• 设为首页
  • 点击收藏
  • 手机版
    手机扫一扫访问
    迪恩网络手机版
  • 关注官方公众号
    微信扫一扫关注
    迪恩网络公众号
登陆 注册
描述文字
OGeek|极客世界-中国程序员成长平台 门户 漏洞

漏洞

RSS

下级分类:

  • CVE-2021-38305
    CVE漏洞
    CVE-2021-38305
    23andMe Yamale before 3.0.8 allows remote attackers to execute arbitrary code via a crafted schema file. The schema parser uses eval as part of its processing, and tries to protect from malicious expr ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:28 | 阅读:15 | 回复:0
  • CVE-2021-36277
    CVE漏洞
    CVE-2021-36277
    Dell Command Update, Dell Update, and Alienware Update versions prior to 4.3 contains a Improper Certificate Verification vulnerability. A local authenticated malicious user could exploit this vulnera ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:28 | 阅读:13 | 回复:0
  • CVE-2021-36276
    CVE漏洞
    CVE-2021-36276
    Dell DBUtilDrv2.sys driver (versions 2.5 and 2.6) contains an insufficient access control vulnerability which may lead to escalation of privileges, denial of service, or information disclosure. Local ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:28 | 阅读:8 | 回复:0
  • CVE-2021-32798
    CVE漏洞
    CVE-2021-32798
    The Jupyter notebook is a web-based notebook environment for interactive computing. In affected versions untrusted notebook can execute code on load. Jupyter Notebook uses a deprecated version of Goog ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:28 | 阅读:12 | 回复:0
  • CVE-2021-32797
    CVE漏洞
    CVE-2021-32797
    JupyterLab is a user interface for Project Jupyter which will eventually replace the classic Jupyter Notebook. In affected versions untrusted notebook can execute code on load. In particular JupyterLa ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:28 | 阅读:25 | 回复:0
  • CVE-2021-21596
    CVE漏洞
    CVE-2021-21596
    Dell OpenManage Enterprise versions 3.4 through 3.6.1 and Dell OpenManage Enterprise Modular versions 1.20.00 through 1.30.00, contain a remote code execution vulnerability. A malicious attacker with ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:28 | 阅读:28 | 回复:0
  • CVE-2021-21585
    CVE漏洞
    CVE-2021-21585
    Dell OpenManage Enterprise versions prior to 3.6.1 contain an OS command injection vulnerability in RACADM and IPMI tools. A remote authenticated malicious user with high privileges may potentially ex ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:28 | 阅读:30 | 回复:0
  • CVE-2021-21584
    CVE漏洞
    CVE-2021-21584
    Dell OpenManage Enterprise version 3.5 and OpenManage Enterprise-Modular version 1.30.00 contain an information disclosure vulnerability. An authenticated low privileged attacker may potentially explo ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:28 | 阅读:12 | 回复:0
  • CVE-2021-21564
    CVE漏洞
    CVE-2021-21564
    Dell OpenManage Enterprise versions prior to 3.6.1 contain an improper authentication vulnerability. A remote unauthenticated attacker may potentially exploit this vulnerability to hijack an elevated ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:28 | 阅读:19 | 回复:0
  • CVE-2021-37634
    CVE漏洞
    CVE-2021-37634
    Leafkit is a templating language with Swift-inspired syntax. Versions prior to 1.3.0 are susceptible to Cross-site Scripting (XSS) attacks. This affects anyone passing unsanitised data to Leaf's v ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:28 | 阅读:23 | 回复:0
  • CVE-2021-37633
    CVE漏洞
    CVE-2021-37633
    Discourse is an open source discussion platform. In versions prior to 2.7.8 rendering of d-popover tooltips can be susceptible to XSS attacks. This vulnerability only affects sites which have modified ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:28 | 阅读:16 | 回复:0
  • CVE-2021-37615
    CVE漏洞
    CVE-2021-37615
    Exiv2 is a command-line utility and C++ library for reading, writing, deleting, and modifying the metadata of image files. A null pointer dereference was found in Exiv2 versions v0.27.4 and earlier. T ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:28 | 阅读:29 | 回复:0
  • CVE-2021-34335
    CVE漏洞
    CVE-2021-34335
    Exiv2 is a command-line utility and C++ library for reading, writing, deleting, and modifying the metadata of image files. A floating point exception (FPE) due to an integer divide by zero was found i ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:28 | 阅读:29 | 回复:0
