• 设为首页
  • 点击收藏
  • 手机版
    手机扫一扫访问
    迪恩网络手机版
  • 关注官方公众号
    微信扫一扫关注
    迪恩网络公众号

漏洞

RSS

下级分类:

  • CVE-2021-42054
    CVE-2021-42054
    ACCEL-PPP 1.12.0 has an out-of-bounds read in triton_context_schedule if the client exits after authentication.……
    作者:菜鸟教程小白 | 时间:2022-2-5 12:09 | 阅读:29 | 回复:0
  • CVE-2021-42053
    CVE-2021-42053
    The Unicorn framework through 0.35.3 for Django allows XSS via component.name.……
    作者:菜鸟教程小白 | 时间:2022-2-5 12:09 | 阅读:28 | 回复:0
  • CVE-2021-26557
    CVE-2021-26557
    When Octopus Tentacle is installed using a custom folder location, folder ACLs are not set correctly and could lead to an unprivileged user using DLL side-loading to gain privileged access.……
    作者:菜鸟教程小白 | 时间:2022-2-5 12:09 | 阅读:31 | 回复:0
  • CVE-2021-26556
    CVE-2021-26556
    When Octopus Server is installed using a custom folder location, folder ACLs are not set correctly and could lead to an unprivileged user using DLL side-loading to gain privileged access.……
    作者:菜鸟教程小白 | 时间:2022-2-5 12:09 | 阅读:30 | 回复:0
  • CVE-2021-21684
    CVE-2021-21684
    Jenkins Git Plugin 4.8.2 and earlier does not escape the Git SHA-1 checksum parameters provided to commit notifications when displaying them in a build cause, resulting in a stored cross-site scriptin ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 12:09 | 阅读:40 | 回复:0
  • CVE-2021-21683
    CVE-2021-21683
    The file browser in Jenkins 2.314 and earlier, LTS 2.303.1 and earlier may interpret some paths to files as absolute on Windows, resulting in a path traversal vulnerability allowing attackers with Ove ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 12:09 | 阅读:40 | 回复:0
  • CVE-2021-21682
    CVE-2021-21682
    Jenkins 2.314 and earlier, LTS 2.303.1 and earlier accepts names of jobs and other entities with a trailing dot character, potentially replacing the configuration and data of other entities on Windows ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 12:09 | 阅读:37 | 回复:0
  • CVE-2020-21658
    CVE-2020-21658
    A Cross-Site Request Forgery (CSRF) in WDJA CMS v1.5.2 allows attackers to arbitrarily add administrator accounts via a crafted URL.……
    作者:菜鸟教程小白 | 时间:2022-2-5 12:09 | 阅读:26 | 回复:0
  • CVE-2020-21656
    CVE-2020-21656
    XYHCMS v3.6 contains a stored cross-site scripting (XSS) vulnerability in the component xyhai.php?s=/Link/index.……
    作者:菜鸟教程小白 | 时间:2022-2-5 12:09 | 阅读:23 | 回复:0
  • CVE-2020-21654
    CVE-2020-21654
    emlog v6.0 contains a vulnerability in the component admin\template.php, which allows attackers to getshell via a crafted Zip file.……
    作者:菜鸟教程小白 | 时间:2022-2-5 12:09 | 阅读:29 | 回复:0
  • CVE-2020-21653
    CVE-2020-21653
    Myucms v2.2.1 contains a server-side request forgery (SSRF) in the component \controller\index.php, which can be exploited via the sj() method.……
    作者:菜鸟教程小白 | 时间:2022-2-5 12:09 | 阅读:27 | 回复:0
  • CVE-2020-21652
    CVE-2020-21652
    Myucms v2.2.1 contains a remote code execution (RCE) vulnerability in the component \controller\Config.php, which can be exploited via the addqq() method.……
    作者:菜鸟教程小白 | 时间:2022-2-5 12:09 | 阅读:24 | 回复:0
  • CVE-2020-21651
    CVE-2020-21651
    Myucms v2.2.1 contains a remote code execution (RCE) vulnerability in the component \controller\point.php, which can be exploited via the add() method.……
    作者:菜鸟教程小白 | 时间:2022-2-5 12:09 | 阅读:32 | 回复:0
  • CVE-2020-21650
    CVE-2020-21650
    Myucms v2.2.1 contains a remote code execution (RCE) vulnerability in the component \controller\Config.php, which can be exploited via the add() method.……
    作者:菜鸟教程小白 | 时间:2022-2-5 12:09 | 阅读:22 | 回复:0
  • CVE-2020-21649
    CVE-2020-21649
    Myucms v2.2.1 contains a server-side request forgery (SSRF) in the component \controller\index.php, which can be exploited via the sql() method.……
    作者:菜鸟教程小白 | 时间:2022-2-5 12:09 | 阅读:20 | 回复:0
  • CVE-2020-21648
    CVE-2020-21648
