• 设为首页
  • 点击收藏
  • 手机版
    手机扫一扫访问
    迪恩网络手机版
  • 关注官方公众号
    微信扫一扫关注
    迪恩网络公众号
登陆 注册
描述文字
OGeek|极客世界-中国程序员成长平台 门户 漏洞

漏洞

RSS

下级分类:

  • CVE-2022-34754
    CVE漏洞
    CVE-2022-34754
    A CWE-269: Improper Privilege Management vulnerability exists that could allow elevated functionality when guessing credentials. Affected Products: Acti9 PowerTag Link C (A9XELC10-A) (V1.7.5 and prior ...……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:15 | 阅读:1356 | 回复:0
  • CVE-2022-34753
    CVE漏洞
    CVE-2022-34753
    A CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability exists that could cause remote root exploit when the command is compromised. ...……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:15 | 阅读:855 | 回复:0
  • CVE-2022-32117
    CVE漏洞
    CVE-2022-32117
    Jerryscript v2.4.0 was discovered to contain a stack buffer overflow via the function jerryx_print_unhandled_exception in /util/print.c.……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:15 | 阅读:675 | 回复:0
  • CVE-2022-32114
    CVE漏洞
    CVE-2022-32114
    An unrestricted file upload vulnerability in the Add New Assets function of Strapi v4.1.12 allows attackers to execute arbitrary code via a crafted file.……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:15 | 阅读:791 | 回复:0
  • CVE-2022-31145
    CVE漏洞
    CVE-2022-31145
    FlyteAdmin is the control plane for Flyte responsible for managing entities and administering workflow executions. In versions 1.1.30 and prior, authenticated users using an external identity provider ...……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:15 | 阅读:596 | 回复:0
  • CVE-2022-32308
    CVE漏洞
    CVE-2022-32308
    Cross Site Scripting (XSS) vulnerability in uBlock Origin extension before 1.41.1 allows remote attackers to run arbitrary code via a spoofed 'MessageSender.url' to the browser renderer proces ...……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:15 | 阅读:840 | 回复:0
  • CVE-2020-21967
    CVE漏洞
    CVE-2020-21967
    File upload vulnerability in the Catalog feature in Prestashop 1.7.6.7 allows remote attackers to run arbitrary code via the add new file page.……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:15 | 阅读:974 | 回复:0
  • CVE-2022-2380
    CVE漏洞
    CVE-2022-2380
    The Linux kernel was found vulnerable out of bounds memory access in the drivers/video/fbdev/sm712fb.c:smtcfb_read() function. The vulnerability could result in local attackers being able to crash the ...……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:15 | 阅读:829 | 回复:0
  • CVE-2022-22982
    CVE漏洞
    CVE-2022-22982
    The vCenter Server contains a server-side request forgery (SSRF) vulnerability. A malicious actor with network access to 443 on the vCenter Server may exploit this issue by accessing a URL request out ...……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:15 | 阅读:1007 | 回复:0
  • CVE-2022-20238
    CVE漏洞
    CVE-2022-20238
    'remap_pfn_range' here may map out of size kernel memory (for example, may map the kernel area), and because the 'vma-vm_page_prot' can also be controlled by userspace, so userspace ma ...……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:15 | 阅读:754 | 回复:0
  • CVE-2022-20236
    CVE漏洞
    CVE-2022-20236
    A drm driver have oob problem, could cause the system crash or EOPProduct: AndroidVersions: Android SoCAndroid ID: A-233124709……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:15 | 阅读:653 | 回复:0
  • CVE-2022-20234
    CVE漏洞
    CVE-2022-20234
    In Car Settings app, the NotificationAccessConfirmationActivity is exported. In NotificationAccessConfirmationActivity, it gets both 'mComponentName' and 'pkgTitle' from user.An unpriv ...……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:15 | 阅读:660 | 回复:0
  • CVE-2022-20230
    CVE漏洞
    CVE-2022-20230
    In choosePrivateKeyAlias of KeyChain.java, there is a possible access to the user's certificate due to improper input validation. This could lead to local information disclosure with no additional ...……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:15 | 阅读:682 | 回复:0
