漏洞 - 第511页-OGeek|极客世界-中国程序员成长平台

OGeek|极客世界-中国程序员成长平台 › 门户 ›漏洞

漏洞

RSS

下级分类:

CVE漏洞

CVE-2020-16154

The App::cpanminus package 1.7044 for Perl allows Signature Verification Bypass.……

作者：菜鸟教程小白 | 时间：2022-2-5 12:36 | 阅读：18 | 回复：0
CVE漏洞

CVE-2021-43983

WECON LeviStudioU Versions 2019-09-21 and prior are vulnerable to multiple stack-based buffer overflow instances while parsing project files, which may allow an attacker to execute arbitrary code.……

作者：菜鸟教程小白 | 时间：2022-2-5 12:36 | 阅读：5 | 回复：0
CVE漏洞

CVE-2021-40008

There is a memory leak vulnerability in CloudEngine 12800 V200R019C00SPC800, CloudEngine 5800 V200R019C00SPC800, CloudEngine 6800 V200R019C00SPC800 and CloudEngine 7800 V200R019C00SPC800. The software ...……

作者：菜鸟教程小白 | 时间：2022-2-5 12:36 | 阅读：7 | 回复：0
CVE漏洞

CVE-2021-40007

There is an information leak vulnerability in eCNS280_TD V100R005C10SPC650. The vulnerability is caused by improper log output management. An attacker with the ability to access the log file of device ...……

作者：菜鸟教程小白 | 时间：2022-2-5 12:36 | 阅读：9 | 回复：0
CVE漏洞

CVE-2021-39945

Improper access control in the GitLab CE/EE API affecting all versions starting from 9.4 before 14.3.6, all versions starting from 14.4 before 14.4.4, all versions starting from 14.5 before 14.5.2, al ...……

作者：菜鸟教程小白 | 时间：2022-2-5 12:36 | 阅读：14 | 回复：0
CVE漏洞

CVE-2021-39944

An issue has been discovered in GitLab CE/EE affecting all versions starting from 11.0 before 14.3.6, all versions starting from 14.4 before 14.4.4, all versions starting from 14.5 before 14.5.2. A pe ...……

作者：菜鸟教程小白 | 时间：2022-2-5 12:36 | 阅读：16 | 回复：0
CVE漏洞

CVE-2021-39941

An information disclosure vulnerability in GitLab CE/EE versions 12.0 to 14.3.6, 14.4 to 14.4.4, and 14.5 to 14.5.2 allowed non-project members to see the default branch name for projects that restric ...……

作者：菜鸟教程小白 | 时间：2022-2-5 12:36 | 阅读：7 | 回复：0
CVE漏洞

CVE-2021-39940

An issue has been discovered in GitLab CE/EE affecting all versions starting from 13.2 before 14.3.6, all versions starting from 14.4 before 14.4.4, all versions starting from 14.5 before 14.5.2. GitL ...……

作者：菜鸟教程小白 | 时间：2022-2-5 12:36 | 阅读：26 | 回复：0
CVE漏洞

CVE-2021-39939

An uncontrolled resource consumption vulnerability in GitLab Runner affecting all versions starting from 13.7 before 14.3.6, all versions starting from 14.4 before 14.4.4, all versions starting from 1 ...……

作者：菜鸟教程小白 | 时间：2022-2-5 12:36 | 阅读：14 | 回复：0
CVE漏洞

CVE-2021-39938

A vulnerable regular expression pattern in GitLab CE/EE since version 8.15 before 14.3.6, all versions starting from 14.4 before 14.4.4, all versions starting from 14.5 before 14.5.2, allows an attack ...……

作者：菜鸟教程小白 | 时间：2022-2-5 12:36 | 阅读：5 | 回复：0
CVE漏洞

CVE-2021-39937

A collision in access memoization logic in all versions of GitLab CE/EE before 14.3.6, all versions starting from 14.4 before 14.4.4, all versions starting from 14.5 before 14.5.2, leads to potential ...……

作者：菜鸟教程小白 | 时间：2022-2-5 12:36 | 阅读：7 | 回复：0
CVE漏洞

CVE-2021-39936

Improper access control in GitLab CE/EE affecting all versions starting from 10.7 before 14.3.6, all versions starting from 14.4 before 14.4.4, all versions starting from 14.5 before 14.5.2, allows an ...……

作者：菜鸟教程小白 | 时间：2022-2-5 12:36 | 阅读：9 | 回复：0
CVE漏洞

CVE-2021-39935

An issue has been discovered in GitLab CE/EE affecting all versions starting from 10.5 before 14.3.6, all versions starting from 14.4 before 14.4.4, all versions starting from 14.5 before 14.5.2. Unau ...……

