漏洞 - 第381页-OGeek|极客世界-中国程序员成长平台

OGeek|极客世界-中国程序员成长平台 › 门户 ›漏洞

漏洞

RSS

下级分类:

CVE漏洞

CVE-2021-46044

A Pointer Dereference Vulnerabilty exists in GPAC 1.0.1via ShiftMetaOffset.isra, which causes a Denial of Service (context-dependent).……

作者：菜鸟教程小白 | 时间：2022-6-22 21:59 | 阅读：11 | 回复：0
CVE漏洞

CVE-2021-46043

A Pointer Dereference Vulnerability exits in GPAC 1.0.1 in the gf_list_count function, which causes a Denial of Service.……

作者：菜鸟教程小白 | 时间：2022-6-22 21:59 | 阅读：11 | 回复：0
CVE漏洞

CVE-2021-42841

Insta HMS before 12.4.10 is vulnerable to XSS because of improper validation of user-supplied input by multiple scripts. A remote attacker could exploit this vulnerability via a crafted URL to execute ...……

作者：菜鸟教程小白 | 时间：2022-6-22 21:59 | 阅读：11 | 回复：0
CVE漏洞

CVE-2021-46042

A Pointer Dereference Vulnerability exists in GPAC 1.0.1 via the _fseeko function, which causes a Denial of Service.……

作者：菜鸟教程小白 | 时间：2022-6-22 21:59 | 阅读：10 | 回复：0
CVE漏洞

CVE-2021-46041

A Segmentation Fault Vulnerability exists in GPAC 1.0.1 via the co64_box_new function, which causes a Denial of Service.……

作者：菜鸟教程小白 | 时间：2022-6-22 21:59 | 阅读：11 | 回复：0
CVE漏洞

CVE-2021-46040

A Pointer Dereference Vulnerabilty exists in GPAC 1.0.1 via the finplace_shift_moov_meta_offsets function, which causes a Denial of Servie (context-dependent).……

作者：菜鸟教程小白 | 时间：2022-6-22 21:59 | 阅读：9 | 回复：0
CVE漏洞

CVE-2021-46039

A Pointer Dereference Vulnerabilty exists in GPAC 1.0.1 via the shift_chunk_offsets.part function, which causes a Denial of Service (context-dependent).……

作者：菜鸟教程小白 | 时间：2022-6-22 21:59 | 阅读：10 | 回复：0
CVE漏洞

CVE-2021-4194

bookstack is vulnerable to Improper Access Control……

作者：菜鸟教程小白 | 时间：2022-6-22 21:59 | 阅读：9 | 回复：0
CVE漏洞

CVE-2021-43045

A vulnerability in the .NET SDK of Apache Avro allows an attacker to allocate excessive resources, potentially causing a denial-of-service attack. This issue affects .NET applications using Apache Avr ...……

作者：菜鸟教程小白 | 时间：2022-6-22 21:59 | 阅读：8 | 回复：0
CVE漏洞

CVE-2021-28715

Guest can force Linux netback driver to hog large amounts of kernel memory T Incoming data packets for a guest in the Linux kernel's netback driver are buffered until the guest is ready to process ...……

作者：菜鸟教程小白 | 时间：2022-6-22 21:59 | 阅读：9 | 回复：0
CVE漏洞

CVE-2021-28714

Guest can force Linux netback driver to hog large amounts of kernel memory T Incoming data packets for a guest in the Linux kernel's netback driver are buffered until the guest is ready to process ...……

作者：菜鸟教程小白 | 时间：2022-6-22 21:59 | 阅读：9 | 回复：0
CVE漏洞

CVE-2022-0128

vim is vulnerable to Out-of-bounds Read……

作者：菜鸟教程小白 | 时间：2022-6-22 21:59 | 阅读：6 | 回复：0
CVE漏洞

CVE-2021-46079

An Unrestricted File Upload vulnerability exists in Sourcecodester Vehicle Service Management System 1.0. A remote attacker can upload malicious files leading to Html Injection.……

作者：菜鸟教程小白 | 时间：2022-6-22 21:59 | 阅读：5 | 回复：0
CVE漏洞

CVE-2021-46078

An Unrestricted File Upload vulnerability exists in Sourcecodester Vehicle Service Management System 1.0. A remote attacker can upload malicious files leading to a Stored Cross-Site Scripting vulnerab ...……

