漏洞 - 第467页-OGeek|极客世界-中国程序员成长平台

OGeek|极客世界-中国程序员成长平台 › 门户 ›漏洞

漏洞

RSS

下级分类:

CVE漏洞

CVE-2021-21880

A directory traversal vulnerability exists in the Web Manager FsCopyFile functionality of Lantronix PremierWave 2050 8.9.0.0R4. A specially-crafted HTTP request can lead to local file inclusion. An at ...……

作者：菜鸟教程小白 | 时间：2022-2-5 12:43 | 阅读：8 | 回复：0
CVE漏洞

CVE-2021-21879

A directory traversal vulnerability exists in the Web Manager File Upload functionality of Lantronix PremierWave 2050 8.9.0.0R4. A specially-crafted HTTP request can lead to arbitrary file overwrite. ...……

作者：菜鸟教程小白 | 时间：2022-2-5 12:43 | 阅读：21 | 回复：0
CVE漏洞

CVE-2021-21878

A local file inclusion vulnerability exists in the Web Manager Applications and FsBrowse functionality of Lantronix PremierWave 2050 8.9.0.0R4. A specially-crafted series of HTTP requests can lead to ...……

作者：菜鸟教程小白 | 时间：2022-2-5 12:43 | 阅读：13 | 回复：0
CVE漏洞

CVE-2021-21877

Specially-crafted HTTP requests can lead to arbitrary command execution in “GET” requests. An attacker can make authenticated HTTP requests to trigger this vulnerability.……

作者：菜鸟教程小白 | 时间：2022-2-5 12:43 | 阅读：27 | 回复：0
CVE漏洞

CVE-2021-21876

Specially-crafted HTTP requests can lead to arbitrary command execution in PUT requests. An attacker can make authenticated HTTP requests to trigger this vulnerability.……

作者：菜鸟教程小白 | 时间：2022-2-5 12:43 | 阅读：17 | 回复：0
CVE漏洞

CVE-2021-21875

A specially-crafted HTTP request can lead to arbitrary command execution in EC keypasswd parameter. An attacker can make an authenticated HTTP request to trigger this vulnerability.……

作者：菜鸟教程小白 | 时间：2022-2-5 12:43 | 阅读：10 | 回复：0
CVE漏洞

CVE-2021-21874

A specially-crafted HTTP request can lead to arbitrary command execution in DSA keypasswd parameter. An attacker can make an authenticated HTTP request to trigger this vulnerability.……

作者：菜鸟教程小白 | 时间：2022-2-5 12:43 | 阅读：12 | 回复：0
CVE漏洞

CVE-2021-21873

A specially-crafted HTTP request can lead to arbitrary command execution in RSA keypasswd parameter. An attacker can make an authenticated HTTP request to trigger this vulnerability.……

作者：菜鸟教程小白 | 时间：2022-2-5 12:43 | 阅读：18 | 回复：0
CVE漏洞

CVE-2021-21872

An OS command injection vulnerability exists in the Web Manager Diagnostics: Traceroute functionality of Lantronix PremierWave 2050 8.9.0.0R4. A specially-crafted HTTP request can lead to arbitrary co ...……

作者：菜鸟教程小白 | 时间：2022-2-5 12:43 | 阅读：25 | 回复：0
CVE漏洞

CVE-2021-45267

An invalid memory address dereference vulnerability exists in gpac 1.1.0 via the svg_node_start function, which causes a segmentation fault and application crash.……

作者：菜鸟教程小白 | 时间：2022-2-5 12:43 | 阅读：21 | 回复：0
CVE漏洞

CVE-2021-45266

A null pointer dereference vulnerability exists in gpac 1.1.0 via the lsr_read_anim_values_ex function, which causes a segmentation fault and application crash.……

作者：菜鸟教程小白 | 时间：2022-2-5 12:43 | 阅读：22 | 回复：0
CVE漏洞

CVE-2021-45263

An invalid free vulnerability exists in gpac 1.1.0 via the gf_svg_delete_attribute_value function, which causes a segmentation fault and application crash.……

作者：菜鸟教程小白 | 时间：2022-2-5 12:43 | 阅读：8 | 回复：0
CVE漏洞

CVE-2021-45262

An invalid free vulnerability exists in gpac 1.1.0 via the gf_sg_command_del function, which causes a segmentation fault and application crash.……

