• 设为首页
  • 点击收藏
  • 手机版
    手机扫一扫访问
    迪恩网络手机版
  • 关注官方公众号
    微信扫一扫关注
    迪恩网络公众号

漏洞

RSS

下级分类:

  • CVE-2021-42343
    CVE-2021-42343
    An issue was discovered in the Dask distributed package before 2021.10.0 for Python. Single machine Dask clusters started with dask.distributed.LocalCluster or dask.distributed.Client (which defaults ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 12:16 | 阅读:55 | 回复:0
  • CVE-2021-40345
    CVE-2021-40345
    An issue was discovered in Nagios XI 5.8.5. In the Manage Dashlets section of the Admin panel, an administrator can upload ZIP files. A command injection (within the name of the first file in the arch ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 12:16 | 阅读:56 | 回复:0
  • CVE-2021-40344
    CVE-2021-40344
    An issue was discovered in Nagios XI 5.8.5. In the Custom Includes section of the Admin panel, an administrator can upload files with arbitrary extensions as long as the MIME type corresponds to an im ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 12:16 | 阅读:71 | 回复:0
  • CVE-2021-40343
    CVE-2021-40343
    An issue was discovered in Nagios XI 5.8.5. Insecure file permissions on the nagios_unbundler.py file allow the nagios user to elevate their privileges to the root user.……
    作者:菜鸟教程小白 | 时间:2022-2-5 12:16 | 阅读:68 | 回复:0
  • CVE-2020-5669
    CVE-2020-5669
    Cross-site scripting vulnerability in Movable Type Movable Type Premium 1.37 and earlier and Movable Type Premium Advanced 1.37 and earlier allows a remote authenticated attacker to inject an arbitrar ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 12:16 | 阅读:55 | 回复:0
  • CVE-2021-34596
    CVE-2021-34596
    A crafted request may cause a read access to an uninitialized pointer in CODESYS V2 Runtime Toolkit 32 Bit full and PLCWinNT prior to versions V2.4.7.56, resulting in a denial-of-service condition.……
    作者:菜鸟教程小白 | 时间:2022-2-5 12:16 | 阅读:51 | 回复:0
  • CVE-2021-34595
    CVE-2021-34595
    A crafted request with invalid offsets may cause an out-of-bounds read or write access in CODESYS V2 Runtime Toolkit 32 Bit full and PLCWinNT prior to versions V2.4.7.56, resulting in a denial-of-serv ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 12:16 | 阅读:52 | 回复:0
  • CVE-2021-34593
    CVE-2021-34593
    In CODESYS V2 Runtime Toolkit 32 Bit full and PLCWinNT prior to versions V2.4.7.56 unauthenticated crafted invalid requests may result in several denial-of-service conditions. Running PLC programs may ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 12:16 | 阅读:57 | 回复:0
  • CVE-2021-34586
    CVE-2021-34586
    In the CODESYS V2 web server prior to V1.1.9.22 crafted web server requests may cause a Null pointer dereference in the CODESYS web server and may result in a denial-of-service condition.……
    作者:菜鸟教程小白 | 时间:2022-2-5 12:16 | 阅读:47 | 回复:0
  • CVE-2021-34585
    CVE-2021-34585
    In the CODESYS V2 web server prior to V1.1.9.22 crafted web server requests can trigger a parser error. Since the parser result is not checked under all conditions, a pointer dereference with an inval ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 12:16 | 阅读:58 | 回复:0
  • CVE-2021-34584
    CVE-2021-34584
    Crafted web server requests can be utilised to read partial stack or heap memory or may trigger a denial-of- service condition due to a crash in the CODESYS V2 web server prior to V1.1.9.22.……
    作者:菜鸟教程小白 | 时间:2022-2-5 12:16 | 阅读:52 | 回复:0
  • CVE-2021-34583
    CVE-2021-34583
    Crafted web server requests may cause a heap-based buffer overflow and could therefore trigger a denial-of- service condition due to a crash in the CODESYS V2 web server prior to V1.1.9.22.……
    作者:菜鸟教程小白 | 时间:2022-2-5 12:16 | 阅读:49 | 回复:0
  • CVE-2021-20837
    CVE-2021-20837
    Movable Type 7 r.5002 and earlier (Movable Type 7 Series), Movable Type 6.8.2 and earlier (Movable Type 6 Series), Movable Type Advanced 7 r.5002 and earlier (Movable Type Advanced 7 Series), Movable ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 12:16 | 阅读:48 | 回复:0
  • CVE-2021-41308
    CVE-2021-41308
