• 设为首页
  • 点击收藏
  • 手机版
    手机扫一扫访问
    迪恩网络手机版
  • 关注官方公众号
    微信扫一扫关注
    迪恩网络公众号

漏洞

RSS

下级分类:

  • CVE-2021-34408
    CVE-2021-34408
    The Zoom Client for Meetings for Windows in all versions before version 5.3.2 writes log files to a user writable directory as a privileged user during the installation or update of the client. This c ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:47 | 阅读:36 | 回复:0
  • CVE-2021-33907
    CVE-2021-33907
    The Zoom Client for Meetings for Windows in all versions before 5.3.0 fails to properly validate the certificate information used to sign .msi files when performing an update of the client. This could ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:47 | 阅读:38 | 回复:0
  • CVE-2021-22272
    CVE-2021-22272
    The vulnerability origins in the commissioning process where an attacker of the ControlTouch can enter a serial number in a specific way to transfer the device virtually into her/his my.busch-jaeger.d ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:47 | 阅读:47 | 回复:0
  • CVE-2021-40109
    CVE-2021-40109
    A SSRF issue was discovered in Concrete CMS through 8.5.5. Users can access forbidden files on their local network. A user with permissions to upload files from external sites can upload a URL that re ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:47 | 阅读:39 | 回复:0
  • CVE-2021-40108
    CVE-2021-40108
    An issue was discovered in Concrete CMS through 8.5.5. The Calendar is vulnerable to CSRF. ccm_token is not verified on the ccm/calendar/dialogs/event/add/save endpoint.……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:47 | 阅读:50 | 回复:0
  • CVE-2021-3828
    CVE-2021-3828
    nltk is vulnerable to Inefficient Regular Expression Complexity……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:47 | 阅读:48 | 回复:0
  • CVE-2021-3822
    CVE-2021-3822
    jsoneditor is vulnerable to Inefficient Regular Expression Complexity……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:47 | 阅读:36 | 回复:0
  • CVE-2021-3820
    CVE-2021-3820
    inflect is vulnerable to Inefficient Regular Expression Complexity……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:47 | 阅读:42 | 回复:0
  • CVE-2021-3819
    CVE-2021-3819
    firefly-iii is vulnerable to Cross-Site Request Forgery (CSRF)……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:47 | 阅读:30 | 回复:0
  • CVE-2021-3818
    CVE-2021-3818
    grav is vulnerable to Reliance on Cookies without Validation and Integrity Checking……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:47 | 阅读:32 | 回复:0
  • CVE-2021-3799
    CVE-2021-3799
    grav-plugin-admin is vulnerable to Improper Restriction of Rendered UI Layers or Frames……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:47 | 阅读:33 | 回复:0
  • CVE-2021-23243
    CVE-2021-23243
    In Oppo's battery application, the third-party SDK provides the function of loading a third-party Provider, which can be used.……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:47 | 阅读:57 | 回复:0
  • CVE-2021-40106
    CVE-2021-40106
    An issue was discovered in Concrete CMS through 8.5.5. There is unauthenticated stored XSS in blog comments via the website field.……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:47 | 阅读:51 | 回复:0
  • CVE-2021-40105
    CVE-2021-40105
    An issue was discovered in Concrete CMS through 8.5.5. There is XSS via Markdown Comments.……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:47 | 阅读:67 | 回复:0
  • CVE-2021-40104
    CVE-2021-40104
    An issue was discovered in Concrete CMS through 8.5.5. There is an SVG sanitizer bypass.……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:47 | 阅读:49 | 回复:0
  • CVE-2021-40103
    CVE-2021-40103
    An issue was discovered in Concrete CMS through 8.5.5. Path Traversal can lead to Arbitrary File Reading and SSRF.……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:47 | 阅读:65 | 回复:0
  • CVE-2021-40098
    CVE-2021-40098
    An issue was discovered in Concrete CMS through 8.5.5. Path Traversal leading to RCE via external form by adding a regular expression.……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:47 | 阅读:35 | 回复:0
  • CVE-2021-40097
    CVE-2021-40097
    An issue was discovered in Concrete CMS through 8.5.5. Authenticated path traversal leads to to remote code execution via uploaded PHP code, related to the bFilename parameter.……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:47 | 阅读:49 | 回复:0
  • CVE-2021-0660
    CVE-2021-0660
    In ccu, there is a possible out of bounds read due to incorrect error handling. This could lead to information disclosure with System execution privileges needed. User interaction is not needed for ex ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:47 | 阅读:51 | 回复:0
  • CVE-2021-0612
    CVE-2021-0612
    In m4u, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for expl ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:47 | 阅读:37 | 回复:0
  • CVE-2021-0611
    CVE-2021-0611
    In m4u, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for expl ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:47 | 阅读:41 | 回复:0
  • CVE-2021-0610
    CVE-2021-0610
    In memory management driver, there is a possible memory corruption due to an integer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User int ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:47 | 阅读:46 | 回复:0
  • CVE-2021-0425
