漏洞 - 第530页-OGeek|极客世界-中国程序员成长平台

OGeek|极客世界-中国程序员成长平台 › 门户 ›漏洞

漏洞

RSS

下级分类:

CVE漏洞

CVE-2021-34418

The login routine of the web console in the Zoom On-Premise Meeting Connector before version 4.6.239.20200613, Zoom On-Premise Meeting Connector MMR before version 4.6.239.20200613, Zoom On-Premise Re ...……

作者：菜鸟教程小白 | 时间：2022-2-5 12:33 | 阅读：18 | 回复：0
CVE漏洞

CVE-2021-34417

The network proxy page on the web portal for the Zoom On-Premise Meeting Connector Controller before version 4.6.365.20210703, Zoom On-Premise Meeting Connector MMR before version 4.6.365.20210703, Zo ...……

作者：菜鸟教程小白 | 时间：2022-2-5 12:33 | 阅读：15 | 回复：0
CVE漏洞

CVE-2021-3912

OctoRPKI tries to load the entire contents of a repository in memory, and in the case of a GZIP bomb, unzip it in memory, making it possible to create a repository that makes OctoRPKI run out of memor ...……

作者：菜鸟教程小白 | 时间：2022-2-5 12:33 | 阅读：15 | 回复：0
CVE漏洞

CVE-2021-3911

If the ROA that a repository returns contains too many bits for the IP address then OctoRPKI will crash.……

作者：菜鸟教程小白 | 时间：2022-2-5 12:33 | 阅读：18 | 回复：0
CVE漏洞

CVE-2021-3910

OctoRPKI crashes when encountering a repository that returns an invalid ROA (just an encoded NUL (\0) character).……

作者：菜鸟教程小白 | 时间：2022-2-5 12:33 | 阅读：34 | 回复：0
CVE漏洞

CVE-2021-3909

OctoRPKI does not limit the length of a connection, allowing for a slowloris DOS attack to take place which makes OctoRPKI wait forever. Specifically, the repository that OctoRPKI sends HTTP requests ...……

作者：菜鸟教程小白 | 时间：2022-2-5 12:33 | 阅读：20 | 回复：0
CVE漏洞

CVE-2021-3908

OctoRPKI does not limit the depth of a certificate chain, allowing for a CA to create children in an ad-hoc fashion, thereby making tree traversal never end.……

作者：菜鸟教程小白 | 时间：2022-2-5 12:33 | 阅读：25 | 回复：0
CVE漏洞

CVE-2021-3907

OctoRPKI does not escape a URI with a filename containing .., this allows a repository to create a file, (ex. rsync://example.org/repo/../../etc/cron.daily/evil.roa), which would then be written to di ...……

作者：菜鸟教程小白 | 时间：2022-2-5 12:33 | 阅读：20 | 回复：0
CVE漏洞

CVE-2002-20001

The Diffie-Hellman Key Agreement Protocol allows remote attackers (from the client side) to send arbitrary numbers that are actually not public keys, and trigger expensive server-side DHE modular-expo ...……

作者：菜鸟教程小白 | 时间：2022-2-5 12:33 | 阅读：46 | 回复：0
CVE漏洞

CVE-2021-43350

An unauthenticated Apache Traffic Control Traffic Ops user can send a request with a specially-crafted username to the POST /login endpoint of any API version to inject unsanitized content into the LD ...……

作者：菜鸟教程小白 | 时间：2022-2-5 12:33 | 阅读：23 | 回复：0
CVE漏洞

CVE-2021-26558

Deserialization of Untrusted Data vulnerability of Apache ShardingSphere-UI allows an attacker to inject outer link resources. This issue affects Apache ShardingSphere-UI Apache ShardingSphere-UI vers ...……

作者：菜鸟教程小白 | 时间：2022-2-5 12:33 | 阅读：14 | 回复：0
CVE漏洞

CVE-2021-25980

In Talkyard, versions v0.04.01 through v0.6.74-WIP-63220cb, v0.2020.22-WIP-b2e97fe0e through v0.2021.02-WIP-879ef3fe1 and tyse-v0.2021.02-879ef3fe1-regular through tyse-v0.2021.28-af66b6905-regular, a ...……

作者：菜鸟教程小白 | 时间：2022-2-5 12:33 | 阅读：19 | 回复：0
CVE漏洞

CVE-2021-43397

LiquidFiles before 3.6.3 allows remote attackers to elevate their privileges from Admin (or User Admin) to Sysadmin.……