作者：菜鸟教程小白 | 时间：2022-2-5 12:36 | 阅读：10 | 回复：0
CVE漏洞

CVE-2021-39934

Improper access control allows any project member to retrieve the service desk email address in GitLab CE/EE versions starting 12.10 before 14.3.6, all versions starting from 14.4 before 14.4.4, all v ...……

作者：菜鸟教程小白 | 时间：2022-2-5 12:36 | 阅读：9 | 回复：0
CVE漏洞

CVE-2021-39933

An issue has been discovered in GitLab CE/EE affecting all versions starting from 12.10 before 14.3.6, all versions starting from 14.4 before 14.4.4, all versions starting from 14.5 before 14.5.2. A r ...……

作者：菜鸟教程小白 | 时间：2022-2-5 12:36 | 阅读：19 | 回复：0
CVE漏洞

CVE-2021-39932

An issue has been discovered in GitLab CE/EE affecting all versions starting from 11.0 before 14.3.6, all versions starting from 14.4 before 14.4.4, all versions starting from 14.5 before 14.5.2. Usin ...……

作者：菜鸟教程小白 | 时间：2022-2-5 12:36 | 阅读：8 | 回复：0
CVE漏洞

CVE-2021-39931

An issue has been discovered in GitLab CE/EE affecting all versions starting from 8.11 before 14.3.6, all versions starting from 14.4 before 14.4.4, all versions starting from 14.5 before 14.5.2. Unde ...……

作者：菜鸟教程小白 | 时间：2022-2-5 12:36 | 阅读：5 | 回复：0
CVE漏洞

CVE-2021-39930

Missing authorization in GitLab EE versions between 12.4 and 14.3.6, between 14.4.0 and 14.4.4, and between 14.5.0 and 14.5.2 allowed an attacker to access a user's custom project and group templa ...……

作者：菜鸟教程小白 | 时间：2022-2-5 12:36 | 阅读：10 | 回复：0
CVE漏洞

CVE-2021-39919

In all versions of GitLab CE/EE starting version 14.0 before 14.3.6, all versions starting from 14.4 before 14.4.4, all versions starting from 14.5 before 14.5.2, the reset password token and new user ...……

作者：菜鸟教程小白 | 时间：2022-2-5 12:36 | 阅读：10 | 回复：0
CVE漏洞

CVE-2021-39918

Incorrect Authorization in GitLab EE affecting all versions starting from 11.1 before 14.3.6, all versions starting from 14.4 before 14.4.4, all versions starting from 14.5 before 14.5.2, allows a use ...……

作者：菜鸟教程小白 | 时间：2022-2-5 12:36 | 阅读：17 | 回复：0
CVE漏洞

CVE-2021-39917

An issue has been discovered in GitLab CE/EE affecting all versions starting from 12.9 before 14.3.6, all versions starting from 14.4 before 14.4.4, all versions starting from 14.5 before 14.5.2. A re ...……

作者：菜鸟教程小白 | 时间：2022-2-5 12:36 | 阅读：9 | 回复：0
CVE漏洞

CVE-2021-39916

Lack of an access control check in the External Status Check feature allowed any authenticated user to retrieve the configuration of any External Status Check in GitLab EE starting from 14.1 before 14 ...……

作者：菜鸟教程小白 | 时间：2022-2-5 12:36 | 阅读：12 | 回复：0
CVE漏洞

CVE-2021-39915

Improper access control in the GraphQL API in GitLab CE/EE affecting all versions starting from 13.0 before 14.3.6, all versions starting from 14.4 before 14.4.4, all versions starting from 14.5 befor ...……

作者：菜鸟教程小白 | 时间：2022-2-5 12:36 | 阅读：29 | 回复：0
CVE漏洞

CVE-2021-39910

An issue has been discovered in GitLab CE/EE affecting all versions starting from 12.6 before 14.3.6, all versions starting from 14.4 before 14.4.4, all versions starting from 14.5 before 14.5.2. GitL ...……

作者：菜鸟教程小白 | 时间：2022-2-5 12:36 | 阅读：34 | 回复：0
CVE漏洞

CVE-2021-22279

A Missing Authentication vulnerability in RobotWare for the OmniCore robot controller allows an attacker to read and modify files on the robot controller if the attacker has access to the Connected Se ...……

作者：菜鸟教程小白 | 时间：2022-2-5 12:36 | 阅读：19 | 回复：0
CVE漏洞

CVE-2021-44966

SQL injection bypass authentication vulnerability in PHPGURUKUL Employee Record Management System 1.2 via index.php. An attacker can log in as an admin account of this system and can destroy, change o ...……