作者：菜鸟教程小白 | 时间：2022-6-22 21:59 | 阅读：5 | 回复：0
CVE漏洞

CVE-2021-46075

A Privilege Escalation vulnerability exists in Sourcecodester Vehicle Service Management System 1.0. Staff account users can access the admin resources and perform CRUD Operations.……

作者：菜鸟教程小白 | 时间：2022-6-22 21:59 | 阅读：5 | 回复：0
CVE漏洞

CVE-2021-46074

A Stored Cross Site Scripting (XSS) vulnerability exists in Sourcecodester Vehicle Service Management System 1.0 via the Settings Section in login panel.……

作者：菜鸟教程小白 | 时间：2022-6-22 21:59 | 阅读：5 | 回复：0
CVE漏洞

CVE-2021-46073

A Stored Cross Site Scripting (XSS) vulnerability exists in Sourcecodester Vehicle Service Management System 1.0 via the User List Section in login panel.……

作者：菜鸟教程小白 | 时间：2022-6-22 21:59 | 阅读：5 | 回复：0
CVE漏洞

CVE-2021-46072

A Stored Cross Site Scripting (XSS) vulnerability exists in Vehicle Service Management System 1.0 via the Service List Section in login panel.……

作者：菜鸟教程小白 | 时间：2022-6-22 21:59 | 阅读：7 | 回复：0
CVE漏洞

CVE-2021-46071

A Stored Cross Site Scripting (XSS) vulnerability exists in Vehicle Service Management System 1.0 via the Category List Section in login panel.……

作者：菜鸟教程小白 | 时间：2022-6-22 21:59 | 阅读：9 | 回复：0
CVE漏洞

CVE-2021-46070

A Stored Cross Site Scripting (XSS) vulnerability exists in Vehicle Service Management System 1.0 via the Service Requests Section in login panel.……

作者：菜鸟教程小白 | 时间：2022-6-22 21:59 | 阅读：11 | 回复：0
CVE漏洞

CVE-2021-46069

A Stored Cross Site Scripting (XSS) vulnerability exists in Vehicle Service Management System 1.0 via the Mechanic List Section in login panel.……

作者：菜鸟教程小白 | 时间：2022-6-22 21:59 | 阅读：13 | 回复：0
CVE漏洞

CVE-2021-46068

A Stored Cross Site Scripting (XSS) vulnerability exists in Vehicle Service Management System 1.0 via the My Account Section in login panel.……

作者：菜鸟教程小白 | 时间：2022-6-22 21:59 | 阅读：13 | 回复：0
CVE漏洞

CVE-2021-46067

In Vehicle Service Management System 1.0 an attacker can steal the cookies leading to Full Account Takeover.……

作者：菜鸟教程小白 | 时间：2022-6-22 21:59 | 阅读：13 | 回复：0
CVE漏洞

CVE-2021-45745

A Stored Cross Site Scripting (XSS) vulnerability exists in Bludit 3.13.1 via the About Plugin in login panel.……

作者：菜鸟教程小白 | 时间：2022-6-22 21:59 | 阅读：15 | 回复：0
CVE漏洞

CVE-2021-45744

A Stored Cross Site Scripting (XSS) vulnerability exists in bludit 3.13.1 via the TAGS section in login panel.……

作者：菜鸟教程小白 | 时间：2022-6-22 21:59 | 阅读：17 | 回复：0
CVE漏洞

CVE-2021-46080

A Cross Site Request Forgery (CSRF) vulnerability exists in Vehicle Service Management System 1.0. An successful CSRF attacks leads to Stored Cross Site Scripting Vulnerability.……

作者：菜鸟教程小白 | 时间：2022-6-22 21:59 | 阅读：17 | 回复：0
CVE漏洞

CVE-2021-46076

Sourcecodester Vehicle Service Management System 1.0 is vulnerable to File upload. An attacker can upload a malicious php file in multiple endpoints it leading to Code Execution.……

作者：菜鸟教程小白 | 时间：2022-6-22 21:59 | 阅读：18 | 回复：0
CVE漏洞

CVE-2021-44591

In libming 0.4.8, the parseSWF_DEFINELOSSLESS2 function in util/parser.c lacks a boundary check that would lead to denial-of-service attacks via a crafted SWF file.……