    Affected versions of Atlassian Jira Server and Data Center allow authenticated yet non-administrator remote attackers to edit the File Replication settings via a Broken Access Control vulnerability in ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 12:16 | 阅读:52 | 回复:0
  • CVE-2021-41307
    CVE-2021-41307
    Affected versions of Atlassian Jira Server and Data Center allow unauthenticated remote attackers to view the names of private projects and private filters via an Insecure Direct Object References (ID ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 12:16 | 阅读:66 | 回复:0
  • CVE-2021-41306
    CVE-2021-41306
    Affected versions of Atlassian Jira Server and Data Center allow anonymous remote attackers to view private project and filter names via an Insecure Direct Object References (IDOR) vulnerability in th ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 12:16 | 阅读:67 | 回复:0
  • CVE-2021-41305
    CVE-2021-41305
    Affected versions of Atlassian Jira Server and Data Center allow anonymous remote attackers to view the names of private projects and filters via an Insecure Direct Object References (IDOR) vulnerabil ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 12:16 | 阅读:37 | 回复:0
  • CVE-2021-41304
    CVE-2021-41304
    Affected versions of Atlassian Jira Server and Data Center allow anonymous remote attackers to inject arbitrary HTML or JavaScript via a Cross-Site Scripting (XSS) vulnerability in the /secure/admin/I ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 12:16 | 阅读:54 | 回复:0
  • CVE-2021-41179
    CVE-2021-41179
    Nextcloud is an open-source, self-hosted productivity platform. Prior to Nextcloud Server versions 20.0.13, 21.0.5, and 22.2.0, the Two-Factor Authentication wasn't enforced for pages marked as pu ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 12:16 | 阅读:38 | 回复:0
  • CVE-2021-41178
    CVE-2021-41178
    Nextcloud is an open-source, self-hosted productivity platform. Prior to versions 20.0.13, 21.0.5, and 22.2.0, a file traversal vulnerability makes an attacker able to download arbitrary SVG images fr ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 12:16 | 阅读:43 | 回复:0
  • CVE-2021-41177
    CVE-2021-41177
    Nextcloud is an open-source, self-hosted productivity platform. Prior to versions 20.0.13, 21.0.5, and 22.2.0, Nextcloud Server did not implement a database backend for rate-limiting purposes. Any com ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 12:16 | 阅读:72 | 回复:0
  • CVE-2021-41145
    CVE-2021-41145
    FreeSWITCH is a Software Defined Telecom Stack enabling the digital transformation from proprietary telecom switches to a software implementation that runs on any commodity hardware. FreeSWITCH prior ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 12:16 | 阅读:44 | 回复:0
  • CVE-2021-41105
    CVE-2021-41105
    FreeSWITCH is a Software Defined Telecom Stack enabling the digital transformation from proprietary telecom switches to a software implementation that runs on any commodity hardware. When handling SRT ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 12:16 | 阅读:39 | 回复:0
  • CVE-2021-39225
    CVE-2021-39225
    Nextcloud is an open-source, self-hosted productivity platform. A missing permission check in Nextcloud Deck before 1.2.9, 1.4.5 and 1.5.3 allows another authenticated users to access Deck cards of an ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 12:16 | 阅读:53 | 回复:0
  • CVE-2021-39224
    CVE-2021-39224
    Nextcloud is an open-source, self-hosted productivity platform. The Nextcloud OfficeOnline application prior to version 1.1.1 returned verbatim exception messages to the user. This could result in a f ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 12:16 | 阅读:44 | 回复:0
  • CVE-2021-39223
    CVE-2021-39223
    Nextcloud is an open-source, self-hosted productivity platform. The Nextcloud Richdocuments application prior to versions 3.8.6 and 4.2.3 returned verbatim exception messages to the user. This could r ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 12:16 | 阅读:41 | 回复:0
  • CVE-2021-38260
    CVE-2021-38260