作者：菜鸟教程小白 | 时间：2022-2-5 12:33 | 阅读：32 | 回复：0
CVE漏洞

CVE-2021-42847

Zoho ManageEngine ADAudit Plus before 7006 allows attackers to write to, and execute, arbitrary files.……

作者：菜鸟教程小白 | 时间：2022-2-5 12:33 | 阅读：44 | 回复：0
CVE漏洞

CVE-2021-42002

Zoho ManageEngine ADManager Plus before 7115 is vulnerable to a filter bypass that leads to file-upload remote code execution.……

作者：菜鸟教程小白 | 时间：2022-2-5 12:33 | 阅读：24 | 回复：0
CVE漏洞

CVE-2021-41833

Zoho ManageEngine Patch Connect Plus before 90099 is vulnerable to unauthenticated remote code execution.……

作者：菜鸟教程小白 | 时间：2022-2-5 12:33 | 阅读：14 | 回复：0
CVE漏洞

CVE-2021-41081

Zoho ManageEngine Network Configuration Manager before ??125465 is vulnerable to SQL Injection in a configuration search.……

作者：菜鸟教程小白 | 时间：2022-2-5 12:33 | 阅读：28 | 回复：0
CVE漏洞

CVE-2021-41080

Zoho ManageEngine Network Configuration Manager before ??125465 is vulnerable to SQL Injection in a hardware details search.……

作者：菜鸟教程小白 | 时间：2022-2-5 12:33 | 阅读：21 | 回复：0
CVE漏洞

CVE-2021-43573

A buffer overflow was discovered on Realtek RTL8195AM devices before 2.0.10. It exists in the client code when processing a malformed IE length of HT capability information in the Beacon and Associati ...……

作者：菜鸟教程小白 | 时间：2022-2-5 12:33 | 阅读：33 | 回复：0
CVE漏洞

CVE-2021-40873

An issue was discovered in Softing Industrial Automation OPC UA C++ SDK before 5.66, and uaToolkit Embedded before 1.40. Remote attackers to cause a denial of service (DoS) by sending crafted messages ...……

作者：菜鸟教程小白 | 时间：2022-2-5 12:33 | 阅读：35 | 回复：0
CVE漏洞

CVE-2021-40872

An issue was discovered in Softing Industrial Automation uaToolkit Embedded before 1.40. Remote attackers to cause a denial of service (DoS) or login as an anonymous user (bypassing security checks) b ...……

作者：菜鸟教程小白 | 时间：2022-2-5 12:33 | 阅读：28 | 回复：0
CVE漏洞

CVE-2021-40871

An issue was discovered in Softing Industrial Automation OPC UA C++ SDK before 5.66. Remote attackers to cause a denial of service (DoS) by sending crafted messages to a OPC/UA client. The client proc ...……

作者：菜鸟教程小白 | 时间：2022-2-5 12:33 | 阅读：8 | 回复：0
CVE漏洞

CVE-2021-33816

The website builder module in Dolibarr 13.0.2 allows remote PHP code execution because of an incomplete protection mechanism in which system, exec, and shell_exec are blocked but backticks are not blo ...……

作者：菜鸟教程小白 | 时间：2022-2-5 12:33 | 阅读：9 | 回复：0
CVE漏洞

CVE-2021-33618

Dolibarr ERP and CRM 13.0.2 allows XSS via object details, as demonstrated by and characters in the onpointermove attribute of a BODY element to the user-management feature.……

作者：菜鸟教程小白 | 时间：2022-2-5 12:33 | 阅读：40 | 回复：0
CVE漏洞

CVE-2020-23906

FFmpeg N-98388-g76a3ee996b allows attackers to cause a denial of service (DoS) via a crafted audio file due to insufficient verification of data authenticity.……

作者：菜鸟教程小白 | 时间：2022-2-5 12:33 | 阅读：18 | 回复：0
CVE漏洞

CVE-2020-23904

** DISPUTED ** A stack buffer overflow in speexenc.c of Speex v1.2 allows attackers to cause a denial of service (DoS) via a crafted WAV file. NOTE: the vendor states I cannot reproduce it and it is a ...……

作者：菜鸟教程小白 | 时间：2022-2-5 12:33 | 阅读：7 | 回复：0
CVE漏洞

CVE-2020-23903

A Divide by Zero vulnerability in the function static int read_samples of Speex v1.2 allows attackers to cause a denial of service (DoS) via a crafted WAV file.……

