• 设为首页
  • 点击收藏
  • 手机版
    手机扫一扫访问
    迪恩网络手机版
  • 关注官方公众号
    微信扫一扫关注
    迪恩网络公众号
登陆 注册
描述文字
OGeek|极客世界-中国程序员成长平台 门户 漏洞

漏洞

RSS

下级分类:

  • CVE-2022-21777
    CVE漏洞
    CVE-2022-21777
    In Autoboot, there is a possible permission bypass due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction ...……
    作者:菜鸟教程小白 | 时间:2022-7-8 08:05 | 阅读:188 | 回复:0
  • CVE-2022-21776
    CVE漏洞
    CVE-2022-21776
    In MDP, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploit ...……
    作者:菜鸟教程小白 | 时间:2022-7-8 08:05 | 阅读:152 | 回复:0
  • CVE-2022-21775
    CVE漏洞
    CVE-2022-21775
    In sched driver, there is a possible use after free due to improper locking. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed fo ...……
    作者:菜鸟教程小白 | 时间:2022-7-8 08:05 | 阅读:167 | 回复:0
  • CVE-2022-21774
    CVE漏洞
    CVE-2022-21774
    In TEEI driver, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for ...……
    作者:菜鸟教程小白 | 时间:2022-7-8 08:05 | 阅读:182 | 回复:0
  • CVE-2022-21773
    CVE漏洞
    CVE-2022-21773
    In TEEI driver, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for ...……
    作者:菜鸟教程小白 | 时间:2022-7-8 08:05 | 阅读:174 | 回复:0
  • CVE-2022-21772
    CVE漏洞
    CVE-2022-21772
    In TEEI driver, there is a possible type confusion due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for ...……
    作者:菜鸟教程小白 | 时间:2022-7-8 08:05 | 阅读:144 | 回复:0
  • CVE-2022-21771
    CVE漏洞
    CVE-2022-21771
    In GED driver, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for ...……
    作者:菜鸟教程小白 | 时间:2022-7-8 08:05 | 阅读:197 | 回复:0
  • CVE-2022-21770
    CVE漏洞
    CVE-2022-21770
    In sound driver, there is a possible information disclosure due to symlink following. This could lead to local information disclosure with System execution privileges needed. User interaction is not n ...……
    作者:菜鸟教程小白 | 时间:2022-7-8 08:05 | 阅读:132 | 回复:0
  • CVE-2022-21769
    CVE漏洞
    CVE-2022-21769
    In CCCI, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed f ...……
    作者:菜鸟教程小白 | 时间:2022-7-8 08:05 | 阅读:137 | 回复:0
  • CVE-2022-21768
    CVE漏洞
    CVE-2022-21768
    In Bluetooth, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction i ...……
    作者:菜鸟教程小白 | 时间:2022-7-8 08:05 | 阅读:121 | 回复:0
  • CVE-2022-21767
    CVE漏洞
    CVE-2022-21767
    In Bluetooth, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction i ...……
    作者:菜鸟教程小白 | 时间:2022-7-8 08:05 | 阅读:121 | 回复:0
  • CVE-2022-21766
    CVE漏洞
    CVE-2022-21766
    In CCCI, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed ...……
    作者:菜鸟教程小白 | 时间:2022-7-8 08:05 | 阅读:125 | 回复:0
  • CVE-2022-21765
    CVE漏洞
    CVE-2022-21765
    In CCCI, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed ...……
    作者:菜鸟教程小白 | 时间:2022-7-8 08:05 | 阅读:117 | 回复:0
  • CVE-2022-21764
    CVE漏洞
    CVE-2022-21764
    In telecom service, there is a possible information disclosure due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User i ...……
    作者:菜鸟教程小白 | 时间:2022-7-8 08:05 | 阅读:116 | 回复:0
  • CVE-2022-21763
    CVE漏洞
    CVE-2022-21763
    In telecom service, there is a possible information disclosure due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User i ...……
    作者:菜鸟教程小白 | 时间:2022-7-8 08:05 | 阅读:122 | 回复:0
  • CVE-2022-21744
    CVE漏洞
    CVE-2022-21744
    In Modem 2G RR, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution when decoding GPRS Packet Neighbour Cell Data (PNCD) improper neighbouri ...……
    作者:菜鸟教程小白 | 时间:2022-7-8 08:05 | 阅读:110 | 回复:0