  • CVE-2022-20229
    CVE漏洞
    CVE-2022-20229
    In bta_hf_client_handle_cind_list_item of bta_hf_client_at.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execut ...……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:15 | 阅读:834 | 回复:0
  • CVE-2022-20228
    CVE漏洞
    CVE-2022-20228
    In various functions of C2DmaBufAllocator.cpp, there is a possible memory corruption due to a use after free. This could lead to remote information disclosure with no additional execution privileges n ...……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:15 | 阅读:1024 | 回复:0
  • CVE-2022-20227
    CVE漏洞
    CVE-2022-20227
    In USB driver, there is a possible out of bounds read due to a heap buffer overflow. This could lead to local information disclosure with User execution privileges needed. User interaction is not need ...……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:15 | 阅读:567 | 回复:0
  • CVE-2022-20226
    CVE漏洞
    CVE-2022-20226
    In finishDrawingWindow of WindowManagerService.java, there is a possible tapjacking due to improper input validation. This could lead to local escalation of privilege with User execution privileges ne ...……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:15 | 阅读:865 | 回复:0
  • CVE-2022-20225
    CVE漏洞
    CVE-2022-20225
    In getSubscriptionProperty of SubscriptionController.java, there is a possible read of a sensitive identifier due to a missing permission check. This could lead to local information disclosure with no ...……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:15 | 阅读:564 | 回复:0
  • CVE-2022-20224
    CVE漏洞
    CVE-2022-20224
    In AT_SKIP_REST of bta_hf_client_at.cc, there is a possible out of bounds read due to an incorrect bounds check. This could lead to remote information disclosure in the Bluetooth stack with no additio ...……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:15 | 阅读:571 | 回复:0
  • CVE-2022-20223
    CVE漏洞
    CVE-2022-20223
    In assertSafeToStartCustomActivity of AppRestrictionsFragment.java, there is a possible way to start a phone call without permissions due to a confused deputy. This could lead to local escalation of p ...……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:15 | 阅读:648 | 回复:0
  • CVE-2022-20222
    CVE漏洞
    CVE-2022-20222
    In read_attr_value of gatt_db.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User i ...……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:15 | 阅读:654 | 回复:0
  • CVE-2022-20221
    CVE漏洞
    CVE-2022-20221
    In avrc_ctrl_pars_vendor_cmd of avrc_pars_ct.cc, there is a possible out of bounds read due to improper input validation. This could lead to remote information disclosure over Bluetooth with no additi ...……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:15 | 阅读:1012 | 回复:0
  • CVE-2022-20220
    CVE漏洞
    CVE-2022-20220
    In openFile of CallLogProvider.java, there is a possible permission bypass due to a path traversal error. This could lead to local escalation of privilege with User execution privileges needed. User i ...……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:15 | 阅读:909 | 回复:0
  • CVE-2022-20219
    CVE漏洞
    CVE-2022-20219
    In multiple functions of StorageManagerService.java and UserManagerService.java, there is a possible way to leave user's directories unencrypted due to a logic error in the code. This could lead t ...……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:15 | 阅读:636 | 回复:0
  • CVE-2022-20218
    CVE漏洞
    CVE-2022-20218
    In PermissionController, there is a possible way to get and retain permissions without user's consent due to a logic error in the code. This could lead to local escalation of privilege with no add ...……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:15 | 阅读:960 | 回复:0
  • CVE-2022-20217
    CVE漏洞
    CVE-2022-20217
    There is a unauthorized broadcast in the SprdContactsProvider. A third-party app could use this issue to delete Fdn contact.Product: AndroidVersions: Android SoCAndroid ID: A-232441378……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:15 | 阅读:665 | 回复:0
