漏洞 - 第41页-OGeek|极客世界-中国程序员成长平台

OGeek|极客世界-中国程序员成长平台 › 门户 ›漏洞

漏洞

RSS

下级分类:

CVE漏洞

CVE-2022-22034

Windows Graphics Component Elevation of Privilege Vulnerability.……

作者：菜鸟教程小白 | 时间：2022-7-29 17:14 | 阅读：684 | 回复：0
CVE漏洞

CVE-2022-22031

Windows Credential Guard Domain-joined Public Key Elevation of Privilege Vulnerability.……

作者：菜鸟教程小白 | 时间：2022-7-29 17:14 | 阅读：600 | 回复：0
CVE漏洞

CVE-2022-22029

Windows Network File System Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-22039.……

作者：菜鸟教程小白 | 时间：2022-7-29 17:14 | 阅读：737 | 回复：0
CVE漏洞

CVE-2022-22028

Windows Network File System Information Disclosure Vulnerability.……

作者：菜鸟教程小白 | 时间：2022-7-29 17:14 | 阅读：779 | 回复：0
CVE漏洞

CVE-2022-22027

Windows Fax Service Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-22024.……

作者：菜鸟教程小白 | 时间：2022-7-29 17:14 | 阅读：1013 | 回复：0
CVE漏洞

CVE-2022-22026

Windows CSRSS Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-22047, CVE-2022-22049.……

作者：菜鸟教程小白 | 时间：2022-7-29 17:14 | 阅读：642 | 回复：0
CVE漏洞

CVE-2022-22025

Windows Internet Information Services Cachuri Module Denial of Service Vulnerability.……

作者：菜鸟教程小白 | 时间：2022-7-29 17:14 | 阅读：1351 | 回复：0
CVE漏洞

CVE-2022-22024

Windows Fax Service Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-22027.……

作者：菜鸟教程小白 | 时间：2022-7-29 17:14 | 阅读：1540 | 回复：0
CVE漏洞

CVE-2022-22023

Windows Portable Device Enumerator Service Security Feature Bypass Vulnerability.……

作者：菜鸟教程小白 | 时间：2022-7-29 17:14 | 阅读：670 | 回复：0
CVE漏洞

CVE-2022-22022

Windows Print Spooler Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-22041, CVE-2022-30206, CVE-2022-30226.……

作者：菜鸟教程小白 | 时间：2022-7-29 17:14 | 阅读：617 | 回复：0
CVE漏洞

CVE-2022-21845

Windows Kernel Information Disclosure Vulnerability.……

作者：菜鸟教程小白 | 时间：2022-7-29 17:14 | 阅读：670 | 回复：0
CVE漏洞

CVE-2022-35403

Zoho ManageEngine ServiceDesk Plus before 13008, ServiceDesk Plus MSP before 10606, and SupportCenter Plus before 11022 are affected by an unauthenticated local file disclosure vulnerability via ticke ...……

作者：菜鸟教程小白 | 时间：2022-7-29 17:14 | 阅读：1779 | 回复：0
CVE漏洞

CVE-2022-33155

The ameos_tarteaucitron (aka AMEOS - TarteAuCitron GDPR cookie banner and tracking management / French RGPD compatible) extension before 1.2.23 for TYPO3 allows XSS.……

作者：菜鸟教程小白 | 时间：2022-7-29 17:14 | 阅读：1177 | 回复：0
CVE漏洞

CVE-2022-33154

The schema (aka Embedding schema.org vocabulary) extension before 1.13.1 and 2.x before 2.5.1 for TYPO3 allows XSS.……

作者：菜鸟教程小白 | 时间：2022-7-29 17:14 | 阅读：679 | 回复：0
CVE漏洞

CVE-2022-31105

Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes. Argo CD starting with version 0.4.0 and prior to 2.2.11, 2.3.6, and 2.4.5 is vulnerable to an improper certificate validation ...……

作者：菜鸟教程小白 | 时间：2022-7-29 17:14 | 阅读：624 | 回复：0
CVE漏洞

CVE-2022-31102

Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes. Argo CD starting with 2.3.0 and prior to 2.3.6 and 2.4.5 is vulnerable to a cross-site scripting (XSS) bug which could allow a ...……