    WDJA CMS v1.5.2 contains an arbitrary file deletion vulnerability in the component admin/cache/manage.php.……
    作者:菜鸟教程小白 | 时间:2022-2-5 12:09 | 阅读:29 | 回复:0
  • CVE-2021-42044
    CVE-2021-42044
    An issue was discovered in the Mentor dashboard in the GrowthExperiments extension in MediaWiki through 1.36.2. The Growthexperiments-mentor-dashboard-mentee-overview-add-filter-total-edits-headline, ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 12:09 | 阅读:16 | 回复:0
  • CVE-2021-42043
    CVE-2021-42043
    An issue was discovered in Special:MediaSearch in the MediaSearch extension in MediaWiki through 1.36.2. The suggestion text (a parameter to mediasearch-did-you-mean) was not being properly sanitized ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 12:09 | 阅读:33 | 回复:0
  • CVE-2021-42042
    CVE-2021-42042
    An issue was discovered in SpecialEditGrowthConfig in the GrowthExperiments extension in MediaWiki through 1.36.2. The growthexperiments-edit-config-error-invalid-title MediaWiki message was not being ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 12:09 | 阅读:25 | 回复:0
  • CVE-2021-42041
    CVE-2021-42041
    An issue was discovered in CentralAuth in MediaWiki through 1.36.2. The rightsnone MediaWiki message was not being properly sanitized and allowed for the injection and execution of HTML and JavaScript ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 12:09 | 阅读:26 | 回复:0
  • CVE-2021-42040
    CVE-2021-42040
    An issue was discovered in MediaWiki through 1.36.2. A parser function related to loop control allowed for an infinite loop (and php-fpm hang) within the Loops extension because egLoopsCountLimit is m ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 12:09 | 阅读:28 | 回复:0
  • CVE-2021-41129
    CVE-2021-41129
    Pterodactyl is an open-source game server management panel built with PHP 7, React, and Go. A malicious user can modify the contents of a `confirmation_token` input during the two-factor authenticatio ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 12:09 | 阅读:47 | 回复:0
  • CVE-2021-34788
    CVE-2021-34788
    A vulnerability in the shared library loading mechanism of Cisco AnyConnect Secure Mobility Client for Linux and Mac OS could allow an authenticated, local attacker to perform a shared library hijacki ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 12:09 | 阅读:41 | 回复:0
  • CVE-2021-34782
    CVE-2021-34782
    A vulnerability in the API endpoints for Cisco DNA Center could allow an authenticated, remote attacker to gain access to sensitive information that should be restricted. The attacker must have valid ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 12:09 | 阅读:37 | 回复:0
  • CVE-2021-34780
    CVE-2021-34780
    Multiple vulnerabilities exist in the Link Layer Discovery Protocol (LLDP) implementation for Cisco Small Business 220 Series Smart Switches. An unauthenticated, adjacent attacker could perform the fo ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 12:09 | 阅读:50 | 回复:0
  • CVE-2021-34779
    CVE-2021-34779
    Multiple vulnerabilities exist in the Link Layer Discovery Protocol (LLDP) implementation for Cisco Small Business 220 Series Smart Switches. An unauthenticated, adjacent attacker could perform the fo ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 12:09 | 阅读:36 | 回复:0
  • CVE-2021-34778
    CVE-2021-34778
    Multiple vulnerabilities exist in the Link Layer Discovery Protocol (LLDP) implementation for Cisco Small Business 220 Series Smart Switches. An unauthenticated, adjacent attacker could perform the fo ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 12:09 | 阅读:53 | 回复:0
  • CVE-2021-34777
    CVE-2021-34777
    Multiple vulnerabilities exist in the Link Layer Discovery Protocol (LLDP) implementation for Cisco Small Business 220 Series Smart Switches. An unauthenticated, adjacent attacker could perform the fo ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 12:09 | 阅读:32 | 回复:0