  • CVE-2022-20216
    CVE漏洞
    CVE-2022-20216
    android exported is used to set third-party app access permissions, and the default value of intent-filter is true. com.sprd.firewall has set exported as true.Product: AndroidVersions: Android SoCAndr ...……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:15 | 阅读:681 | 回复:0
  • CVE-2022-20212
    CVE漏洞
    CVE-2022-20212
    In wifi.RequestToggleWifiActivity of AndroidManifest.xml, there is a possible EoP due to a tapjacking/overlay attack. This could lead to local escalation of privilege with no additional execution priv ...……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:15 | 阅读:851 | 回复:0
  • CVE-2022-28888
    CVE漏洞
    CVE-2022-28888
    Spryker Commerce OS 1.4.2 allows Remote Command Execution.……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:15 | 阅读:2040 | 回复:0
  • CVE-2017-20128
    CVE漏洞
    CVE-2017-20128
    A vulnerability has been found in KB Messages PHP Script 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality. The manipulation of the argument username/password ...……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:15 | 阅读:604 | 回复:0
  • CVE-2017-20127
    CVE漏洞
    CVE-2017-20127
    A vulnerability was found in KB Login Authentication Script 1.1 and classified as critical. Affected by this issue is some unknown functionality. The manipulation of the argument username/password wit ...……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:15 | 阅读:1101 | 回复:0
  • CVE-2017-20126
    CVE漏洞
    CVE-2017-20126
    A vulnerability was found in KB Affiliate Referral Script 1.0. It has been classified as critical. This affects an unknown part of the file /index.php. The manipulation of the argument username/passwo ...……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:15 | 阅读:568 | 回复:0
  • CVE-2022-34358
    CVE漏洞
    CVE-2022-34358
    IBM i 7.2, 7.3, 7.4, and 7.5 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentiall ...……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:15 | 阅读:530 | 回复:0
  • CVE-2022-32096
    CVE漏洞
    CVE-2022-32096
    Rhonabwy before v1.1.5 was discovered to contain a buffer overflow via the component r_jwe_aesgcm_key_unwrap. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted JWE t ...……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:15 | 阅读:552 | 回复:0
  • CVE-2022-32074
    CVE漏洞
    CVE-2022-32074
    A stored cross-site scripting (XSS) vulnerability in the component audit/class.audit.php of osTicket-plugins - Storage-FS before commit a7842d494889fd5533d13deb3c6a7789768795ae allows attackers to exe ...……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:15 | 阅读:891 | 回复:0
  • CVE-2022-32073
    CVE漏洞
    CVE-2022-32073
    WolfSSH v1.4.7 was discovered to contain an integer overflow via the function wolfSSH_SFTP_RecvRMDIR.……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:15 | 阅读:564 | 回复:0
  • CVE-2022-32065
    CVE漏洞
    CVE-2022-32065
    An arbitrary file upload vulnerability in the background management module of RuoYi v4.7.3 and below allows attackers to execute arbitrary code via a crafted HTML file.……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:15 | 阅读:763 | 回复:0
  • CVE-2022-32274
    CVE漏洞
    CVE-2022-32274
    The Transition Scheduler add-on 6.5.0 for Atlassian Jira is prone to stored XSS via the project name to the creation function.……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:15 | 阅读:554 | 回复:0
  • CVE-2020-35259
    CVE漏洞
    CVE-2020-35259
    ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none.……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:15 | 阅读:528 | 回复:0
  • CVE-2021-27294
    CVE漏洞
    CVE-2021-27294
    ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none.……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:15 | 阅读:705 | 回复:0

关注我们

极客给你想要的成长

关注极客中国获取最新资讯

加入Q群 官方微博
热门推荐
More+
专题导读
More+
热门话题
More+
阅读排行榜

扫描微信二维码

查看手机版网站

随时了解更新最新资讯

139-2527-9053

在线客服(服务时间 9:00~18:00)

在线QQ客服
地址:深圳市南山区西丽大学城创智工业园
电邮:jeky_zhao#qq.com
移动电话:139-2527-9053

Powered by 互联科技 X3.4© 2001-2213 极客世界.|Sitemap