  • CVE-2021-37622
    CVE漏洞
    CVE-2021-37622
    Exiv2 is a command-line utility and C++ library for reading, writing, deleting, and modifying the metadata of image files. An infinite loop was found in Exiv2 versions v0.27.4 and earlier. The infinit ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:28 | 阅读:18 | 回复:0
  • CVE-2020-29503
    CVE漏洞
    CVE-2020-29503
    Dell EMC PowerStore versions prior to 1.0.3.0.5.xxx contain a file permission Vulnerability. A locally authenticated attacker could potentially exploit this vulnerability, leading to the information d ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:27 | 阅读:11 | 回复:0
  • CVE-2020-29499
    CVE漏洞
    CVE-2020-29499
    Dell EMC PowerStore versions prior to 1.0.3.0.5.006 contain an OS Command Injection vulnerability in PowerStore X environment . A locally authenticated attacker could potentially exploit this vulnerab ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:27 | 阅读:13 | 回复:0
  • CVE-2021-3135
    CVE漏洞
    CVE-2021-3135
    An issue was discovered in the tagDiv Newspaper theme 10.3.9.1 for WordPress. It allows XSS via the wp-admin/admin-ajax.php td_block_id parameter in a td_ajax_block API call.……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:27 | 阅读:15 | 回复:0
  • CVE-2021-32760
    CVE漏洞
    CVE-2021-32760
    containerd is a container runtime. A bug was found in containerd versions prior to 1.4.8 and 1.5.4 where pulling and extracting a specially-crafted container image can result in Unix file permission c ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:27 | 阅读:11 | 回复:0
  • CVE-2021-34618
    CVE漏洞
    CVE-2021-34618
    A remote denial of service (DoS) vulnerability was discovered in some Aruba Instant Access Point (IAP) products in version(s): Aruba Instant 6.4.x: 6.4.4.8-4.2.4.18 and below; Aruba Instant 6.5.x: 6.5 ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:27 | 阅读:10 | 回复:0
  • CVE-2021-34617
    CVE漏洞
    CVE-2021-34617
    A remote cross-site scripting (XSS) vulnerability was discovered in some Aruba Instant Access Point (IAP) products in version(s): Aruba Instant 6.4.x: 6.4.4.8-4.2.4.13 and below; Aruba Instant 6.5.x: ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:27 | 阅读:9 | 回复:0
  • CVE-2021-31590
    CVE漏洞
    CVE-2021-31590
    PwnDoc all versions until 0.4.0 (2021-08-23) has incorrect JSON Webtoken handling, leading to incorrect access control. With a valid JSON Webtoken that is used for authentication and authorization, a ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:27 | 阅读:9 | 回复:0
  • CVE-2020-22741
    CVE漏洞
    CVE-2020-22741
    An issue was discovered in Xuperchain 3.6.0 that allows for attackers to recover any arbitrary users' private key after obtaining the partial signature in multisignature.……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:27 | 阅读:31 | 回复:0
  • CVE-2021-34821
    CVE漏洞
    CVE-2021-34821
    Cross Site Scripting (XSS) vulnerability exists in AAT Novus Management System through 1.51.2. The WebUI has wrong HTTP 404 error handling implemented. A remote, unauthenticated attacker may be able t ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:27 | 阅读:13 | 回复:0
  • CVE-2021-34820
    CVE漏洞
    CVE-2021-34820
    Web Path Directory Traversal in the Novus HTTP Server. The Novus HTTP Server is affected by the Directory Traversal for Arbitrary File Access vulnerability. A remote, unauthenticated attacker using an ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:27 | 阅读:8 | 回复:0
  • CVE-2020-20249
    CVE漏洞
    CVE-2020-20249
    Mikrotik RouterOs before stable 6.47 suffers from a memory corruption vulnerability in the resolver process. By sending a crafted packet, an authenticated remote attacker can cause a Denial of Service ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:27 | 阅读:8 | 回复:0
  • CVE-2020-20248
    CVE漏洞
    CVE-2020-20248
    Mikrotik RouterOs before stable 6.47 suffers from an uncontrolled resource consumption in the memtest process. An authenticated remote attacker can cause a Denial of Service due to overloading the sys ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:27 | 阅读:13 | 回复:0
  • CVE-2021-36799
    CVE漏洞
    CVE-2021-36799