    NXP MCUXpresso SDK v2.7.0 was discovered to contain a buffer overflow in the function USB_HostParseDeviceConfigurationDescriptor().……
    作者:菜鸟教程小白 | 时间:2022-2-5 12:16 | 阅读:43 | 回复:0
  • CVE-2021-38258
    CVE-2021-38258
    NXP MCUXpresso SDK v2.7.0 was discovered to contain a buffer overflow in the function USB_HostProcessCallback().……
    作者:菜鸟教程小白 | 时间:2022-2-5 12:16 | 阅读:46 | 回复:0
  • CVE-2021-39221
    CVE-2021-39221
    Nextcloud is an open-source, self-hosted productivity platform. The Nextcloud Contacts application prior to version 4.0.3 was vulnerable to a stored Cross-Site Scripting (XSS) vulnerability. For explo ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 12:16 | 阅读:54 | 回复:0
  • CVE-2021-39220
    CVE-2021-39220
    Nextcloud is an open-source, self-hosted productivity platform The Nextcloud Mail application prior to versions 1.10.4 and 1.11.0 does by default not render images in emails to not leak the read state ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 12:16 | 阅读:41 | 回复:0
  • CVE-2021-41176
    CVE-2021-41176
    Pterodactyl is an open-source game server management panel built with PHP 7, React, and Go. In affected versions of Pterodactyl a malicious user can trigger a user logout if a signed in user visits a ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 12:16 | 阅读:51 | 回复:0
  • CVE-2021-34864
    CVE-2021-34864
    This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop 16.1.3 (49160). An attacker must first obtain the ability to execute low-privileged code ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 12:16 | 阅读:37 | 回复:0
  • CVE-2021-34863
    CVE-2021-34863
    This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-2020 1.01rc001 routers. Authentication is not required to exploit this vulnerabil ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 12:16 | 阅读:54 | 回复:0
  • CVE-2021-34862
    CVE-2021-34862
    This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-2020 1.01rc001 routers. Authentication is not required to exploit this vulnerabil ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 12:16 | 阅读:42 | 回复:0
  • CVE-2021-34861
    CVE-2021-34861
    This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-2020 1.01rc001 routers. Authentication is not required to exploit this vulnerabil ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 12:16 | 阅读:71 | 回复:0
  • CVE-2021-34860
    CVE-2021-34860
    This vulnerability allows network-adjacent attackers to disclose sensitive information on affected installations of D-Link DAP-2020 1.01rc001 routers. Authentication is not required to exploit this vu ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 12:16 | 阅读:56 | 回复:0
  • CVE-2021-34859
    CVE-2021-34859
    This vulnerability allows remote attackers to execute arbitrary code on affected installations of TeamViewer 15.16.8.0. User interaction is required to exploit this vulnerability in that the target mu ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 12:16 | 阅读:60 | 回复:0
  • CVE-2021-34857
    CVE-2021-34857
    This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop 16.1.3 (49160). An attacker must first obtain the ability to execute high-privileged cod ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 12:16 | 阅读:65 | 回复:0
  • CVE-2021-34856
    CVE-2021-34856
    This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop 16.1.3 (49160). An attacker must first obtain the ability to execute high-privileged cod ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 12:16 | 阅读:52 | 回复:0
  • CVE-2021-34855
    CVE-2021-34855
    This vulnerability allows local attackers to disclose sensitive information on affected installations of Parallels Desktop 16.1.3 (49160). An attacker must first obtain the ability to execute low-priv ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 12:16 | 阅读:41 | 回复:0

关注我们

极客给你想要的成长

关注极客中国获取最新资讯

热门推荐
阅读排行榜

扫描微信二维码

查看手机版网站

随时了解更新最新资讯

139-2527-9053

在线客服(服务时间 9:00~18:00)

在线QQ客服
地址:深圳市南山区西丽大学城创智工业园
电邮:jeky_zhao#qq.com
移动电话:139-2527-9053

Powered by 互联科技 X3.4© 2001-2213 极客世界.|Sitemap