作者：菜鸟教程小白 | 时间：2022-7-29 17:14 | 阅读：670 | 回复：0
CVE漏洞

CVE-2022-29601

The seminars (aka Seminar Manager) extension through 4.1.3 for TYPO3 allows SQL Injection.……

作者：菜鸟教程小白 | 时间：2022-7-29 17:14 | 阅读：608 | 回复：0
CVE漏洞

CVE-2022-29600

The oelib (aka One is Enough Library) extension through 4.1.5 for TYPO3 allows SQL Injection.……

作者：菜鸟教程小白 | 时间：2022-7-29 17:14 | 阅读：924 | 回复：0
CVE漏洞

CVE-2022-35228

SAP BusinessObjects CMC allows an unauthenticated attacker to retrieve token information over the network which would otherwise be restricted. This can be achieved only when a legitimate user accesses ...……

作者：菜鸟教程小白 | 时间：2022-7-29 17:14 | 阅读：643 | 回复：0
CVE漏洞

CVE-2022-35227

A vulnerability in SAP NW EP (WPC) - versions 7.30, 7.31, 7.40, 7.50, which does not sufficiently validate user-controlled input, allows a remote attacker to conduct a Cross-Site (XSS) scripting attac ...……

作者：菜鸟教程小白 | 时间：2022-7-29 17:14 | 阅读：612 | 回复：0
CVE漏洞

CVE-2022-35225

SAP NetWeaver Enterprise Portal - versions 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50, does not sufficiently encode user-controlled inputs over the network, resulting in reflected Cross-Site Scripting ( ...……

作者：菜鸟教程小白 | 时间：2022-7-29 17:14 | 阅读：795 | 回复：0
CVE漏洞

CVE-2022-35224

SAP Enterprise Portal - versions 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50, does not sufficiently encode user-controlled inputs, resulting in Cross-Site Scripting (XSS) vulnerability. This attack can b ...……

作者：菜鸟教程小白 | 时间：2022-7-29 17:14 | 阅读：688 | 回复：0
CVE漏洞

CVE-2022-35172

SAP NetWeaver Enterprise Portal - versions 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50, does not sufficiently encode user-controlled inputs, resulting in reflected Cross-Site Scripting (XSS) vulnerabilit ...……

作者：菜鸟教程小白 | 时间：2022-7-29 17:14 | 阅读：1027 | 回复：0
CVE漏洞

CVE-2022-35171

When a user opens manipulated JPEG 2000 (.jp2, jp2k.x3d) files received from untrusted sources in SAP 3D Visual Enterprise Viewer, the application crashes and becomes temporarily unavailable to the us ...……

作者：菜鸟教程小白 | 时间：2022-7-29 17:14 | 阅读：1107 | 回复：0
CVE漏洞

CVE-2022-35170

SAP NetWeaver Enterprise Portal does - versions 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50, not sufficiently encode user-controlled inputs over the network, resulting in reflected Cross-Site Scripting ( ...……

作者：菜鸟教程小白 | 时间：2022-7-29 17:14 | 阅读：670 | 回复：0
CVE漏洞

CVE-2022-35169

SAP BusinessObjects Business Intelligence Platform (LCM) - versions 420, 430, allows an attacker with an admin privilege to read and decrypt LCMBIAR file's password under certain conditions, enabl ...……

作者：菜鸟教程小白 | 时间：2022-7-29 17:14 | 阅读：627 | 回复：0
CVE漏洞

CVE-2022-35168

Due to improper input sanitization of XML input in SAP Business One - version 10.0, an attacker can perform a denial-of-service attack rendering the system temporarily inoperative.……

作者：菜鸟教程小白 | 时间：2022-7-29 17:14 | 阅读：594 | 回复：0
CVE漏洞

CVE-2022-32249

Under special integration scenario of SAP Business one and SAP HANA - version 10.0, an attacker can exploit HANA cockpit?s data volume to gain access to highly sensitive information (e.g., high privil ...……

