• 设为首页
  • 点击收藏
  • 手机版
    手机扫一扫访问
    迪恩网络手机版
  • 关注官方公众号
    微信扫一扫关注
    迪恩网络公众号

漏洞

RSS

下级分类:

  • CVE-2021-34854
    CVE-2021-34854
    This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop 16.1.3 (49160). An attacker must first obtain the ability to execute low-privileged code ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 12:16 | 阅读:54 | 回复:0
  • CVE-2021-37624
    CVE-2021-37624
    FreeSWITCH is a Software Defined Telecom Stack enabling the digital transformation from proprietary telecom switches to a software implementation that runs on any commodity hardware. Prior to version ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 12:16 | 阅读:66 | 回复:0
  • CVE-2021-21319
    CVE-2021-21319
    Galette is a membership management web application geared towards non profit organizations. In versions prior to 0.9.5, malicious javascript code can be stored to be displayed later on self subscripti ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 12:16 | 阅读:54 | 回复:0
  • CVE-2021-41035
    CVE-2021-41035
    In Eclipse Openj9 before version 0.29.0, the JVM does not throw IllegalAccessError for MethodHandles that invoke inaccessible interface methods.……
    作者:菜鸟教程小白 | 时间:2022-2-5 12:16 | 阅读:57 | 回复:0
  • CVE-2020-20908
    CVE-2020-20908
    Akaunting v1.3.17 was discovered to contain a stored cross-site scripting (XSS) vulnerability which allows attackers to execute arbitrary web scripts or HTML via a crafted payload in the Company Name ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 12:15 | 阅读:50 | 回复:0
  • CVE-2021-24885
    CVE-2021-24885
    The YOP Poll WordPress plugin before 6.1.2 does not escape the perpage parameter before outputting it back in an attribute, leading to a Reflected Cross-Site Scripting……
    作者:菜鸟教程小白 | 时间:2022-2-5 12:15 | 阅读:51 | 回复:0
  • CVE-2021-24884
    CVE-2021-24884
    The Formidable Form Builder WordPress plugin before 4.09.05 allows to inject certain HTML Tags like audio,video,img,a andbutton.This could allow an unauthenticated, remote attacker to exploit a HTML-i ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 12:15 | 阅读:53 | 回复:0
  • CVE-2021-24785
    CVE-2021-24785
    The Great Quotes WordPress plugin through 1.0.0 does not sanitise and escape the Quote and Author fields of its Quotes, which could allow high privilege users to perform Cross-Site Scripting attacks e ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 12:15 | 阅读:55 | 回复:0
  • CVE-2021-24779
    CVE-2021-24779
    The WP Debugging WordPress plugin before 2.11.0 has its update_settings() function hooked to admin_init and is missing any authorisation and CSRF checks, as a result, the settings can be updated by un ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 12:15 | 阅读:169 | 回复:0
  • CVE-2021-24774
    CVE-2021-24774
    The Check Log Email WordPress plugin before 1.0.3 does not validate and escape the order and orderby GET parameters before using them in a SQL statement when viewing logs, leading to SQL injections i ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 12:15 | 阅读:36 | 回复:0
  • CVE-2021-24769
    CVE-2021-24769
    The Permalink Manager Lite WordPress plugin before 2.2.13.1 does not validate and escape the orderby parameter before using it in a SQL statement in the Permalink Manager page, leading to a SQL Inject ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 12:15 | 阅读:27 | 回复:0
  • CVE-2021-24744
    CVE-2021-24744
    The WordPress Contact Forms by Cimatti WordPress plugin before 1.4.12 does not sanitise and escape the Form Title before outputting it in some admin pages. which could allow high privilege users to pe ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 12:15 | 阅读:29 | 回复:0
  • CVE-2021-24699
    CVE-2021-24699
    The Easy Media Download WordPress plugin before 1.1.7 does not escape the text argument of its shortcode, which could allow users with a role as low as Contributor to perform Stored Cross-Site Scripti ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 12:15 | 阅读:9 | 回复:0
  • CVE-2021-24662
    CVE-2021-24662
    The Game Server Status WordPress plugin through 1.0 does not validate or escape the server_id parameter before using it in SQL statement, leading to an Authenticated SQL Injection in an admin page……
    作者:菜鸟教程小白 | 时间:2022-2-5 12:15 | 阅读:18 | 回复:0
  • CVE-2021-24653
    CVE-2021-24653
    The Cookie Bar WordPress plugin through 1.8.8 doesn't properly sanitise the Cookie Bar Message setting, which could allow high privilege users to perform Cross-Site Scripting attacks even when the ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 12:15 | 阅读:19 | 回复:0
  • CVE-2021-24608
    CVE-2021-24608
    The Formidable Form Builder – Contact Form, Survey Quiz Forms Plugin for WordPress plugin before 5.0.07 does not sanitise and escape its Form's Labels, allowing high privileged users to perf ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 12:15 | 阅读:21 | 回复:0
  • CVE-2021-24544
    CVE-2021-24544
    The Responsive WordPress Slider WordPress plugin through 2.2.0 does not sanitise and escape some of the Slider options, allowing Cross-Site Scripting payloads to be set in them. Furthermore, as by def ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 12:15 | 阅读:17 | 回复:0
  • CVE-2021-24543
    CVE-2021-24543
    The jQuery Reply to Comment WordPress plugin through 1.31 does not have any CSRF check when saving its settings, nor sanitise or escape its 'Quote String' and 'Reply String' settings b ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 12:15 | 阅读:26 | 回复:0
  • CVE-2021-24515
    CVE-2021-24515
