• 设为首页
  • 点击收藏
  • 手机版
    手机扫一扫访问
    迪恩网络手机版
  • 关注官方公众号
    微信扫一扫关注
    迪恩网络公众号

漏洞

RSS

下级分类:

  • CVE-2019-9060
    CVE-2019-9060
    An issue was discovered in CMS Made Simple 2.2.8. It is possible to achieve unauthenticated path traversal in the CGExtensions module (in the file action.setdefaulttemplate.php) with the m1_filename p ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:45 | 阅读:10 | 回复:0
  • CVE-2021-41316
    CVE-2021-41316
    The Device42 Main Appliance before 17.05.01 does not sanitize user input in its Nmap Discovery utility. An attacker (with permissions to add or edit jobs run by this utility) can inject an extra argum ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:45 | 阅读:15 | 回复:0
  • CVE-2021-41315
    CVE-2021-41315
    The Device42 Remote Collector before 17.05.01 does not sanitize user input in its SNMP Connectivity utility. This allows an authenticated attacker (with access to the console application) to execute a ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:45 | 阅读:17 | 回复:0
  • CVE-2021-39228
    CVE-2021-39228
    Tremor is an event processing system for unstructured data. A vulnerability exists between versions 0.7.2 and 0.11.6. This vulnerability is a memory safety Issue when using `patch` or `merge` on `stat ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:45 | 阅读:5 | 回复:0
  • CVE-2021-39227
    CVE-2021-39227
    ZRender is a lightweight graphic library providing 2d draw for Apache ECharts. In versions prior to 5.2.1, using `merge` and `clone` helper methods in the `src/core/util.ts` module results in prototyp ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:45 | 阅读:9 | 回复:0
  • CVE-2021-31845
    CVE-2021-31845
    A buffer overflow vulnerability in McAfee Data Loss Prevention (DLP) Discover prior to 11.6.100 allows an attacker in the same network as the DLP Discover to execute arbitrary code through placing car ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:45 | 阅读:5 | 回复:0
  • CVE-2021-31844
    CVE-2021-31844
    A buffer overflow vulnerability in McAfee Data Loss Prevention (DLP) Endpoint for Windows prior to 11.6.200 allows a local attacker to execute arbitrary code with elevated privileges through placing c ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:44 | 阅读:12 | 回复:0
  • CVE-2021-31843
    CVE-2021-31843
    Improper privileges management vulnerability in McAfee Endpoint Security (ENS) Windows prior to 10.7.0 September 2021 Update allows local users to access files which they would otherwise not have acce ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:44 | 阅读:5 | 回复:0
  • CVE-2021-31842
    CVE-2021-31842
    XML Entity Expansion injection vulnerability in McAfee Endpoint Security (ENS) for Windows prior to 10.7.0 September 2021 Update allows a local user to initiate high CPU and memory consumption resulti ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:44 | 阅读:16 | 回复:0
  • CVE-2021-39327
    CVE-2021-39327
    The BulletProof Security WordPress plugin is vulnerable to sensitive information disclosure due to a file path disclosure in the publicly accessible ~/db_backup_log.txt file which grants attackers the ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:44 | 阅读:37 | 回复:0
  • CVE-2021-23442
    CVE-2021-23442
    This affects all versions of package @cookiex/deep. The global proto object can be polluted using the __proto__ object.……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:44 | 阅读:24 | 回复:0
  • CVE-2021-41303
    CVE-2021-41303
    Apache Shiro before 1.8.0, when using Apache Shiro with Spring Boot, a specially crafted HTTP request may cause an authentication bypass. Users should update to Apache Shiro 1.8.0.……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:44 | 阅读:16 | 回复:0
  • CVE-2021-3812
    CVE-2021-3812
    adminlte is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:44 | 阅读:5 | 回复:0
  • CVE-2021-3811
    CVE-2021-3811
    adminlte is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:44 | 阅读:13 | 回复:0
  • CVE-2021-3810
    CVE-2021-3810
    code-server is vulnerable to Inefficient Regular Expression Complexity……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:44 | 阅读:14 | 回复:0
  • CVE-2021-3807
    CVE-2021-3807
    ansi-regex is vulnerable to Inefficient Regular Expression Complexity……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:44 | 阅读:9 | 回复:0
  • CVE-2021-3804
    CVE-2021-3804
    taro is vulnerable to Inefficient Regular Expression Complexity……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:44 | 阅读:6 | 回复:0
  • CVE-2021-3803
    CVE-2021-3803
    nth-check is vulnerable to Inefficient Regular Expression Complexity……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:44 | 阅读:6 | 回复:0
  • CVE-2021-30261
    CVE-2021-30261
    Possible integer and heap overflow due to lack of input command size validation while handling beacon template update command from HLOS in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industri ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:44 | 阅读:13 | 回复:0
  • CVE-2021-30260
    CVE-2021-30260
    Possible Integer overflow to buffer overflow issue can occur due to improper validation of input parameters when extscan hostlist configuration command is received in Snapdragon Auto, Snapdragon Compu ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:44 | 阅读:8 | 回复:0
  • CVE-2021-1976
    CVE-2021-1976