作者：菜鸟教程小白 | 时间：2022-2-5 12:36 | 阅读：13 | 回复：0
CVE漏洞

CVE-2021-44965

Directory traversal vulnerability in /admin/includes/* directory for PHPGURUKUL Employee Record Management System 1.2 The attacker can retrieve and download sensitive information from the vulnerable s ...……

作者：菜鸟教程小白 | 时间：2022-2-5 12:36 | 阅读：17 | 回复：0
CVE漏洞

CVE-2021-36169

A Hidden Functionality in Fortinet FortiOS 7.x before 7.0.1, FortiOS 6.4.x before 6.4.7 allows attacker to Execute unauthorized code or commands via specific hex read/write operations.……

作者：菜鸟教程小白 | 时间：2022-2-5 12:36 | 阅读：22 | 回复：0
CVE漏洞

CVE-2021-43117

fastadmin v1.2.1 is affected by a file upload vulnerability which allows arbitrary code execution through shell access.……

作者：菜鸟教程小白 | 时间：2022-2-5 12:36 | 阅读：4 | 回复：0
CVE漏洞

CVE-2021-42549

Insufficient Input Validation in the search functionality of Wordpress plugin Lets-Box prior to 1.15.3 allows unauthenticated user to craft a reflected Cross-Site Scripting attack.……

作者：菜鸟教程小白 | 时间：2022-2-5 12:36 | 阅读：10 | 回复：0
CVE漏洞

CVE-2021-42548

Insufficient Input Validation in the search functionality of Wordpress plugin Share-one-Drive prior to 1.15.3 allows unauthenticated user to craft a reflected Cross-Site Scripting attack.……

作者：菜鸟教程小白 | 时间：2022-2-5 12:36 | 阅读：14 | 回复：0
CVE漏洞

CVE-2021-42547

Insufficient Input Validation in the search functionality of Wordpress plugin Out-of-the-Box prior to 1.20.3 allows unauthenticated user to craft a reflected Cross-Site Scripting attack.……

作者：菜鸟教程小白 | 时间：2022-2-5 12:36 | 阅读：17 | 回复：0
CVE漏洞

CVE-2021-42546

Insufficient Input Validation in the search functionality of Wordpress plugin Use-Your-Drive prior to 1.18.3 allows unauthenticated user to craft a reflected Cross-Site Scripting attack.……

作者：菜鸟教程小白 | 时间：2022-2-5 12:36 | 阅读：17 | 回复：0
CVE漏洞

CVE-2021-24972

The Pixel Cat WordPress plugin before 2.6.3 does not escape some of its settings, which could allow high privilege users to perform Cross-Site Scripting attacks even when the unfiltered_html is disall ...……

作者：菜鸟教程小白 | 时间：2022-2-5 12:36 | 阅读：15 | 回复：0
CVE漏洞

CVE-2021-24970

The All-in-One Video Gallery WordPress plugin before 2.5.0 does not sanitise and validate the tab parameter before using it in a require statement in the admin dashboard, leading to a Local File Inclu ...……

作者：菜鸟教程小白 | 时间：2022-2-5 12:36 | 阅读：17 | 回复：0
CVE漏洞

CVE-2021-24955

The User Registration, Login Form, User Profile Membership WordPress plugin before 3.2.3 does not escape the data parameter of the pp_get_forms_by_builder_type AJAX action before outputting it back i ...……

作者：菜鸟教程小白 | 时间：2022-2-5 12:36 | 阅读：21 | 回复：0
CVE漏洞

CVE-2021-24954

The User Registration, Login Form, User Profile Membership WordPress plugin before 3.2.3 does not sanitise and escape the ppress_cc_data parameter before outputting it back in an attribute of an admi ...……

作者：菜鸟教程小白 | 时间：2022-2-5 12:36 | 阅读：15 | 回复：0
CVE漏洞

CVE-2021-24951

The LearnPress WordPress plugin before 4.1.4 does not sanitise, validate and escape the id parameter before using it in SQL statements when duplicating course/lesson/quiz/question, leading to SQL Inje ...……

作者：菜鸟教程小白 | 时间：2022-2-5 12:36 | 阅读：15 | 回复：0
CVE漏洞

CVE-2021-24946

The Modern Events Calendar Lite WordPress plugin before 6.1.5 does not sanitise and escape the time parameter before using it in a SQL statement in the mec_load_single_page AJAX action, available to u ...……

作者：菜鸟教程小白 | 时间：2022-2-5 12:36 | 阅读：17 | 回复：0
CVE漏洞

CVE-2021-24945

The Like Button Rating â™¥ LikeBtn WordPress plugin before 2.6.38 does not have any authorisation and CSRF checks in the likebtn_export_votes AJAX action, which could allow any authenticated user, ...……

作者：菜鸟教程小白 | 时间：2022-2-5 12:36 | 阅读：14 | 回复：0