作者：菜鸟教程小白 | 时间：2022-6-22 21:59 | 阅读：19 | 回复：0
CVE漏洞

CVE-2021-44590

In libming 0.4.8, a memory exhaustion vulnerability exist in the function cws2fws in util/main.c. Remote attackers could launch denial of service attacks by submitting a crafted SWF file that exploits ...……

作者：菜鸟教程小白 | 时间：2022-6-22 21:59 | 阅读：20 | 回复：0
CVE漏洞

CVE-2021-45458

Apache Kylin provides encryption classes PasswordPlaceholderConfigurer to help users encrypt their passwords. In the encryption algorithm used by this encryption class, the cipher is initialized with ...……

作者：菜鸟教程小白 | 时间：2022-6-22 21:59 | 阅读：19 | 回复：0
CVE漏洞

CVE-2021-45457

In Apache Kylin, Cross-origin requests with credentials are allowed to be sent from any origin. This issue affects Apache Kylin 2 version 2.6.6 and prior versions; Apache Kylin 3 version 3.1.2 and pri ...……

作者：菜鸟教程小白 | 时间：2022-6-22 21:59 | 阅读：16 | 回复：0
CVE漏洞

CVE-2021-45456

Apache kylin checks the legitimacy of the project before executing some commands with the project name passed in by the user. There is a mismatch between what is being checked and what is being used a ...……

作者：菜鸟教程小白 | 时间：2022-6-22 21:59 | 阅读：23 | 回复：0
CVE漏洞

CVE-2021-44878

If an OpenID Connect provider supports the none algorithm (i.e., tokens with no signature), pac4j v5.3.0 (and prior) does not refuse it without an explicit configuration on its side or for the idtoken ...……

作者：菜鸟教程小白 | 时间：2022-6-22 21:59 | 阅读：21 | 回复：0
CVE漏洞

CVE-2021-44584

Cross-site scripting (XSS) vulnerability in index.php in emlog version = pro-1.0.7 allows remote attackers to inject arbitrary web script or HTML via the s parameter.……

作者：菜鸟教程小白 | 时间：2022-6-22 21:59 | 阅读：19 | 回复：0
CVE漏洞

CVE-2021-36774

Apache Kylin allows users to read data from other database systems using JDBC. The MySQL JDBC driver supports certain properties, which, if left unmitigated, can allow an attacker to execute arbitrary ...……

作者：菜鸟教程小白 | 时间：2022-6-22 21:59 | 阅读：28 | 回复：0
CVE漏洞

CVE-2021-31522

Kylin can receive user input and load any class through Class.forName(...). This issue affects Apache Kylin 2 version 2.6.6 and prior versions; Apache Kylin 3 version 3.1.2 and prior versions; Apache ...……

作者：菜鸟教程小白 | 时间：2022-6-22 21:59 | 阅读：40 | 回复：0
CVE漏洞

CVE-2021-27738

All request mappings in `StreamingCoordinatorController.java` handling `/kylin/api/streaming_coordinator/*` REST API endpoints did not include any security checks, which allowed an unauthenticated use ...……

作者：菜鸟教程小白 | 时间：2022-6-22 21:59 | 阅读：22 | 回复：0
CVE漏洞

CVE-2021-44564

A security vulnerability originally reported in the SYNC2101 product, and applicable to specific sub-families of SYNC devices, allows an attacker to download the configuration file used in the device ...……

作者：菜鸟教程小白 | 时间：2022-6-22 21:59 | 阅读：33 | 回复：0
CVE漏洞

CVE-2021-44351

An arbitrary file read vulnerability exists in NavigateCMS 2.9 via /navigate/navigate_download.php id parameter.……

作者：菜鸟教程小白 | 时间：2022-6-22 21:59 | 阅读：38 | 回复：0
CVE漏洞

CVE-2021-36739

The first name and last name fields of the Apache Pluto 3.1.0 MVCBean JSP portlet maven archetype are vulnerable to Cross-Site Scripting (XSS) attacks.……

作者：菜鸟教程小白 | 时间：2022-6-22 21:59 | 阅读：34 | 回复：0