• 设为首页
  • 点击收藏
  • 手机版
    手机扫一扫访问
    迪恩网络手机版
  • 关注官方公众号
    微信扫一扫关注
    迪恩网络公众号

漏洞

RSS

下级分类:

  • CVE-2020-21595
    CVE-2020-21595
    libde265 v1.0.4 contains a heap buffer overflow in the mc_luma function, which can be exploited via a crafted a file.……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:44 | 阅读:31 | 回复:0
  • CVE-2020-21594
    CVE-2020-21594
    libde265 v1.0.4 contains a heap buffer overflow in the put_epel_hv_fallback function, which can be exploited via a crafted a file.……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:44 | 阅读:16 | 回复:0
  • CVE-2020-21535
    CVE-2020-21535
    fig2dev 3.2.7b contains a segmentation fault in the gencgm_start function in gencgm.c.……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:44 | 阅读:21 | 回复:0
  • CVE-2020-21534
    CVE-2020-21534
    fig2dev 3.2.7b contains a global buffer overflow in the get_line function in read.c.……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:44 | 阅读:6 | 回复:0
  • CVE-2020-21533
    CVE-2020-21533
    fig2dev 3.2.7b contains a stack buffer overflow in the read_textobject function in read.c.……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:44 | 阅读:13 | 回复:0
  • CVE-2020-21532
    CVE-2020-21532
    fig2dev 3.2.7b contains a global buffer overflow in the setfigfont function in genepic.c.……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:44 | 阅读:14 | 回复:0
  • CVE-2020-21531
    CVE-2020-21531
    fig2dev 3.2.7b contains a global buffer overflow in the conv_pattern_index function in gencgm.c.……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:44 | 阅读:14 | 回复:0
  • CVE-2020-21530
    CVE-2020-21530
    fig2dev 3.2.7b contains a segmentation fault in the read_objects function in read.c.……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:44 | 阅读:16 | 回复:0
  • CVE-2020-21529
    CVE-2020-21529
    fig2dev 3.2.7b contains a stack buffer overflow in the bezier_spline function in genepic.c.……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:44 | 阅读:13 | 回复:0
  • CVE-2021-40670
    CVE-2021-40670
    SQL Injection vulnerability exists in Wuzhi CMS 4.1.0 via the keywords iparameter under the /coreframe/app/order/admin/card.php file.……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:44 | 阅读:20 | 回复:0
  • CVE-2021-40669
    CVE-2021-40669
    SQL Injection vulnerability exists in Wuzhi CMS 4.1.0 via the keywords parameter under the coreframe/app/promote/admin/index.php file.……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:44 | 阅读:14 | 回复:0
  • CVE-2021-29842
    CVE-2021-29842
    IBM WebSphere Application Server 7.0, 8.0, 8.5, 9.0 and Liberty 17.0.0.3 through 21.0.0.9 could allow a remote user to enumerate usernames due to a difference of responses from valid and invalid login ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:44 | 阅读:18 | 回复:0
  • CVE-2021-29825
    CVE-2021-29825
    IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) could disclose sensitive information when using ADMIN_CMD with LOAD or BACKUP. IBM X-Force ID: 204470.……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:44 | 阅读:21 | 回复:0
  • CVE-2021-29763
    CVE-2021-29763
    IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.1 and 11.5 under very specific conditions, could allow a local user to keep running a procedure that could cause the system to run ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:44 | 阅读:16 | 回复:0
  • CVE-2021-29752
    CVE-2021-29752
    IBM Db2 11.2 and 11.5 contains an information disclosure vulnerability, exposing remote storage credentials to privileged users under specific conditions. IBM X-Fporce ID: 201780.……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:44 | 阅读:8 | 回复:0
  • CVE-2021-41079
    CVE-2021-41079
    Apache Tomcat 8.5.0 to 8.5.63, 9.0.0-M1 to 9.0.43 and 10.0.0-M1 to 10.0.2 did not properly validate incoming TLS packets. When Tomcat was configured to use NIO+OpenSSL or NIO2+OpenSSL for TLS, a speci ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:44 | 阅读:10 | 回复:0
  • CVE-2021-40438
    CVE-2021-40438
    A crafted request uri-path can cause mod_proxy to forward the request to an origin server choosen by the remote user. This issue affects Apache HTTP Server 2.4.48 and earlier.……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:44 | 阅读:24 | 回复:0
  • CVE-2021-39275
    CVE-2021-39275
    ap_escape_quotes() may write beyond the end of a buffer when given malicious input. No included modules pass untrusted data to these functions, but third-party / external modules may. This issue affec ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:44 | 阅读:41 | 回复:0
  • CVE-2021-39239
    CVE-2021-39239
    A vulnerability in XML processing in Apache Jena, in versions up to 4.1.0, may allow an attacker to execute XML External Entities (XXE), including exposing the contents of local files to a remote serv ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:44 | 阅读:32 | 回复:0
  • CVE-2021-39214
    CVE-2021-39214
    mitmproxy is an interactive, SSL/TLS-capable intercepting proxy. In mitmproxy 7.0.2 and below, a malicious client or server is able to perform HTTP request smuggling attacks through mitmproxy. This me ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:44 | 阅读:24 | 回复:0
  • CVE-2021-39208
    CVE-2021-39208
    SharpCompress is a fully managed C# library to deal with many compression types and formats. Versions prior to 0.29.0 are vulnerable to partial path traversal. SharpCompress recreates a hierarchy of d ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:44 | 阅读:23 | 回复:0
  • CVE-2021-36160
    CVE-2021-36160