    The Video Gallery WordPress plugin before 1.1.5 does not escape the Title and Description of the videos in a gallery before outputting them in attributes, leading to Stored Cross-Site Scripting issues……
    作者:菜鸟教程小白 | 时间:2022-2-5 12:15 | 阅读:15 | 回复:0
  • CVE-2021-24514
    CVE-2021-24514
    The Visual Form Builder WordPress plugin before 3.0.4 does not sanitise or escape its Form Name, allowing high privilege users such as admin to set Cross-Site Scripting payload in them, even when the ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 12:15 | 阅读:20 | 回复:0
  • CVE-2021-24489
    CVE-2021-24489
    The Request a Quote WordPress plugin before 2.3.5 does not sanitise, validate or escape some of its settings in the admin dashboard, leading to authenticated Stored Cross-Site Scripting issues even wh ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 12:15 | 阅读:18 | 回复:0
  • CVE-2021-24487
    CVE-2021-24487
    The St-Daily-Tip WordPress plugin through 4.7 does not have any CSRF check in place when saving its 'Default Text to Display if no tips' setting, and was also lacking sanitisation as well as e ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 12:15 | 阅读:24 | 回复:0
  • CVE-2021-24485
    CVE-2021-24485
    The Special Text Boxes WordPress plugin through 5.9.109 does not sanitise or escape some of its settings, which could allow high privilege users to perform Cross-Site Scripting attacks even when the u ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 12:15 | 阅读:13 | 回复:0
  • CVE-2021-24414
    CVE-2021-24414
    The Video Player for YouTube WordPress plugin before 1.4 does not sanitise or validate the parameters from its shortcode, allowing users with a role as low as contributor to set Cross-Site Scripting p ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 12:15 | 阅读:9 | 回复:0
  • CVE-2021-24381
    CVE-2021-24381
    The Ninja Forms Contact Form WordPress plugin before 3.5.8.2 does not sanitise and escape the custom class name of the form field created, which could allow high privilege users to perform Cross-Site ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 12:15 | 阅读:13 | 回复:0
  • CVE-2021-0941
    CVE-2021-0941
    In bpf_skb_change_head of filter.c, there is a possible out of bounds read due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User inter ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 12:15 | 阅读:24 | 回复:0
  • CVE-2021-0940
    CVE-2021-0940
    In TBD of TBD, there is a possible out of bounds write due to improper locking. This could lead to local escalation of privilege in the kernel with System execution privileges needed. User interaction ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 12:15 | 阅读:29 | 回复:0
  • CVE-2021-0939
    CVE-2021-0939
    In set_default_passthru_cfg of passthru.c, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 12:15 | 阅读:15 | 回复:0
  • CVE-2021-0938
    CVE-2021-0938
    In memzero_explicit of compiler-clang.h, there is a possible bypass of defense in depth due to uninitialized data. This could lead to local information disclosure with no additional execution privileg ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 12:15 | 阅读:15 | 回复:0
  • CVE-2021-0936
    CVE-2021-0936
    In acc_read of f_accessory.c, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User inter ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 12:15 | 阅读:14 | 回复:0
  • CVE-2021-0935
    CVE-2021-0935
    In ip6_xmit of ip6_output.c, there is a possible out of bounds write due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 12:15 | 阅读:31 | 回复:0
  • CVE-2021-0663
    CVE-2021-0663
    In audio DSP, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is no ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 12:15 | 阅读:14 | 回复:0
  • CVE-2021-0662
    CVE-2021-0662
    In audio DSP, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is no ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 12:15 | 阅读:21 | 回复:0
  • CVE-2021-0661
    CVE-2021-0661
    In audio DSP, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is no ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 12:15 | 阅读:17 | 回复:0
  • CVE-2021-0634
    CVE-2021-0634
    In display driver, there is a possible memory corruption due to uninitialized data. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not ne ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 12:15 | 阅读:17 | 回复:0
  • CVE-2021-0633
    CVE-2021-0633
    In display driver, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 12:15 | 阅读:13 | 回复:0
  • CVE-2021-0632
    CVE-2021-0632
    In wifi driver, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure to a proximal attacker under certain build conditions with no add ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 12:15 | 阅读:17 | 回复:0
  • CVE-2021-0631
    CVE-2021-0631
    In wifi driver, there is a possible system crash due to a missing bounds check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not need ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 12:15 | 阅读:17 | 回复:0
  • CVE-2021-0630
    CVE-2021-0630
    In wifi driver, there is a possible system crash due to a missing bounds check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not need ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 12:15 | 阅读:36 | 回复:0
  • CVE-2021-0625
    CVE-2021-0625
    In ccu, there is a possible memory corruption due to improper locking. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for expl ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 12:15 | 阅读:27 | 回复:0

关注我们

极客给你想要的成长

关注极客中国获取最新资讯

热门推荐
阅读排行榜

扫描微信二维码

查看手机版网站

随时了解更新最新资讯

139-2527-9053

在线客服(服务时间 9:00~18:00)

在线QQ客服
地址:深圳市南山区西丽大学城创智工业园
电邮:jeky_zhao#qq.com
移动电话:139-2527-9053

Powered by 互联科技 X3.4© 2001-2213 极客世界.|Sitemap