    A use after free can occur due to improper validation of P2P device address in PD Request frame in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Ind ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:44 | 阅读:10 | 回复:0
  • CVE-2021-1947
    CVE-2021-1947
    Use-after-free vulnerability in kernel graphics driver because of storing an invalid pointer in Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon We ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:44 | 阅读:9 | 回复:0
  • CVE-2021-1939
    CVE-2021-1939
    Null pointer dereference occurs due to improper validation when the preemption feature enablement is toggled in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, S ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:44 | 阅读:11 | 回复:0
  • CVE-2021-3805
    CVE-2021-3805
    object-path is vulnerable to Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:44 | 阅读:5 | 回复:0
  • CVE-2021-20828
    CVE-2021-20828
    Cross-site scripting vulnerability in Order Status Batch Change Plug-in (for EC-CUBE 3.0 series) all versions allows a remote attacker to inject an arbitrary script via unspecified vectors.……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:44 | 阅读:16 | 回复:0
  • CVE-2021-20825
    CVE-2021-20825
    Cross-site scripting vulnerability in List (order management) item change plug-in (for EC-CUBE 3.0 series) Ver.1.1 and earlier allows a remote attacker to inject an arbitrary script via unspecified ve ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:44 | 阅读:27 | 回复:0
  • CVE-2021-20791
    CVE-2021-20791
    Improper access control vulnerability in RevoWorks Browser 2.1.230 and earlier allows an attacker to bypass access restriction and to exchange unauthorized files between the local environment and the ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:44 | 阅读:18 | 回复:0
  • CVE-2021-20790
    CVE-2021-20790
    Improper control of program execution vulnerability in RevoWorks Browser 2.1.230 and earlier allows an attacker to execute an arbitrary command or code via unspecified vectors.……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:44 | 阅读:12 | 回复:0
  • CVE-2021-41314
    CVE-2021-41314
    Certain NETGEAR smart switches are affected by a \n injection in the web UI's password field, which - due to several faulty aspects of the authentication scheme - allows the attacker to create (or ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:44 | 阅读:21 | 回复:0
  • CVE-2020-21606
    CVE-2020-21606
    libde265 v1.0.4 contains a heap buffer overflow fault in the put_epel_16_fallback function, which can be exploited via a crafted a file.……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:44 | 阅读:21 | 回复:0
  • CVE-2020-21605
    CVE-2020-21605
    libde265 v1.0.4 contains a segmentation fault in the apply_sao_internal function, which can be exploited via a crafted a file.……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:44 | 阅读:37 | 回复:0
  • CVE-2020-21604
    CVE-2020-21604
    libde265 v1.0.4 contains a heap buffer overflow fault in the _mm_loadl_epi64 function, which can be exploited via a crafted a file.……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:44 | 阅读:12 | 回复:0
  • CVE-2020-21603
    CVE-2020-21603
    libde265 v1.0.4 contains a heap buffer overflow in the put_qpel_0_0_fallback_16 function, which can be exploited via a crafted a file.……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:44 | 阅读:17 | 回复:0
  • CVE-2020-21602
    CVE-2020-21602
    libde265 v1.0.4 contains a heap buffer overflow in the put_weighted_bipred_16_fallback function, which can be exploited via a crafted a file.……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:44 | 阅读:14 | 回复:0
  • CVE-2020-21601
    CVE-2020-21601
    libde265 v1.0.4 contains a stack buffer overflow in the put_qpel_fallback function, which can be exploited via a crafted a file.……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:44 | 阅读:17 | 回复:0
  • CVE-2020-21600
    CVE-2020-21600
    libde265 v1.0.4 contains a heap buffer overflow in the put_weighted_pred_avg_16_fallback function, which can be exploited via a crafted a file.……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:44 | 阅读:14 | 回复:0
  • CVE-2020-21599
    CVE-2020-21599
    libde265 v1.0.4 contains a heap buffer overflow in the de265_image::available_zscan function, which can be exploited via a crafted a file.……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:44 | 阅读:17 | 回复:0
  • CVE-2020-21598
    CVE-2020-21598
    libde265 v1.0.4 contains a heap buffer overflow in the ff_hevc_put_unweighted_pred_8_sse function, which can be exploited via a crafted a file.……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:44 | 阅读:16 | 回复:0
  • CVE-2020-21597
    CVE-2020-21597
    libde265 v1.0.4 contains a heap buffer overflow in the mc_chroma function, which can be exploited via a crafted a file.……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:44 | 阅读:22 | 回复:0
  • CVE-2020-21596
    CVE-2020-21596
    libde265 v1.0.4 contains a global buffer overflow in the decode_CABAC_bit function, which can be exploited via a crafted a file.……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:44 | 阅读:34 | 回复:0

关注我们

极客给你想要的成长

关注极客中国获取最新资讯

热门推荐
阅读排行榜

扫描微信二维码

查看手机版网站

随时了解更新最新资讯

139-2527-9053

在线客服(服务时间 9:00~18:00)

在线QQ客服
地址:深圳市南山区西丽大学城创智工业园
电邮:jeky_zhao#qq.com
移动电话:139-2527-9053

Powered by 互联科技 X3.4© 2001-2213 极客世界.|Sitemap