漏洞 - 第703页-OGeek|极客世界-中国程序员成长平台

OGeek|极客世界-中国程序员成长平台 › 门户 ›漏洞

漏洞

RSS

下级分类:

CVE漏洞

CVE-2021-21820

A hard-coded password vulnerability exists in the Libcli Test Environment functionality of D-LINK DIR-3040 1.13B03. A specially crafted network request can lead to code execution. An attacker can send ...……

作者：菜鸟教程小白 | 时间：2022-2-5 11:27 | 阅读：17 | 回复：0
CVE漏洞

CVE-2021-21819

A code execution vulnerability exists in the Libcli Test Environment functionality of D-LINK DIR-3040 1.13B03. A specially crafted network request can lead to arbitrary command execution. An attacker ...……

作者：菜鸟教程小白 | 时间：2022-2-5 11:27 | 阅读：11 | 回复：0
CVE漏洞

CVE-2021-21818

A hard-coded password vulnerability exists in the Zebra IP Routing Manager functionality of D-LINK DIR-3040 1.13B03. A specially crafted network request can lead to a denial of service. An attacker ca ...……

作者：菜鸟教程小白 | 时间：2022-2-5 11:27 | 阅读：24 | 回复：0
CVE漏洞

CVE-2021-21817

An information disclosure vulnerability exists in the Zebra IP Routing Manager functionality of D-LINK DIR-3040 1.13B03. A specially crafted network request can lead to the disclosure of sensitive inf ...……

作者：菜鸟教程小白 | 时间：2022-2-5 11:27 | 阅读：9 | 回复：0
CVE漏洞

CVE-2021-21816

An information disclosure vulnerability exists in the Syslog functionality of D-LINK DIR-3040 1.13B03. A specially crafted network request can lead to the disclosure of sensitive information. An attac ...……

作者：菜鸟教程小白 | 时间：2022-2-5 11:27 | 阅读：12 | 回复：0
CVE漏洞

CVE-2021-21804

A local file inclusion (LFI) vulnerability exists in the options.php script functionality of Advantech R-SeeNet v 2.4.12 (20.10.2020). A specially crafted HTTP request can lead to arbitrary PHP code e ...……

作者：菜鸟教程小白 | 时间：2022-2-5 11:27 | 阅读：9 | 回复：0
CVE漏洞

CVE-2021-21803

This vulnerability is present in device_graph_page.php script, which is a part of the Advantech R-SeeNet web applications. A specially crafted URL by an attacker and visited by a victim can lead to ar ...……

作者：菜鸟教程小白 | 时间：2022-2-5 11:27 | 阅读：10 | 回复：0
CVE漏洞

CVE-2021-21802

This vulnerability is present in device_graph_page.php script, which is a part of the Advantech R-SeeNet web applications. A specially crafted URL by an attacker and visited by a victim can lead to ar ...……

作者：菜鸟教程小白 | 时间：2022-2-5 11:27 | 阅读：18 | 回复：0
CVE漏洞

CVE-2021-21801

This vulnerability is present in device_graph_page.php script, which is a part of the Advantech R-SeeNet web applications. A specially crafted URL by an attacker and visited by a victim can lead to ar ...……

作者：菜鸟教程小白 | 时间：2022-2-5 11:27 | 阅读：22 | 回复：0
CVE漏洞

CVE-2021-21800

Cross-site scripting vulnerabilities exist in the ssh_form.php script functionality of Advantech R-SeeNet v 2.4.12 (20.10.2020). If a user visits a specially crafted URL, it can lead to arbitrary Java ...……

作者：菜鸟教程小白 | 时间：2022-2-5 11:27 | 阅读：22 | 回复：0
CVE漏洞

CVE-2021-21799

Cross-site scripting vulnerabilities exist in the telnet_form.php script functionality of Advantech R-SeeNet v 2.4.12 (20.10.2020). If a user visits a specially crafted URL, it can lead to arbitrary J ...……

作者：菜鸟教程小白 | 时间：2022-2-5 11:27 | 阅读：19 | 回复：0
CVE漏洞

CVE-2021-36758

1Password Connect server before 1.2 is missing validation checks, permitting users to create Secrets Automation access tokens that can be used to perform privilege escalation. Malicious users authoriz ...……

作者：菜鸟教程小白 | 时间：2022-2-5 11:27 | 阅读：24 | 回复：0
CVE漏洞

CVE-2021-36755

Nightscout Web Monitor (aka cgm-remote-monitor) 14.2.2 allows XSS via a crafted X-Forwarded-For header.……

作者：菜鸟教程小白 | 时间：2022-2-5 11:27 | 阅读：36 | 回复：0
CVE漏洞

CVE-2020-23707

A heap-based buffer overflow vulnerability in the function ok_jpg_decode_block_progressive() at ok_jpg.c:1054 of ok-file-formats through 2020-06-26 allows attackers to cause a Denial of Service (DOS) ...……