    A carefully crafted request uri-path can cause mod_proxy_uwsgi to read above the allocated memory and crash (DoS). This issue affects Apache HTTP Server versions 2.4.30 to 2.4.48 (inclusive).……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:44 | 阅读:17 | 回复:0
  • CVE-2021-34798
    CVE-2021-34798
    Malformed requests may cause the server to dereference a NULL pointer. This issue affects Apache HTTP Server 2.4.48 and earlier.……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:44 | 阅读:18 | 回复:0
  • CVE-2021-27341
    CVE-2021-27341
    OpenSIS Community Edition version = 7.6 is affected by a local file inclusion vulnerability in DownloadWindow.php via the filename parameter.……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:44 | 阅读:24 | 回复:0
  • CVE-2021-27340
    CVE-2021-27340
    OpenSIS Community Edition version = 7.6 is affected by a reflected XSS vulnerability in EmailCheck.php via the opt parameter.……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:44 | 阅读:21 | 回复:0
  • CVE-2021-34576
    CVE-2021-34576
    In Kaden PICOFLUX Air in all known versions an information exposure through observable discrepancy exists. This may give sensitive information (water consumption without distinct values) to third part ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:44 | 阅读:17 | 回复:0
  • CVE-2021-34573
    CVE-2021-34573
    In Enbra EWM in Version 1.7.29 together with several tested wireless M-Bus Sensors the events backflow and no flow are not reconized or misinterpreted. This may lead to wrong values and missing events ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:44 | 阅读:15 | 回复:0
  • CVE-2021-34572
    CVE-2021-34572
    Enbra EWM 1.7.29 does not check for or detect replay attacks sent by wireless M-Bus Security mode 5 devices. Instead timestamps of the sensor are replaced by the time of the readout even if the data i ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:44 | 阅读:30 | 回复:0
  • CVE-2021-34571
    CVE-2021-34571
    Multiple Wireless M-Bus devices by Enbra use Hard-coded Credentials in Security mode 5 without an option to change the encryption key. An adversary can learn all information that is available in Enbra ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:44 | 阅读:22 | 回复:0
  • CVE-2020-14124
    CVE-2020-14124
    There is a buffer overflow in librsa.so called by getwifipwdurl interface, resulting in code execution on Xiaomi router AX3600 with ROM version =rom 1.1.12.……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:44 | 阅读:18 | 回复:0
  • CVE-2020-14119
    CVE-2020-14119
    There is command injection in the addMeshNode interface of xqnetwork.lua, which leads to command execution under administrator authority on Xiaomi router AX3600 with rom versionrom 1.1.12……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:44 | 阅读:19 | 回复:0
  • CVE-2021-40067
    CVE-2021-40067
    The access controls on the Mobility read-write API improperly validate user access permissions; this API is disabled by default. If the API is manually enabled, attackers with both network access to t ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:44 | 阅读:19 | 回复:0
  • CVE-2021-40066
    CVE-2021-40066
    The access controls on the Mobility read-only API improperly validate user access permissions. Attackers with both network access to the API and valid credentials can read data from it; regardless of ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:44 | 阅读:20 | 回复:0
  • CVE-2020-14130
    CVE-2020-14130
    Some js interfaces in the Xiaomi community were exposed, causing sensitive functions to be maliciously called on Xiaomi community app Affected Version 3.0.210809……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:44 | 阅读:18 | 回复:0
  • CVE-2020-14109
    CVE-2020-14109
    There is command injection in the meshd program in the routing system, resulting in command execution under administrator authority on Xiaomi router AX3600 with ROM version = 1.1.12……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:44 | 阅读:29 | 回复:0
  • CVE-2021-39128
    CVE-2021-39128
    Affected versions of Atlassian Jira Server or Data Center using the Jira Service Management addon allow remote attackers with JIRA Administrators access to execute arbitrary Java code via a server-sid ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:44 | 阅读:26 | 回复:0
  • CVE-2021-40881
    CVE-2021-40881
    An issue in the BAT file parameters of PublicCMS v4.0 allows attackers to execute arbitrary code.……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:44 | 阅读:15 | 回复:0
  • CVE-2021-40639
    CVE-2021-40639
    Improper access control in Jfinal CMS 5.1.0 allows attackers to access sensitive information via /classes/conf/db.propertiesconfig=filemanager.config.js.……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:44 | 阅读:16 | 回复:0
  • CVE-2021-33045
    CVE-2021-33045
    The identity authentication bypass vulnerability found in some Dahua products during the login process. Attackers can bypass device identity authentication by constructing malicious data packets.……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:44 | 阅读:29 | 回复:0
  • CVE-2021-33044
    CVE-2021-33044
    The identity authentication bypass vulnerability found in some Dahua products during the login process. Attackers can bypass device identity authentication by constructing malicious data packets.……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:44 | 阅读:27 | 回复:0

关注我们

极客给你想要的成长

关注极客中国获取最新资讯

热门推荐
阅读排行榜

扫描微信二维码

查看手机版网站

随时了解更新最新资讯

139-2527-9053

在线客服(服务时间 9:00~18:00)

在线QQ客服
地址:深圳市南山区西丽大学城创智工业园
电邮:jeky_zhao#qq.com
移动电话:139-2527-9053

Powered by 互联科技 X3.4© 2001-2213 极客世界.|Sitemap