漏洞 - 第468页-OGeek|极客世界-中国程序员成长平台

OGeek|极客世界-中国程序员成长平台 › 门户 ›漏洞

漏洞

RSS

下级分类:

CVE漏洞

CVE-2021-44031

An issue was discovered in Quest KACE Desktop Authority before 11.2. /dacomponentui/profiles/profileitems/outlooksettings/Insertimage.aspx contains a vulnerability that could allow pre-authentication ...……

作者：菜鸟教程小白 | 时间：2022-2-5 12:43 | 阅读：20 | 回复：0
CVE漏洞

CVE-2021-44030

Quest KACE Desktop Authority before 11.2 allows XSS because it does not prevent untrusted HTML from reaching the jQuery.htmlPrefilter method of jQuery.……

作者：菜鸟教程小白 | 时间：2022-2-5 12:43 | 阅读：23 | 回复：0
CVE漏洞

CVE-2021-44029

An issue was discovered in Quest KACE Desktop Authority before 11.2. This vulnerability allows attackers to execute remote code through a deserialization exploitation in the RadAsyncUpload function of ...……

作者：菜鸟教程小白 | 时间：2022-2-5 12:43 | 阅读：19 | 回复：0
CVE漏洞

CVE-2021-44028

XXE can occur in Quest KACE Desktop Authority before 11.2 because the log4net configuration file might be controlled by an attacker, a related issue to CVE-2018-1285.……

作者：菜鸟教程小白 | 时间：2022-2-5 12:43 | 阅读：19 | 回复：0
CVE漏洞

CVE-2021-43851

Anuko Time Tracker is an open source, web-based time tracking application written in PHP. SQL injection vulnerability exist in multiple files in Time Tracker version 1.19.33.5606 and prior due to not ...……

作者：菜鸟教程小白 | 时间：2022-2-5 12:43 | 阅读：17 | 回复：0
CVE漏洞

CVE-2021-44927

A null pointer dereference vulnerability exists in gpac 1.1.0 in the gf_sg_vrml_mf_append function, which causes a segmentation fault and application crash.……

作者：菜鸟教程小白 | 时间：2022-2-5 12:43 | 阅读：15 | 回复：0
CVE漏洞

CVE-2021-44926

A null pointer dereference vulnerability exists in gpac 1.1.0-DEV in the gf_node_get_tag function, which causes a segmentation fault and application crash.……

作者：菜鸟教程小白 | 时间：2022-2-5 12:43 | 阅读：18 | 回复：0
CVE漏洞

CVE-2021-44925

A null pointer dereference vulnerability exists in gpac 1.1.0 in the gf_svg_get_attribute_name function, which causes a segmentation fault and application crash.……

作者：菜鸟教程小白 | 时间：2022-2-5 12:43 | 阅读：16 | 回复：0
CVE漏洞

CVE-2021-44924

An infinite loop vulnerability exists in gpac 1.1.0 in the gf_log function, which causes a Denial of Service.……

作者：菜鸟教程小白 | 时间：2022-2-5 12:43 | 阅读：26 | 回复：0
CVE漏洞

CVE-2021-44923

A null pointer dereference vulnerability exists in gpac 1.1.0 in the gf_dump_vrml_dyn_field.isra function, which causes a segmentation fault and application crash.……

作者：菜鸟教程小白 | 时间：2022-2-5 12:43 | 阅读：16 | 回复：0
CVE漏洞

CVE-2021-44922

A null pointer dereference vulnerability exists in gpac 1.1.0 in the BD_CheckSFTimeOffset function, which causes a segmentation fault and application crash.……

作者：菜鸟教程小白 | 时间：2022-2-5 12:43 | 阅读：18 | 回复：0
CVE漏洞

CVE-2021-44921

A null pointer dereference vulnerability exists in gpac 1.1.0 in the gf_isom_parse_movie_boxes_internal function, which causes a segmentation fault and application crash.……

作者：菜鸟教程小白 | 时间：2022-2-5 12:43 | 阅读：24 | 回复：0
CVE漏洞

CVE-2021-44920

An invalid memory address dereference vulnerability exists in gpac 1.1.0 in the dump_od_to_saf.isra function, which causes a segmentation fault and application crash.……