作者：菜鸟教程小白 | 时间：2022-2-5 12:43 | 阅读：8 | 回复：0
CVE漏洞

CVE-2021-45261

An Invalid Pointer vulnerability exists in GNU patch 2.7 via the another_hunk function, which causes a Denial of Service.……

作者：菜鸟教程小白 | 时间：2022-2-5 12:43 | 阅读：19 | 回复：0
CVE漏洞

CVE-2021-45260

A null pointer dereference vulnerability exists in gpac 1.1.0 in the lsr_read_id.part function, which causes a segmentation fault and application crash.……

作者：菜鸟教程小白 | 时间：2022-2-5 12:43 | 阅读：7 | 回复：0
CVE漏洞

CVE-2021-44659

Adding a new pipeline in GoCD server version 21.3.0 has a functionality that could be abused to do an un-intended action in order to achieve a Server Side Request Forgery (SSRF)……

作者：菜鸟教程小白 | 时间：2022-2-5 12:43 | 阅读：15 | 回复：0
CVE漏洞

CVE-2021-43804

PJSIP is a free and open source multimedia communication library written in C language implementing standard based protocols such as SIP, SDP, RTP, STUN, TURN, and ICE. In affected versions if the inc ...……

作者：菜鸟教程小白 | 时间：2022-2-5 12:43 | 阅读：11 | 回复：0
CVE漏洞

CVE-2021-43631

Projectworlds Hospital Management System v1.0 is vulnerable to SQL injection via the appointment_no parameter in payment.php.……

作者：菜鸟教程小白 | 时间：2022-2-5 12:43 | 阅读：12 | 回复：0
CVE漏洞

CVE-2021-43630

Projectworlds Hospital Management System v1.0 is vulnerable to SQL injection via multiple parameters in add_patient.php. As a result, an authenticated malicious user can compromise the databases syste ...……

作者：菜鸟教程小白 | 时间：2022-2-5 12:43 | 阅读：14 | 回复：0
CVE漏洞

CVE-2021-43629

Projectworlds Hospital Management System v1.0 is vulnerable to SQL injection via multiple parameters in admin_home.php.……

作者：菜鸟教程小白 | 时间：2022-2-5 12:43 | 阅读：17 | 回复：0
CVE漏洞

CVE-2021-43628

Projectworlds Hospital Management System v1.0 is vulnerable to SQL injection via the email parameter in hms-staff.php.……

作者：菜鸟教程小白 | 时间：2022-2-5 12:43 | 阅读：15 | 回复：0
CVE漏洞

CVE-2021-43158

In ProjectWorlds Online Shopping System PHP 1.0, a CSRF vulnerability in cart_remove.php allows a remote attacker to remove any product in the customer's cart.……

作者：菜鸟教程小白 | 时间：2022-2-5 12:43 | 阅读：9 | 回复：0
CVE漏洞

CVE-2021-43157

Projectsworlds Online Shopping System PHP 1.0 is vulnerable to SQL injection via the id parameter in cart_remove.php.……

作者：菜鸟教程小白 | 时间：2022-2-5 12:43 | 阅读：29 | 回复：0
CVE漏洞

CVE-2021-43156

In ProjectWorlds Online Book Store PHP 1.0 a CSRF vulnerability in admin_delete.php allows a remote attacker to delete any book.……

作者：菜鸟教程小白 | 时间：2022-2-5 12:43 | 阅读：26 | 回复：0
CVE漏洞

CVE-2021-43155

Projectsworlds Online Book Store PHP v1.0 is vulnerable to SQL injection via the bookisbn parameter in cart.php.……

作者：菜鸟教程小白 | 时间：2022-2-5 12:43 | 阅读：19 | 回复：0
CVE漏洞

CVE-2021-37706

PJSIP is a free and open source multimedia communication library written in C language implementing standard based protocols such as SIP, SDP, RTP, STUN, TURN, and ICE. In affected versions if the inc ...……

