• 设为首页
  • 点击收藏
  • 手机版
    手机扫一扫访问
    迪恩网络手机版
  • 关注官方公众号
    微信扫一扫关注
    迪恩网络公众号

漏洞

RSS

下级分类:

  • CVE-2021-35976
    CVE-2021-35976
    The feature to preview a website in Plesk Obsidian 18.0.0 through 18.0.32 on Linux is vulnerable to reflected XSS via the /plesk-site-preview/ PATH, aka PFSI-62467. The attacker could execute JavaScri ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:42 | 阅读:22 | 回复:0
  • CVE-2021-33011
    CVE-2021-33011
    All versions of the afffected TOYOPUC-PC10 Series,TOYOPUC-Plus Series,TOYOPUC-PC3J/PC2J Series, TOYOPUC-Nano Series products may not be able to properly process an ICMP flood, which may allow an attac ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:42 | 阅读:16 | 回复:0
  • CVE-2021-3645
    CVE-2021-3645
    merge is vulnerable to Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:42 | 阅读:30 | 回复:0
  • CVE-2021-34346
    CVE-2021-34346
    A stack buffer overflow vulnerability has been reported to affect QNAP device running NVR Storage Expansion. If exploited, this vulnerability allows attackers to execute arbitrary code. We have alread ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:42 | 阅读:10 | 回复:0
  • CVE-2021-34345
    CVE-2021-34345
    A stack buffer overflow vulnerability has been reported to affect QNAP device running NVR Storage Expansion. If exploited, this vulnerability allows attackers to execute arbitrary code. We have alread ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:42 | 阅读:12 | 回复:0
  • CVE-2021-34344
    CVE-2021-34344
    A stack buffer overflow vulnerability has been reported to affect QNAP device running QUSBCam2. If exploited, this vulnerability allows attackers to execute arbitrary code. We have already fixed this ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:42 | 阅读:8 | 回复:0
  • CVE-2021-34343
    CVE-2021-34343
    A stack buffer overflow vulnerability has been reported to affect QNAP device running QTS, QuTScloud, QuTS hero. If exploited, this vulnerability allows attackers to execute arbitrary code. We have al ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:42 | 阅读:9 | 回复:0
  • CVE-2021-28816
    CVE-2021-28816
    A stack buffer overflow vulnerability has been reported to affect QNAP device running QTS, QuTScloud, QuTS hero. If exploited, this vulnerability allows attackers to execute arbitrary code. We have al ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:42 | 阅读:5 | 回复:0
  • CVE-2021-28813
    CVE-2021-28813
    A vulnerability involving insecure storage of sensitive information has been reported to affect QSW-M2116P-2T2S and QNAP switches running QuNetSwitch. If exploited, this vulnerability allows remote at ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:42 | 阅读:6 | 回复:0
  • CVE-2018-19957
    CVE-2018-19957
    A vulnerability involving insufficient HTTP security headers has been reported to affect QNAP NAS running QTS, QuTS hero, and QuTScloud. This vulnerability allows remote attackers to launch privacy an ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:42 | 阅读:21 | 回复:0
  • CVE-2021-40839
    CVE-2021-40839
    The rencode package through 1.0.6 for Python allows an infinite loop in typecode decoding (such as via ;\x2f\x7f), enabling a remote attack that consumes CPU and memory.……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:42 | 阅读:5 | 回复:0
  • CVE-2021-39206
    CVE-2021-39206
    Pomerium is an open source identity-aware access proxy. Envoy, which Pomerium is based on, contains two authorization related vulnerabilities CVE-2021-32777 and CVE-2021-32779. This may lead to incorr ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:42 | 阅读:21 | 回复:0
  • CVE-2020-19295
    CVE-2020-19295
    A reflected cross-site scripting (XSS) vulnerability in the /weibo/topic component of Jeesns 1.4.2 allows attackers to execute arbitrary web scripts or HTML.……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:42 | 阅读:19 | 回复:0
  • CVE-2020-19294
    CVE-2020-19294
    A stored cross-site scripting (XSS) vulnerability in the /article/comment component of Jeesns 1.4.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payload in the article comme ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:42 | 阅读:11 | 回复:0
  • CVE-2020-19293
    CVE-2020-19293
    A stored cross-site scripting (XSS) vulnerability in the /article/add component of Jeesns 1.4.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payload in a posted article.……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:42 | 阅读:14 | 回复:0
  • CVE-2020-19292
    CVE-2020-19292
    A stored cross-site scripting (XSS) vulnerability in the /question/ask component of Jeesns 1.4.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payload in a posted question.……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:42 | 阅读:19 | 回复:0
  • CVE-2020-19291
    CVE-2020-19291
    A stored cross-site scripting (XSS) vulnerability in the /weibo/publishdata component of Jeesns 1.4.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payload in a posted Weibo.……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:42 | 阅读:12 | 回复:0
  • CVE-2020-19290
    CVE-2020-19290
    A stored cross-site scripting (XSS) vulnerability in the /weibo/comment component of Jeesns 1.4.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payload in the Weibo comment s ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:42 | 阅读:19 | 回复:0
  • CVE-2020-19289
    CVE-2020-19289
    A stored cross-site scripting (XSS) vulnerability in the /member/picture/album component of Jeesns 1.4.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payload in the new albu ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:42 | 阅读:15 | 回复:0
  • CVE-2020-19288
    CVE-2020-19288
    A stored cross-site scripting (XSS) vulnerability in the /localhost/u component of Jeesns 1.4.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payload in a private message.……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:42 | 阅读:17 | 回复:0
  • CVE-2020-19287
    CVE-2020-19287