    ** UNSUPPORTED WHEN ASSIGNED ** KNX ETS5 through 5.7.6 uses the hard-coded password ETS5Password, with a salt value of Ivan Medvedev, allowing local users to read project information. NOTE: This vulne ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:27 | 阅读:57 | 回复:0
  • CVE-2021-36797
    CVE漏洞
    CVE-2021-36797
    ** DISPUTED ** In Victron Energy Venus OS through 2.72, root access is granted by default to anyone with physical access to the device. NOTE: the vendor disagrees with the reporter's opinion about ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:27 | 阅读:20 | 回复:0
  • CVE-2021-34676
    CVE漏洞
    CVE-2021-34676
    Basix NEX-Forms through 7.8.7 allows authentication bypass for Excel report generation.……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:27 | 阅读:5 | 回复:0
  • CVE-2021-34675
    CVE漏洞
    CVE-2021-34675
    Basix NEX-Forms through 7.8.7 allows authentication bypass for stored PDF reports.……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:27 | 阅读:14 | 回复:0
  • CVE-2020-36427
    CVE漏洞
    CVE-2020-36427
    GNOME gThumb before 3.10.1 allows an application crash via a malformed JPEG image.……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:27 | 阅读:19 | 回复:0
  • CVE-2020-36426
    CVE漏洞
    CVE-2020-36426
    An issue was discovered in Arm Mbed TLS before 2.24.0. mbedtls_x509_crl_parse_der has a buffer over-read (of one byte).……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:27 | 阅读:10 | 回复:0
  • CVE-2020-36425
    CVE漏洞
    CVE-2020-36425
    An issue was discovered in Arm Mbed TLS before 2.24.0. It incorrectly uses a revocationDate check when deciding whether to honor certificate revocation via a CRL. In some situations, an attacker can e ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:27 | 阅读:12 | 回复:0
  • CVE-2020-36424
    CVE漏洞
    CVE-2020-36424
    An issue was discovered in Arm Mbed TLS before 2.24.0. An attacker can recover a private key (for RSA or static Diffie-Hellman) via a side-channel attack against generation of base blinding/unblinding ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:27 | 阅读:7 | 回复:0
  • CVE-2020-36423
    CVE漏洞
    CVE-2020-36423
    An issue was discovered in Arm Mbed TLS before 2.23.0. A remote attacker can recover plaintext because a certain Lucky 13 countermeasure doesn't properly consider the case of a hardware accelerato ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:27 | 阅读:8 | 回复:0
  • CVE-2020-36422
    CVE漏洞
    CVE-2020-36422
    An issue was discovered in Arm Mbed TLS before 2.23.0. A side channel allows recovery of an ECC private key, related to mbedtls_ecp_check_pub_priv, mbedtls_pk_parse_key, mbedtls_pk_parse_keyfile, mbed ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:27 | 阅读:12 | 回复:0
  • CVE-2020-36421
    CVE漏洞
    CVE-2020-36421
    An issue was discovered in Arm Mbed TLS before 2.23.0. Because of a side channel in modular exponentiation, an RSA private key used in a secure enclave could be disclosed.……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:27 | 阅读:24 | 回复:0
  • CVE-2020-22650
    CVE漏洞
    CVE-2020-22650
    A memory leak vulnerability in sim-organizer.c of AlienVault Ossim v5 causes a denial of service (DOS) via a system crash triggered by the occurrence of a large number of alarm events.……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:27 | 阅读:20 | 回复:0
  • CVE-2020-20230
    CVE漏洞
    CVE-2020-20230
    Mikrotik RouterOs before stable 6.47 suffers from an uncontrolled resource consumption in the sshd process. An authenticated remote attacker can cause a Denial of Service due to overloading the system ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:27 | 阅读:15 | 回复:0
  • CVE-2021-29780
    CVE漏洞
    CVE-2021-29780
    IBM Resilient OnPrem v41.1 of IBM Security SOAR could allow an authenticated user to perform actions that they should not have access to due to improper input validation. IBM X-Force ID: 203085.……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:27 | 阅读:15 | 回复:0

关注我们

极客给你想要的成长

关注极客中国获取最新资讯

加入Q群 官方微博
热门推荐
More+
专题导读
More+
热门话题
More+
阅读排行榜

扫描微信二维码

查看手机版网站

随时了解更新最新资讯

139-2527-9053

在线客服(服务时间 9:00~18:00)

在线QQ客服
地址:深圳市南山区西丽大学城创智工业园
电邮:jeky_zhao#qq.com
移动电话:139-2527-9053

Powered by 互联科技 X3.4© 2001-2213 极客世界.|Sitemap