作者：菜鸟教程小白 | 时间：2022-2-5 12:33 | 阅读：12 | 回复：0
CVE漏洞

CVE-2020-23902

A buffer overflow in WildBit Viewer v6.6 allows attackers to cause a denial of service (DoS) via a crafted tga file. Related to Data from Faulting Address may be used as a return value starting at Edi ...……

作者：菜鸟教程小白 | 时间：2022-2-5 12:33 | 阅读：6 | 回复：0
CVE漏洞

CVE-2020-23901

A User Mode Write AV in Editor+0x5d15 of WildBit Viewer v6.6 allows attackers to cause a denial of service (DoS) via a crafted tga file.……

作者：菜鸟教程小白 | 时间：2022-2-5 12:33 | 阅读：13 | 回复：0
CVE漏洞

CVE-2020-23900

A buffer overflow in WildBit Viewer v6.6 allows attackers to cause a denial of service (DoS) via a crafted tga file. Related to Data from Faulting Address controls Code Flow starting at Editor!TMethod ...……

作者：菜鸟教程小白 | 时间：2022-2-5 12:33 | 阅读：10 | 回复：0
CVE漏洞

CVE-2020-23899

A User Mode Write AV in Editor+0x5f91 of WildBit Viewer v6.6 allows attackers to cause a denial of service (DoS) via a crafted tga file.……

作者：菜鸟教程小白 | 时间：2022-2-5 12:33 | 阅读：25 | 回复：0
CVE漏洞

CVE-2020-23898

A User Mode Write AV in Editor+0x5ea2 of WildBit Viewer v6.6 allows attackers to cause a denial of service (DoS) via a crafted tga file.……

作者：菜鸟教程小白 | 时间：2022-2-5 12:33 | 阅读：24 | 回复：0
CVE漏洞

CVE-2020-23897

A User Mode Write AV in Editor!TMethodImplementationIntercept+0x54dcec of WildBit Viewer v6.6 allows attackers to cause a denial of service (DoS) via a crafted tga file.……

作者：菜鸟教程小白 | 时间：2022-2-5 12:33 | 阅读：17 | 回复：0
CVE漏洞

CVE-2020-23896

A User Mode Write AV in Editor+0x576b of WildBit Viewer v6.6 allows attackers to cause a denial of service (DoS) via a crafted tiff file.……

作者：菜鸟教程小白 | 时间：2022-2-5 12:33 | 阅读：30 | 回复：0
CVE漏洞

CVE-2020-23895

A User Mode Write AV in Editor+0x76af of WildBit Viewer v6.6 allows attackers to cause a denial of service (DoS) via a crafted tiff file.……

作者：菜鸟教程小白 | 时间：2022-2-5 12:33 | 阅读：15 | 回复：0
CVE漏洞

CVE-2020-23894

A User Mode Write AV in ntdll!RtlpCoalesceFreeBlocks+0x268 of WildBit Viewer v6.6 allows attackers to cause a denial of service (DoS) via a crafted tiff file.……

作者：菜鸟教程小白 | 时间：2022-2-5 12:33 | 阅读：9 | 回复：0
CVE漏洞

CVE-2020-23893

A User Mode Write AV in Editor!TMethodImplementationIntercept+0x3c3682 of WildBit Viewer v6.6 allows attackers to cause a denial of service (DoS) via a crafted tiff file.……

作者：菜鸟教程小白 | 时间：2022-2-5 12:33 | 阅读：10 | 回复：0
CVE漏洞

CVE-2020-23891

A User Mode Write AV in Editor+0x5cd7 of WildBit Viewer v6.6 allows attackers to cause a denial of service (DoS) via a crafted tiff file.……

作者：菜鸟教程小白 | 时间：2022-2-5 12:33 | 阅读：11 | 回复：0
CVE漏洞

CVE-2020-23890

A buffer overflow in WildBit Viewer v6.6 allows attackers to cause a denial of service (DoS) via a crafted JPG file. Related to Data from Faulting Address is used as one or more arguments in a subsequ ...……

作者：菜鸟教程小白 | 时间：2022-2-5 12:33 | 阅读：7 | 回复：0
CVE漏洞

CVE-2020-23889

A User Mode Write AV starting at Editor!TMethodImplementationIntercept+0x4189c6 of WildBit Viewer v6.6 allows attackers to cause a denial of service (DoS) via a crafted ico file.……

作者：菜鸟教程小白 | 时间：2022-2-5 12:33 | 阅读：11 | 回复：0