作者：菜鸟教程小白 | 时间：2022-2-5 12:43 | 阅读：18 | 回复：0
CVE漏洞

CVE-2021-4114

** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2021. Notes: none.……

作者：菜鸟教程小白 | 时间：2022-2-5 12:43 | 阅读：23 | 回复：0
CVE漏洞

CVE-2021-4113

** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2021. Notes: none.……

作者：菜鸟教程小白 | 时间：2022-2-5 12:43 | 阅读：13 | 回复：0
CVE漏洞

CVE-2021-45419

Certain Starcharge products are affected by Improper Input Validation. The affected products include: Nova 360 Cabinet = 1.3.0.0.7b102 - Fixed: Beta1.3.0.1.0 and Titan 180 Premium = 1.3.0.0.6 - Fixed: ...……

作者：菜鸟教程小白 | 时间：2022-2-5 12:43 | 阅读：13 | 回复：0
CVE漏洞

CVE-2021-45259

An Invalid pointer reference vulnerability exists in gpac 1.1.0 via the gf_svg_node_del function, which causes a segmentation fault and application crash.……

作者：菜鸟教程小白 | 时间：2022-2-5 12:43 | 阅读：12 | 回复：0
CVE漏洞

CVE-2021-45258

A stack overflow vulnerability exists in gpac 1.1.0 via the gf_bifs_dec_proto_list function, which causes a segmentation fault and application crash.……

作者：菜鸟教程小白 | 时间：2022-2-5 12:43 | 阅读：24 | 回复：0
CVE漏洞

CVE-2021-45257

An infinite loop vulnerability exists in nasm 2.16rc0 via the gpaste_tokens function.……

作者：菜鸟教程小白 | 时间：2022-2-5 12:43 | 阅读：26 | 回复：0
CVE漏洞

CVE-2021-45256

A Null Pointer Dereference vulnerability existfs in nasm 2.16rc0 via asm/preproc.c.……

作者：菜鸟教程小白 | 时间：2022-2-5 12:43 | 阅读：35 | 回复：0
CVE漏洞

CVE-2021-44733

A use-after-free exists in drivers/tee/tee_shm.c in the TEE subsystem in the Linux kernel through 5.15.11. This occurs because of a race condition in tee_shm_get_from_id during an attempt to free a sh ...……

作者：菜鸟教程小白 | 时间：2022-2-5 12:43 | 阅读：27 | 回复：0
CVE漏洞

CVE-2021-39013

IBM Cloud Pak for Security (CP4S) 1.7.2.0, 1.7.1.0, and 1.7.0.0 could allow an authenticated user to obtain sensitive information in HTTP responses that could be used in further attacks against the sy ...……

作者：菜鸟教程小白 | 时间：2022-2-5 12:43 | 阅读：15 | 回复：0
CVE漏洞

CVE-2021-45418

Certain Starcharge products are vulnerable to Directory Traversal via main.cgi. The affected products include: Nova 360 Cabinet =1.3.0.0.6 - Fixed: 1.3.0.0.9 and Titan 180 Premium =1.3.0.0.7b102 - Fix ...……

作者：菜鸟教程小白 | 时间：2022-2-5 12:43 | 阅读：10 | 回复：0
CVE漏洞

CVE-2021-36750

ENC DataVault before 7.2 and VaultAPI v67 mishandle key derivation, making it easier for attackers to determine the passwords of all DataVault users (across USB drives sold under multiple brand names) ...……

作者：菜鸟教程小白 | 时间：2022-2-5 12:43 | 阅读：16 | 回复：0
CVE漏洞

CVE-2021-40612

An issue was discovered in Opmantek Open-AudIT after 3.5.0. Without authentication, a vulnerability in code_igniter/application/controllers/util.php allows an attacker perform command execution withou ...……

作者：菜鸟教程小白 | 时间：2022-2-5 12:43 | 阅读：9 | 回复：0
CVE漏洞

CVE-2021-40836

A vulnerability affecting F-Secure antivirus engine was discovered whereby scanning MS outlook .pst files can lead to denial-of-service. The vulnerability can be exploited remotely by an attacker. A s ...……

作者：菜鸟教程小白 | 时间：2022-2-5 12:43 | 阅读：19 | 回复：0
CVE漏洞

CVE-2021-45459

lib/cmd.js in the node-windows package before 1.0.0-beta.6 for Node.js allows command injection via the PID parameter.……

作者：菜鸟教程小白 | 时间：2022-2-5 12:43 | 阅读：26 | 回复：0