    A stored cross-site scripting (XSS) vulnerability in the /group/post component of Jeesns 1.4.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payload in the title.……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:42 | 阅读:14 | 回复:0
  • CVE-2020-19286
    CVE-2020-19286
    A stored cross-site scripting (XSS) vulnerability in the /question/detail component of Jeesns 1.4.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payload in the source field ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:42 | 阅读:7 | 回复:0
  • CVE-2020-19285
    CVE-2020-19285
    A stored cross-site scripting (XSS) vulnerability in the /group/apply component of Jeesns 1.4.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payload in the Name text field.……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:42 | 阅读:8 | 回复:0
  • CVE-2020-19284
    CVE-2020-19284
    A stored cross-site scripting (XSS) vulnerability in the /group/comment component of Jeesns 1.4.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payload in the group comments ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:42 | 阅读:12 | 回复:0
  • CVE-2020-19283
    CVE-2020-19283
    A reflected cross-site scripting (XSS) vulnerability in the /newVersion component of Jeesns 1.4.2 allows attackers to execute arbitrary web scripts or HTML.……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:42 | 阅读:13 | 回复:0
  • CVE-2020-19282
    CVE-2020-19282
    A reflected cross-site scripting (XSS) vulnerability in Jeesns 1.4.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payload in the system error message's text field.……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:42 | 阅读:16 | 回复:0
  • CVE-2020-19281
    CVE-2020-19281
    A stored cross-site scripting (XSS) vulnerability in the /manage/loginusername component of Jeesns 1.4.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payload in the username ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:42 | 阅读:41 | 回复:0
  • CVE-2020-19280
    CVE-2020-19280
    Jeesns 1.4.2 contains a cross-site request forgery (CSRF) which allows attackers to escalate privileges and perform sensitive program operations.……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:42 | 阅读:32 | 回复:0
  • CVE-2021-39204
    CVE-2021-39204
    Pomerium is an open source identity-aware access proxy. Envoy, which Pomerium is based on, incorrectly handles resetting of HTTP/2 streams with excessive complexity. This can lead to high CPU utilizat ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:42 | 阅读:26 | 回复:0
  • CVE-2021-39203
    CVE-2021-39203
    WordPress is a free and open-source content management system written in PHP and paired with a MySQL or MariaDB database. In affected versions authenticated users who don't have permission to view ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:42 | 阅读:12 | 回复:0
  • CVE-2021-39202
    CVE-2021-39202
    WordPress is a free and open-source content management system written in PHP and paired with a MySQL or MariaDB database. In affected versions the widgets editor introduced in WordPress 5.8 beta 1 has ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:42 | 阅读:23 | 回复:0
  • CVE-2021-39201
    CVE-2021-39201
    WordPress is a free and open-source content management system written in PHP and paired with a MySQL or MariaDB database. ### Impact The issue allows an authenticated but low-privileged user (like con ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:42 | 阅读:20 | 回复:0
  • CVE-2021-39200
    CVE-2021-39200
    WordPress is a free and open-source content management system written in PHP and paired with a MySQL or MariaDB database. In affected versions output data of the function wp_die() can be leaked under ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:42 | 阅读:16 | 回复:0
  • CVE-2021-39162
    CVE-2021-39162
    Pomerium is an open source identity-aware access proxy. Envoy, which Pomerium is based on, can abnormally terminate if an H/2 GOAWAY and SETTINGS frame are received in the same IO event. This can lead ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:42 | 阅读:19 | 回复:0
  • CVE-2021-32724
    CVE-2021-32724
    check-spelling is a github action which provides CI spell checking. In affected versions and for a repository with the (https://github.com/marketplace/actions/check-spelling) enabled that triggers on ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:42 | 阅读:26 | 回复:0
  • CVE-2021-38325
    CVE-2021-38325
    The User Activation Email WordPress plugin is vulnerable to Reflected Cross-Site Scripting via the uae-key parameter found in the ~/user-activation-email.php file which allows attackers to inject arbi ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:42 | 阅读:22 | 回复:0
  • CVE-2021-38324
    CVE-2021-38324
    The SP Rental Manager WordPress plugin is vulnerable to SQL Injection via the orderby parameter found in the ~/user/shortcodes.php file which allows attackers to retrieve information contained in a si ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:42 | 阅读:23 | 回复:0
  • CVE-2021-38323
    CVE-2021-38323
    The RentPress WordPress plugin is vulnerable to Reflected Cross-Site Scripting via the selections parameter found in the ~/src/rentPress/AjaxRequests.php file which allows attackers to inject arbitrar ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:42 | 阅读:16 | 回复:0
  • CVE-2021-38322
    CVE-2021-38322
    The Twitter Friends Widget WordPress plugin is vulnerable to Reflected Cross-Site Scripting via the pmc_TF_user and pmc_TF_password parameter found in the ~/twitter-friends-widget.php file which allow ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:42 | 阅读:13 | 回复:0
  • CVE-2021-38321
    CVE-2021-38321
    The Custom Menu Plugin WordPress plugin is vulnerable to Reflected Cross-Site Scripting via the selected_menu parameter found in the ~/custom-menus.php file which allows attackers to inject arbitrary ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:42 | 阅读:20 | 回复:0

关注我们

极客给你想要的成长

关注极客中国获取最新资讯

热门推荐
阅读排行榜

扫描微信二维码

查看手机版网站

随时了解更新最新资讯

139-2527-9053

在线客服(服务时间 9:00~18:00)

在线QQ客服
地址:深圳市南山区西丽大学城创智工业园
电邮:jeky_zhao#qq.com
移动电话:139-2527-9053

Powered by 互联科技 X3.4© 2001-2213 极客世界.|Sitemap