  • CVE-2022-20083
    CVE漏洞
    CVE-2022-20083
    In Modem 2G/3G CC, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution when decoding combined FACILITY with no additional execution privileg ...……
    作者:菜鸟教程小白 | 时间:2022-7-8 08:05 | 阅读:129 | 回复:0
  • CVE-2022-20082
    CVE漏洞
    CVE-2022-20082
    In GPU, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for ...……
    作者:菜鸟教程小白 | 时间:2022-7-8 08:05 | 阅读:114 | 回复:0
  • CVE-2022-33980
    CVE漏洞
    CVE-2022-33980
    Apache Commons Configuration performs variable interpolation, allowing properties to be dynamically evaluated and expanded. The standard format for interpolation is ${prefix:name}, where prefix is use ...……
    作者:菜鸟教程小白 | 时间:2022-7-8 08:05 | 阅读:120 | 回复:0
  • CVE-2022-28935
    CVE漏洞
    CVE-2022-28935
    Totolink A830R V5.9c.4729_B20191112, Totolink A3100R V4.1.2cu.5050_B20200504, Totolink A950RG V4.1.2cu.5161_B20200903, Totolink A800R V4.1.2cu.5137_B20200730, Totolink A3000RU V5.9c.5185_B20201128, To ...……
    作者:菜鸟教程小白 | 时间:2022-7-8 08:05 | 阅读:111 | 回复:0
  • CVE-2022-24141
    CVE漏洞
    CVE-2022-24141
    The iTopVPNmini.exe component of iTop VPN 3.2 will try to connect to datastate_iTopVPN_Pipe_Server on a loop. An attacker that opened a named pipe with the same name can use it to gain the token of an ...……
    作者:菜鸟教程小白 | 时间:2022-7-8 08:05 | 阅读:109 | 回复:0
  • CVE-2022-24140
    CVE漏洞
    CVE-2022-24140
    IOBit Advanced System Care 15, iTop Screen Recorder 2.1, iTop VPN 3.2, Driver Booster 9, and iTop Screenshot sends HTTP requests in their update procedure in order to download a config file. After dow ...……
    作者:菜鸟教程小白 | 时间:2022-7-8 08:05 | 阅读:109 | 回复:0
  • CVE-2022-24139
    CVE漏洞
    CVE-2022-24139
    In IOBit Advanced System Care (AscService.exe) 15, an attacker with SEImpersonatePrivilege can create a named pipe with the same name as one of ASCService's named pipes. ASCService first tries to ...……
    作者:菜鸟教程小白 | 时间:2022-7-8 08:05 | 阅读:111 | 回复:0
  • CVE-2022-24138
    CVE漏洞
    CVE-2022-24138
    IOBit Advanced System Care (Asc.exe) 15 and Action Download Center both download components of IOBit suite into ProgramData folder, ProgramData folder has rwx permissions for unprivileged users. Low p ...……
    作者:菜鸟教程小白 | 时间:2022-7-8 08:05 | 阅读:122 | 回复:0
  • CVE-2021-37839
    CVE漏洞
    CVE-2021-37839
    Apache Superset up to 1.5.1 allowed for authenticated users to access metadata information related to datasets they have no permission on. This metadata included the dataset name, columns and metrics.……
    作者:菜鸟教程小白 | 时间:2022-7-8 08:05 | 阅读:108 | 回复:0
  • CVE-2021-31679
    CVE漏洞
    CVE-2021-31679
    An issue was discovered in PESCMS-V2.3.3. There is a CSRF vulnerability that allows attackers to delete admin and other members' account numbers.……
    作者:菜鸟教程小白 | 时间:2022-7-8 08:05 | 阅读:128 | 回复:0
  • CVE-2021-31678
    CVE漏洞
    CVE-2021-31678
    An issue was discovered in PESCMS-V2.3.3. There is a CSRF vulnerability that can delete import information about a user's company.……
    作者:菜鸟教程小白 | 时间:2022-7-8 08:05 | 阅读:140 | 回复:0
  • CVE-2021-31677
    CVE漏洞
    CVE-2021-31677
    An issue was discovered in PESCMS-V2.3.3. There is a CSRF vulnerability that can modify admin and other members' passwords.……
    作者:菜鸟教程小白 | 时间:2022-7-8 08:05 | 阅读:156 | 回复:0
  • CVE-2021-31676
    CVE漏洞
    CVE-2021-31676
    A reflected XSS was discovered in PESCMS-V2.3.3. When combined with CSRF in the same file, they can cause bigger destruction.……