  • CVE-2021-34776
    CVE-2021-34776
    Multiple vulnerabilities exist in the Link Layer Discovery Protocol (LLDP) implementation for Cisco Small Business 220 Series Smart Switches. An unauthenticated, adjacent attacker could perform the fo ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 12:09 | 阅读:42 | 回复:0
  • CVE-2021-34775
    CVE-2021-34775
    Multiple vulnerabilities exist in the Link Layer Discovery Protocol (LLDP) implementation for Cisco Small Business 220 Series Smart Switches. An unauthenticated, adjacent attacker could perform the fo ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 12:09 | 阅读:39 | 回复:0
  • CVE-2021-34772
    CVE-2021-34772
    A vulnerability in the web-based management interface of Cisco Orbital could allow an unauthenticated, remote attacker to redirect users to a malicious webpage. This vulnerability is due to improper v ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 12:09 | 阅读:34 | 回复:0
  • CVE-2021-34766
    CVE-2021-34766
    A vulnerability in the web UI of Cisco Smart Software Manager On-Prem (SSM On-Prem) could allow an authenticated, remote attacker to elevate privileges and create, read, update, or delete records and ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 12:09 | 阅读:31 | 回复:0
  • CVE-2021-34758
    CVE-2021-34758
    A vulnerability in the memory management of Cisco TelePresence Collaboration Endpoint (CE) Software and Cisco RoomOS Software could allow an authenticated, local attacker to corrupt a shared memory se ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 12:09 | 阅读:20 | 回复:0
  • CVE-2021-34757
    CVE-2021-34757
    Multiple vulnerabilities in Cisco Business 220 Series Smart Switches firmware could allow an attacker with Administrator privileges to access sensitive login credentials or reconfigure the passwords o ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 12:09 | 阅读:34 | 回复:0
  • CVE-2021-34748
    CVE-2021-34748
    A vulnerability in the web-based management interface of Cisco Intersight Virtual Appliance could allow an authenticated, remote attacker to perform a command injection attack on an affected device. T ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 12:09 | 阅读:24 | 回复:0
  • CVE-2021-34744
    CVE-2021-34744
    Multiple vulnerabilities in Cisco Business 220 Series Smart Switches firmware could allow an attacker with Administrator privileges to access sensitive login credentials or reconfigure the passwords o ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 12:09 | 阅读:28 | 回复:0
  • CVE-2021-34742
    CVE-2021-34742
    A vulnerability in the web-based management interface of Cisco Vision Dynamic Signage Director could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 12:09 | 阅读:28 | 回复:0
  • CVE-2021-34735
    CVE-2021-34735
    Multiple vulnerabilities in the Cisco ATA 190 Series Analog Telephone Adapter Software could allow an attacker to perform a command injection attack resulting in remote code execution or cause a denia ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 12:09 | 阅读:23 | 回复:0
  • CVE-2021-34711
    CVE-2021-34711
    A vulnerability in the debug shell of Cisco IP Phone software could allow an authenticated, local attacker to read any file on the device file system. This vulnerability is due to insufficient input v ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 12:09 | 阅读:28 | 回复:0
  • CVE-2021-34710
    CVE-2021-34710
    Multiple vulnerabilities in the Cisco ATA 190 Series Analog Telephone Adapter Software could allow an attacker to perform a command injection attack resulting in remote code execution or cause a denia ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 12:09 | 阅读:28 | 回复:0

关注我们

极客给你想要的成长

关注极客中国获取最新资讯

热门推荐
阅读排行榜

扫描微信二维码

查看手机版网站

随时了解更新最新资讯

139-2527-9053

在线客服(服务时间 9:00~18:00)

在线QQ客服
地址:深圳市南山区西丽大学城创智工业园
电邮:jeky_zhao#qq.com
移动电话:139-2527-9053

Powered by 互联科技 X3.4© 2001-2213 极客世界.|Sitemap