作者：菜鸟教程小白 | 时间：2022-2-5 12:43 | 阅读：19 | 回复：0
CVE漏洞

CVE-2021-44919

A Null Pointer Dereference vulnerability exists in the gf_sg_vrml_mf_alloc function in gpac 1.1.0-DEV, which causes a segmentation fault and application crash.……

作者：菜鸟教程小白 | 时间：2022-2-5 12:43 | 阅读：16 | 回复：0
CVE漏洞

CVE-2021-44918

A Null Pointer Dereference vulnerability exists in gpac 1.1.0 in the gf_node_get_field function, which can cause a segmentation fault and application crash.……

作者：菜鸟教程小白 | 时间：2022-2-5 12:43 | 阅读：19 | 回复：0
CVE漏洞

CVE-2021-44917

A Divide by Zero vulnerability exists in gnuplot 5.4 in the boundary3d function in graph3d.c, which could cause a Arithmetic exception and application crash.……

作者：菜鸟教程小白 | 时间：2022-2-5 12:43 | 阅读：19 | 回复：0
CVE漏洞

CVE-2021-45297

An infinite loop vulnerability exists in Gpac 1.0.1 in gf_get_bit_size.……

作者：菜鸟教程小白 | 时间：2022-2-5 12:43 | 阅读：30 | 回复：0
CVE漏洞

CVE-2021-44860

An out-of-bounds read vulnerability exists when reading a TIF file using Open Design Alliance Drawings SDK before 2022.12. The specific issue exists after loading TIF files. An unchecked input data fr ...……

作者：菜鸟教程小白 | 时间：2022-2-5 12:43 | 阅读：27 | 回复：0
CVE漏洞

CVE-2021-44859

An out-of-bounds read vulnerability exists when reading a TGA file using Open Design Alliance Drawings SDK before 2022.12. The specific issue exists after loading TGA files. An unchecked input data fr ...……

作者：菜鸟教程小白 | 时间：2022-2-5 12:43 | 阅读：31 | 回复：0
CVE漏洞

CVE-2021-44423

An out-of-bounds read vulnerability exists when reading a BMP file using Open Design Alliance (ODA) Drawings Explorer before 2022.12. The specific issue exists after loading BMP files. Unchecked input ...……

作者：菜鸟教程小白 | 时间：2022-2-5 12:43 | 阅读：15 | 回复：0
CVE漏洞

CVE-2021-44422

An Improper Input Validation Vulnerability exists when reading a BMP file using Open Design Alliance Drawings SDK before 2022.12. Crafted data in a BMP file can trigger a write operation past the end ...……

作者：菜鸟教程小白 | 时间：2022-2-5 12:43 | 阅读：17 | 回复：0
CVE漏洞

CVE-2021-38966

IBM Cloud Pak for Automation 21.0.2 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality pot ...……

作者：菜鸟教程小白 | 时间：2022-2-5 12:43 | 阅读：17 | 回复：0
CVE漏洞

CVE-2021-38900

IBM Business Process Manager 8.5 and 8.6 and IBM Business Automation Workflow 18.0, 19.0, 20.0 and 21.0 could allow a privileged user to obtain highly sensitive information due to improper access cont ...……

作者：菜鸟教程小白 | 时间：2022-2-5 12:43 | 阅读：17 | 回复：0
CVE漏洞

CVE-2021-38893

IBM Business Process Manager 8.5 and 8.6 and IBM Business Automation Workflow 18.0, 19.0, 20.0 and 21.0 are vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrar ...……

作者：菜鸟教程小白 | 时间：2022-2-5 12:43 | 阅读：16 | 回复：0
CVE漏洞

CVE-2021-45293

A Denial of Service vulnerability exists in Binaryen 103 due to an Invalid memory address dereference in wasm::WasmBinaryBuilder::visitLet.……

作者：菜鸟教程小白 | 时间：2022-2-5 12:43 | 阅读：22 | 回复：0
CVE漏洞

CVE-2021-45292

The gf_isom_hint_rtp_read function in GPAC 1.0.1 allows attackers to cause a denial of service (Invalid memory address dereference) via a crafted file in the MP4Box command.……