    作者:菜鸟教程小白 | 时间:2022-7-8 08:05 | 阅读:133 | 回复:0
  • CVE-2022-32386
    CVE漏洞
    CVE-2022-32386
    Tenda AC23 v16.03.07.44 was discovered to contain a buffer overflow via fromAdvSetMacMtuWan.……
    作者:菜鸟教程小白 | 时间:2022-7-8 08:05 | 阅读:138 | 回复:0
  • CVE-2022-32385
    CVE漏洞
    CVE-2022-32385
    Tenda AC23 v16.03.07.44 is vulnerable to Stack Overflow that will allow for the execution of arbitrary code (remote).……
    作者:菜鸟教程小白 | 时间:2022-7-8 08:05 | 阅读:121 | 回复:0
  • CVE-2022-32383
    CVE漏洞
    CVE-2022-32383
    Tenda AC23 v16.03.07.44 was discovered to contain a stack overflow via the AdvSetMacMtuWan function.……
    作者:菜鸟教程小白 | 时间:2022-7-8 08:05 | 阅读:116 | 回复:0
  • CVE-2022-32290
    CVE漏洞
    CVE-2022-32290
    The client in Northern.tech Mender 3.2.0, 3.2.1, and 3.2.2 has Incorrect Access Control. It listens on a random, unprivileged TCP port and exposes an HTTP proxy to facilitate API calls from additional ...……
    作者:菜鸟教程小白 | 时间:2022-7-8 08:05 | 阅读:116 | 回复:0
  • CVE-2022-30591
    CVE漏洞
    CVE-2022-30591
    ** DISPUTED ** quic-go through 0.27.0 allows remote attackers to cause a denial of service (CPU consumption) via a Slowloris variant in which incomplete QUIC or HTTP/3 requests are sent. This occurs b ...……
    作者:菜鸟教程小白 | 时间:2022-7-8 08:05 | 阅读:103 | 回复:0
  • CVE-2022-35230
    CVE漏洞
    CVE-2022-35230
    An authenticated user can create a link with reflected Javascript code inside it for the graphs page and send it to other users. The payload can be executed only with a known CSRF token value of the v ...……
    作者:菜鸟教程小白 | 时间:2022-7-8 08:05 | 阅读:109 | 回复:0
  • CVE-2022-35229
    CVE漏洞
    CVE-2022-35229
    An authenticated user can create a link with reflected Javascript code inside it for the discovery page and send it to other users. The payload can be executed only with a known CSRF token value of th ...……
    作者:菜鸟教程小白 | 时间:2022-7-8 08:05 | 阅读:109 | 回复:0
  • CVE-2022-32533
    CVE漏洞
    CVE-2022-32533
    ** UNSUPPORTED WHEN ASSIGNED ** Apache Jetspeed-2 does not sufficiently filter untrusted user input by default leading to a number of issues including XSS, CSRF, XXE, and SSRF. Setting the configurati ...……
    作者:菜鸟教程小白 | 时间:2022-7-8 08:05 | 阅读:104 | 回复:0
  • CVE-2021-46687
    CVE漏洞
    CVE-2021-46687
    JFrog Artifactory prior to version 7.31.10 and 6.23.38 is vulnerable to Sensitive Data Exposure through the Project Administrator REST API. This issue affects: JFrog JFrog Artifactory JFrog Artifactor ...……
    作者:菜鸟教程小白 | 时间:2022-7-8 08:05 | 阅读:114 | 回复:0
  • CVE-2021-45721
    CVE漏洞
    CVE-2021-45721
    JFrog Artifactory prior to version 7.29.8 and 6.23.38 is vulnerable to Reflected Cross-Site Scripting (XSS) through one of the XHR parameters in Users REST API endpoint. This issue affects: JFrog JFro ...……
    作者:菜鸟教程小白 | 时间:2022-7-8 08:05 | 阅读:124 | 回复:0
  • CVE-2021-23163
    CVE漏洞
    CVE-2021-23163
    JFrog Artifactory prior to version 7.33.6 and 6.23.38, is vulnerable to CSRF ( Cross-Site Request Forgery) for specific endpoints. This issue affects: JFrog JFrog Artifactory JFrog Artifactory version ...……
    作者:菜鸟教程小白 | 时间:2022-7-8 08:05 | 阅读:105 | 回复:0

关注我们

极客给你想要的成长

关注极客中国获取最新资讯

加入Q群 官方微博
热门推荐
More+
专题导读
More+
热门话题
More+
阅读排行榜

扫描微信二维码

查看手机版网站

随时了解更新最新资讯

139-2527-9053

在线客服(服务时间 9:00~18:00)

在线QQ客服
地址:深圳市南山区西丽大学城创智工业园
电邮:jeky_zhao#qq.com
移动电话:139-2527-9053

Powered by 互联科技 X3.4© 2001-2213 极客世界.|Sitemap