作者：菜鸟教程小白 | 时间：2022-7-29 17:14 | 阅读：892 | 回复：0
CVE漏洞

CVE-2022-32248

Due to missing input validation in the Manage Checkbooks component of SAP S/4HANA - version 101, 102, 103, 104, 105, 106, an attacker could insert or edit the value of an existing field in the databas ...……

作者：菜鸟教程小白 | 时间：2022-7-29 17:14 | 阅读：576 | 回复：0
CVE漏洞

CVE-2022-32247

SAP NetWeaver Enterprise Portal - versions 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50, is susceptible to script execution attack by an unauthenticated attacker due to improper sanitization of the User i ...……

作者：菜鸟教程小白 | 时间：2022-7-29 17:14 | 阅读：1508 | 回复：0
CVE漏洞

CVE-2022-32246

SAP Busines Objects Business Intelligence Platform (Visual Difference Application) - versions 420, 430, allows an authenticated attacker who has access to BI admin console to send crafted queries and ...……

作者：菜鸟教程小白 | 时间：2022-7-29 17:14 | 阅读：846 | 回复：0
CVE漏洞

CVE-2022-31655

VMware vRealize Log Insight in versions prior to 8.8.2 contain a stored cross-site scripting vulnerability due to improper input sanitization in alerts.……

作者：菜鸟教程小白 | 时间：2022-7-29 17:14 | 阅读：705 | 回复：0
CVE漏洞

CVE-2022-31654

VMware vRealize Log Insight in versions prior to 8.8.2 contain a stored cross-site scripting vulnerability due to improper input sanitization in configurations.……

作者：菜鸟教程小白 | 时间：2022-7-29 17:14 | 阅读：602 | 回复：0
CVE漏洞

CVE-2022-31598

Due to insufficient input validation, SAP Business Objects - version 420, allows an authenticated attacker to submit a malicious request through an allowed operation. On successful exploitation, an at ...……

作者：菜鸟教程小白 | 时间：2022-7-29 17:14 | 阅读：573 | 回复：0
CVE漏洞

CVE-2022-31597

Within SAP S/4HANA - versions S4CORE 101, 102, 103, 104, 105, 106, SAPSCORE 127, the application business partner extension for Spain/Slovakia does not perform necessary authorization checks for a low ...……

作者：菜鸟教程小白 | 时间：2022-7-29 17:14 | 阅读：629 | 回复：0
CVE漏洞

CVE-2022-31593

SAP Business One client - version 10.0 allows an attacker with low privileges, to inject code that can be executed by the application. An attacker could thereby control the behavior of the application ...……

作者：菜鸟教程小白 | 时间：2022-7-29 17:14 | 阅读：632 | 回复：0
CVE漏洞

CVE-2022-31592

The application SAP Enterprise Extension Defense Forces Public Security - versions 605, 606, 616,617,618, 802, 803, 804, 805, 806, does not perform necessary authorization checks for an authenticated ...……

作者：菜鸟教程小白 | 时间：2022-7-29 17:14 | 阅读：604 | 回复：0
CVE漏洞

CVE-2022-31591

SAP BusinessObjects BW Publisher Service - versions 420, 430, uses a search path that contains an unquoted element. A local attacker can gain elevated privileges by inserting an executable file in the ...……

作者：菜鸟教程小白 | 时间：2022-7-29 17:14 | 阅读：607 | 回复：0
CVE漏洞

CVE-2022-31134

Zulip is an open-source team collaboration tool. Zulip Server versions 2.1.0 above have a user interface tool, accessible only to server owners and server administrators, which provides a way to downl ...……

作者：菜鸟教程小白 | 时间：2022-7-29 17:14 | 阅读：631 | 回复：0
CVE漏洞

CVE-2022-31012

Git for Windows is a fork of Git that contains Windows-specific patches. This vulnerability in versions prior to 2.37.1 lets Git for Windows' installer execute a binary into `C:\mingw64\bin\git.ex ...……

作者：菜鸟教程小白 | 时间：2022-7-29 17:14 | 阅读：640 | 回复：0