时间:2022-6-23 07:48 | 阅读:15 | 回复:0
  • CVE-2021-45802
    CVE-2021-45802
    MartDevelopers iResturant 1.0 is vulnerable to SQL Injection. SQL Injection occurs because the email and phone parameter values are added to the SQL query without any verification at the time of membe ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 07:48 | 阅读:14 | 回复:0
  • CVE-2021-45343
    CVE-2021-45343
    In LibreCAD 2.2.0, a NULL pointer dereference in the HATCH handling of libdxfrw allows an attacker to crash the application using a crafted DXF document.……
    作者:菜鸟教程小白 | 时间:2022-6-23 07:48 | 阅读:13 | 回复:0
  • CVE-2021-45342
    CVE-2021-45342
    A buffer overflow vulnerability in CDataList of the jwwlib component of LibreCAD 2.2.0-rc3 and older allows an attacker to achieve Remote Code Execution using a crafted JWW document.……
    作者:菜鸟教程小白 | 时间:2022-6-23 07:48 | 阅读:18 | 回复:0
  • CVE-2021-45029
    CVE-2021-45029
    Groovy Code Injection SpEL Injection which lead to Remote Code Execution. This issue affected Apache ShenYu 2.4.0 and 2.4.1.……
    作者:菜鸟教程小白 | 时间:2022-6-23 07:48 | 阅读:17 | 回复:0

关注我们

极客给你想要的成长

关注极客中国获取最新资讯

热门推荐
阅读排行榜

扫描微信二维码

查看手机版网站

随时了解更新最新资讯

139-2527-9053

在线客服(服务时间 9:00~18:00)

在线QQ客服
地址:深圳市南山区西丽大学城创智工业园
电邮:jeky_zhao#qq.com
移动电话:139-2527-9053

Powered by 互联科技 X3.4© 2001-2213 极客世界.|Sitemap