作者：菜鸟教程小白 | 时间：2022-2-5 12:43 | 阅读：25 | 回复：0
CVE漏洞

CVE-2021-45291

The gf_dump_setup function in GPAC 1.0.1 allows malicoius users to cause a denial of service (Invalid memory address dereference) via a crafted file in the MP4Box command.……

作者：菜鸟教程小白 | 时间：2022-2-5 12:43 | 阅读：17 | 回复：0
CVE漏洞

CVE-2021-45290

A Denial of Service vulnerability exits in Binaryen 103 due to an assertion abort in wasm::handle_unreachable.……

作者：菜鸟教程小白 | 时间：2022-2-5 12:43 | 阅读：13 | 回复：0
CVE漏洞

CVE-2021-45289

A vulnerability exists in GPAC 1.0.1 due to an omission of security-relevant Information, which could cause a Denial of Service. The program terminates with signal SIGKILL.……

作者：菜鸟教程小白 | 时间：2022-2-5 12:43 | 阅读：11 | 回复：0
CVE漏洞

CVE-2021-44207

Acclaim USAHERDS through 7.4.0.1 uses hard-coded credentials.……

作者：菜鸟教程小白 | 时间：2022-2-5 12:43 | 阅读：12 | 回复：0
CVE漏洞

CVE-2021-27453

Mesa Labs AmegaView Versions 3.0 uses default cookies that could be set to bypass authentication to the web application, which may allow an attacker to gain access.……

作者：菜鸟教程小白 | 时间：2022-2-5 12:43 | 阅读：12 | 回复：0
CVE漏洞

CVE-2021-27451

Mesa Labs AmegaView Versions 3.0 and prior’s passcode is generated by an easily reversible algorithm, which may allow an attacker to gain access to the device.……

作者：菜鸟教程小白 | 时间：2022-2-5 12:43 | 阅读：17 | 回复：0
CVE漏洞

CVE-2021-27449

Mesa Labs AmegaView Versions 3.0 and prior has a command injection vulnerability that can be exploited to execute commands in the web server.……

作者：菜鸟教程小白 | 时间：2022-2-5 12:43 | 阅读：14 | 回复：0
CVE漏洞

CVE-2021-27447

Mesa Labs AmegaView version 3.0 is vulnerable to a command injection, which may allow an attacker to remotely execute arbitrary code.……

作者：菜鸟教程小白 | 时间：2022-2-5 12:43 | 阅读：8 | 回复：0
CVE漏洞

CVE-2021-27445

Mesa Labs AmegaView Versions 3.0 and prior has insecure file permissions that could be exploited to escalate privileges on the device.……

作者：菜鸟教程小白 | 时间：2022-2-5 12:43 | 阅读：11 | 回复：0
CVE漏洞

CVE-2020-19770

A cross-site scripting (XSS) vulnerability in the system bulletin component of WUZHI CMS v4.1.0 allows attackers to steal the admin's cookie.……

作者：菜鸟教程小白 | 时间：2022-2-5 12:43 | 阅读：6 | 回复：0
CVE漏洞

CVE-2021-45288

A Double Free vulnerability exists in filedump.c in GPAC 1.0.1, which could cause a Denail of Service via a crafted file in the MP4Box command.……

作者：菜鸟教程小白 | 时间：2022-2-5 12:43 | 阅读：5 | 回复：0
CVE漏洞

CVE-2021-44877

Dalmark Systems Systeam 2.22.8 build 1724 is vulnerable to Incorrect Access Control. The Systeam application is an ERP system that uses a mixed architecture based on SaaS tenant and user management, a ...……

作者：菜鸟教程小白 | 时间：2022-2-5 12:43 | 阅读：9 | 回复：0
CVE漏洞

CVE-2021-44876

Dalmark Systems Systeam 2.22.8 build 1724 is vulnerable to User enumeration. The Systeam application is an ERP system that uses a mixed architecture based on SaaS tenant and user management, and on-pr ...……

作者：菜鸟教程小白 | 时间：2022-2-5 12:43 | 阅读：5 | 回复：0
CVE漏洞

CVE-2021-44875

Dalmark Systems Systeam 2.22.8 build 1724 is vulnerable to User enumeration. The Systeam application is an ERP system that uses a mixed architecture based on SaaS tenant and user management, and on-pr ...……

作者：菜鸟教程小白 | 时间：2022-2-5 12:43 | 阅读：9 | 回复：0