作者：菜鸟教程小白 | 时间：2022-2-5 11:27 | 阅读：34 | 回复：0
CVE漏洞

CVE-2020-23706

A heap-based buffer overflow vulnerability in the function ok_jpg_decode_block_subsequent_scan() ok_jpg.c:1102 of ok-file-formats through 2020-06-26 allows attackers to cause a Denial of Service (DOS) ...……

作者：菜鸟教程小白 | 时间：2022-2-5 11:27 | 阅读：18 | 回复：0
CVE漏洞

CVE-2020-23705

A global buffer overflow vulnerability in jfif_encode at jfif.c:701 of ffjpeg through 2020-06-22 allows attackers to cause a Denial of Service (DOS) via a crafted jpeg file.……

作者：菜鸟教程小白 | 时间：2022-2-5 11:27 | 阅读：29 | 回复：0
CVE漏洞

CVE-2021-32764

Discourse is an open-source discussion platform. In Discourse versions 2.7.5 and prior, parsing and rendering of YouTube Oneboxes can be susceptible to XSS attacks. This vulnerability only affects sit ...……

作者：菜鸟教程小白 | 时间：2022-2-5 11:27 | 阅读：28 | 回复：0
CVE漏洞

CVE-2021-36753

sharkdp BAT before 0.18.2 executes less.exe from the current working directory.……

作者：菜鸟教程小白 | 时间：2022-2-5 11:27 | 阅读：25 | 回复：0
CVE漏洞

CVE-2021-0295

A vulnerability in the Distance Vector Multicast Routing Protocol (DVMRP) of Juniper Networks Junos OS on the QFX10K Series switches allows an attacker to trigger a packet forwarding loop, leading to ...……

作者：菜鸟教程小白 | 时间：2022-2-5 11:27 | 阅读：8 | 回复：0
CVE漏洞

CVE-2021-0294

A vulnerability in Juniper Networks Junos OS, which only affects the release 18.4R2-S5, where a function is inconsistently implemented on Juniper Networks Junos QFX5000 Series and EX4600 Series, and i ...……

作者：菜鸟教程小白 | 时间：2022-2-5 11:27 | 阅读：17 | 回复：0
CVE漏洞

CVE-2021-0293

A vulnerability in Juniper Networks Junos OS caused by Missing Release of Memory after Effective Lifetime leads to a memory leak each time the CLI command 'show system connections extensive' i ...……

作者：菜鸟教程小白 | 时间：2022-2-5 11:27 | 阅读：14 | 回复：0
CVE漏洞

CVE-2021-0292

An Uncontrolled Resource Consumption vulnerability in the ARP daemon (arpd) and Network Discovery Protocol (ndp) process of Juniper Networks Junos OS Evolved allows a malicious attacker on the local n ...……

作者：菜鸟教程小白 | 时间：2022-2-5 11:27 | 阅读：26 | 回复：0
CVE漏洞

CVE-2021-0291

An Exposure of System Data vulnerability in Juniper Networks Junos OS and Junos OS Evolved, where a sensitive system-level resource is not being sufficiently protected, allows a network-based unauthen ...……

作者：菜鸟教程小白 | 时间：2022-2-5 11:27 | 阅读：17 | 回复：0
CVE漏洞

CVE-2021-0290

Improper Handling of Exceptional Conditions in Ethernet interface frame processing of Juniper Networks Junos OS allows an attacker to send specially crafted frames over the local Ethernet segment, cau ...……

作者：菜鸟教程小白 | 时间：2022-2-5 11:27 | 阅读：16 | 回复：0
CVE漏洞

CVE-2021-0289

When user-defined ARP Policer is configured and applied on one or more Aggregated Ethernet (AE) interface units, a Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability between the Device Co ...……

作者：菜鸟教程小白 | 时间：2022-2-5 11:27 | 阅读：8 | 回复：0
CVE漏洞

CVE-2021-0288

A vulnerability in the processing of specific MPLS packets in Juniper Networks Junos OS on MX Series and EX9200 Series devices with Trio-based MPCs (Modular Port Concentrators) may cause FPC to crash ...……

作者：菜鸟教程小白 | 时间：2022-2-5 11:27 | 阅读：15 | 回复：0
CVE漏洞

CVE-2021-0287

In a Segment Routing ISIS (SR-ISIS)/MPLS environment, on Juniper Networks Junos OS and Junos OS Evolved devices, configured with ISIS Flexible Algorithm for Segment Routing and sensor-based statistics ...……