    CVE-2021-0425
    In memory management driver, there is a possible side channel information disclosure. This could lead to local information disclosure with no additional execution privileges needed. User interaction i ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:47 | 阅读:51 | 回复:0
  • CVE-2021-0424
    CVE-2021-0424
    In memory management driver, there is a possible system crash due to a missing bounds check. This could lead to local denial of service with no additional execution privileges needed. User interaction ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:47 | 阅读:44 | 回复:0
  • CVE-2021-0423
    CVE-2021-0423
    In memory management driver, there is a possible information disclosure due to uninitialized data. This could lead to local information disclosure with no additional execution privileges needed. User ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:47 | 阅读:38 | 回复:0
  • CVE-2021-0422
    CVE-2021-0422
    In memory management driver, there is a possible system crash due to a missing bounds check. This could lead to local denial of service with no additional execution privileges needed. User interaction ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:47 | 阅读:39 | 回复:0
  • CVE-2021-0421
    CVE-2021-0421
    In memory management driver, there is a possible information disclosure due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. U ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:47 | 阅读:26 | 回复:0
  • CVE-2021-23054
    CVE-2021-23054
    On version 16.x before 16.1.0, 15.1.x before 15.1.4, 14.1.x before 14.1.4.4, and all versions of 13.1.x, 12.1.x, and 11.6.x, a reflected cross-site scripting (XSS) vulnerability exists in the resource ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:47 | 阅读:53 | 回复:0
  • CVE-2021-20317
    CVE-2021-20317
    A flaw was found in the Linux kernel. A corrupted timer tree caused the task wakeup to be missing in the timerqueue_add function in lib/timerqueue.c. This flaw allows a local attacker with special use ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:47 | 阅读:46 | 回复:0
  • CVE-2021-34570
    CVE-2021-34570
    Multiple Phoenix Contact PLCnext control devices in versions prior to 2021.0.5 LTS are prone to a DoS attack through special crafted JSON requests.……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:47 | 阅读:49 | 回复:0
  • CVE-2021-41580
    CVE-2021-41580
    ** DISPUTED ** The passport-oauth2 package before 1.6.1 for Node.js mishandles the error condition of failure to obtain an access token. This is exploitable in certain use cases where an OAuth identit ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:47 | 阅读:66 | 回复:0
  • CVE-2021-41385
    CVE-2021-41385
    The third party intelligence connector in Securonix SNYPR 6.3.1 Build 184295_0302 allows an authenticated user to obtain access to server configuration details via SSRF.……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:47 | 阅读:50 | 回复:0
  • CVE-2021-41329
    CVE-2021-41329
    Datalust Seq before 2021.2.6259 allows users (with view filters applied to their accounts) to see query results not constrained by their view filter. This information exposure, caused by an internal c ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:47 | 阅读:54 | 回复:0
  • CVE-2021-40981
    CVE-2021-40981
    ASUS ROG Armoury Crate Lite before 4.2.10 allows local users to gain privileges by placing a Trojan horse file in the publicly writable %PROGRAMDATA%\ASUS\GamingCenterLib directory.……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:47 | 阅读:28 | 回复:0
  • CVE-2021-40349
    CVE-2021-40349
    e7d Speed Test (aka speedtest) 0.5.3 allows a path-traversal attack that results in information disclosure via the GET /.. substring.……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:47 | 阅读:51 | 回复:0
  • CVE-2021-38299
    CVE-2021-38299
    Webauthn Framework 3.3.x before 3.3.4 has Incorrect Access Control. An attacker that controls a user's system is able to login to a vulnerable service using an attached FIDO2 authenticator without ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:47 | 阅读:38 | 回复:0
  • CVE-2021-31606
    CVE-2021-31606
    furlongm openvpn-monitor through 1.1.3 allows Authorization Bypass to disconnect arbitrary clients.……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:47 | 阅读:36 | 回复:0
  • CVE-2021-31605
    CVE-2021-31605
    furlongm openvpn-monitor through 1.1.3 allows %0a command injection via the OpenVPN management interface socket. This can shut down the server via signal%20SIGTERM.……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:47 | 阅读:55 | 回复:0
  • CVE-2021-31604
    CVE-2021-31604
    furlongm openvpn-monitor through 1.1.3 allows CSRF to disconnect an arbitrary client.……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:47 | 阅读:125 | 回复:0
  • CVE-2021-34351
    CVE-2021-34351
    A command injection vulnerability has been reported to affect QNAP device running QVR. If exploited, this vulnerability could allow remote attackers to run arbitrary commands. We have already fixed th ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:47 | 阅读:17 | 回复:0

关注我们

极客给你想要的成长

关注极客中国获取最新资讯

热门推荐
阅读排行榜

扫描微信二维码

查看手机版网站

随时了解更新最新资讯

139-2527-9053

在线客服(服务时间 9:00~18:00)

在线QQ客服
地址:深圳市南山区西丽大学城创智工业园
电邮:jeky_zhao#qq.com
移动电话:139-2527-9053

Powered by 互联科技 X3.4© 2001-2213 极客世界.|Sitemap