作者：菜鸟教程小白 | 时间：2022-2-5 11:27 | 阅读：20 | 回复：0
CVE漏洞

CVE-2021-0286

A vulnerability in the handling of exceptional conditions in Juniper Networks Junos OS Evolved (EVO) allows an attacker to send specially crafted packets to the device, causing the Advanced Forwarding ...……

作者：菜鸟教程小白 | 时间：2022-2-5 11:27 | 阅读：19 | 回复：0
CVE漏洞

CVE-2021-0285

An uncontrolled resource consumption vulnerability in Juniper Networks Junos OS on QFX5000 Series and EX4600 Series switches allows an attacker sending large amounts of legitimate traffic destined to ...……

作者：菜鸟教程小白 | 时间：2022-2-5 11:27 | 阅读：16 | 回复：0
CVE漏洞

CVE-2021-0283

A buffer overflow vulnerability in the TCP/IP stack of Juniper Networks Junos OS allows an attacker to send specific sequences of packets to the device thereby causing a Denial of Service (DoS). By re ...……

作者：菜鸟教程小白 | 时间：2022-2-5 11:27 | 阅读：10 | 回复：0
CVE漏洞

CVE-2021-37621

Exiv2 is a command-line utility and C++ library for reading, writing, deleting, and modifying the metadata of image files. An infinite loop was found in Exiv2 versions v0.27.4 and earlier. The infinit ...……

作者：菜鸟教程小白 | 时间：2022-2-5 11:27 | 阅读：13 | 回复：0
CVE漏洞

CVE-2021-37620

Exiv2 is a command-line utility and C++ library for reading, writing, deleting, and modifying the metadata of image files. An out-of-bounds read was found in Exiv2 versions v0.27.4 and earlier. The ou ...……

作者：菜鸟教程小白 | 时间：2022-2-5 11:27 | 阅读：20 | 回复：0
CVE漏洞

CVE-2021-37619

Exiv2 is a command-line utility and C++ library for reading, writing, deleting, and modifying the metadata of image files. An out-of-bounds read was found in Exiv2 versions v0.27.4 and earlier. The ou ...……

作者：菜鸟教程小白 | 时间：2022-2-5 11:27 | 阅读：29 | 回复：0
CVE漏洞

CVE-2021-37618

Exiv2 is a command-line utility and C++ library for reading, writing, deleting, and modifying the metadata of image files. An out-of-bounds read was found in Exiv2 versions v0.27.4 and earlier. The ou ...……

作者：菜鸟教程小白 | 时间：2022-2-5 11:27 | 阅读：21 | 回复：0
CVE漏洞

CVE-2021-37616

Exiv2 is a command-line utility and C++ library for reading, writing, deleting, and modifying the metadata of image files. A null pointer dereference was found in Exiv2 versions v0.27.4 and earlier. T ...……

作者：菜鸟教程小白 | 时间：2022-2-5 11:27 | 阅读：19 | 回复：0
CVE漏洞

CVE-2018-17865

** UNSUPPORTED WHEN ASSIGNED ** A cross-site scripting (XSS) vulnerability in SAP J2EE Engine 7.01 allows remote attackers to inject arbitrary web script via the wsdlPath parameter to /ctcprotocol/Pro ...……

作者：菜鸟教程小白 | 时间：2022-2-5 11:27 | 阅读：31 | 回复：0
CVE漏洞

CVE-2018-17862

** UNSUPPORTED WHEN ASSIGNED ** A cross-site scripting (XSS) vulnerability in SAP J2EE Engine/7.01/Fiori allows remote attackers to inject arbitrary web script via the sys_jdbc parameter to /TestJDBC_ ...……

作者：菜鸟教程小白 | 时间：2022-2-5 11:27 | 阅读：40 | 回复：0
CVE漏洞

CVE-2018-17861

** UNSUPPORTED WHEN ASSIGNED ** A cross-site scripting (XSS) vulnerability in SAP J2EE Engine/7.01/Portal/EPP allows remote attackers to inject arbitrary web script via the wsdlLib parameter to /ctcpr ...……

作者：菜鸟教程小白 | 时间：2022-2-5 11:27 | 阅读：14 | 回复：0
CVE漏洞

CVE-2015-7731

SAP Mobile Platform 3.0 SP05 ClientHub allows attackers to obtain the keystream and other sensitive information via the DataVault, aka SAP Security Note 2094830.……

作者：菜鸟教程小白 | 时间：2022-2-5 11:27 | 阅读：20 | 回复：0
CVE漏洞

CVE-2015-2074

The File Repository Server (FRS) CORBA listener in SAP BussinessObjects Edge 4.0 allows remote attackers to write to arbitrary files via a full pathname, aka SAP Note 2018681.……

作者：菜鸟教程小白 | 时间：2022-2-5 11:27 | 阅读：19 | 回复：0