漏洞 - 第717页-OGeek|极客世界-中国程序员成长平台

OGeek|极客世界-中国程序员成长平台 › 门户 ›漏洞

漏洞

RSS

下级分类:

CVE漏洞

CVE-2021-21994

SFCB (Small Footprint CIM Broker) as used in ESXi has an authentication bypass vulnerability. A malicious actor with network access to port 5989 on ESXi may exploit this issue to bypass SFCB authentic ...……

作者：菜鸟教程小白 | 时间：2022-2-5 11:25 | 阅读：47 | 回复：0
CVE漏洞

CVE-2021-36214

LINE client for iOS before 10.16.3 allows cross site script with specific header in WebView.……

作者：菜鸟教程小白 | 时间：2022-2-5 11:25 | 阅读：21 | 回复：0
CVE漏洞

CVE-2021-31217

In SolarWinds DameWare Mini Remote Control Server 12.0.1.200, insecure file permissions allow file deletion as SYSTEM.……

作者：菜鸟教程小白 | 时间：2022-2-5 11:25 | 阅读：21 | 回复：0
CVE漏洞

CVE-2020-20252

Mikrotik RouterOs before stable version 6.47 suffers from a memory corruption vulnerability in the /nova/bin/lcdstat process. An authenticated remote attacker can cause a Denial of Service (NULL point ...……

作者：菜鸟教程小白 | 时间：2022-2-5 11:25 | 阅读：22 | 回复：0
CVE漏洞

CVE-2021-34552

Pillow through 8.2.0 and PIL (aka Python Imaging Library) through 1.1.7 allow an attacker to pass controlled parameters directly into a convert function to trigger a buffer overflow in Convert.c.……

作者：菜鸟教程小白 | 时间：2022-2-5 11:25 | 阅读：25 | 回复：0
CVE漏洞

CVE-2021-20424

IBM Cloud Pak for Applications 4.3 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in f ...……

作者：菜鸟教程小白 | 时间：2022-2-5 11:25 | 阅读：16 | 回复：0
CVE漏洞

CVE-2021-20423

IBM Cloud Pak for Applications 4.3 could allow an authenticated user gain escalated privilesges due to improper application permissions. IBM X-Force ID: 196308.……

作者：菜鸟教程小白 | 时间：2022-2-5 11:25 | 阅读：23 | 回复：0
CVE漏洞

CVE-2021-20422

IBM Cloud Pak for Applications 4.3 could disclose sensitive information to a malicious attacker by accessing data stored in memory. IBM X-Force ID: 196304.……

作者：菜鸟教程小白 | 时间：2022-2-5 11:25 | 阅读：20 | 回复：0
CVE漏洞

CVE-2021-20369

IBM Cloud Pak for Applications 4.3 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 195361.……

作者：菜鸟教程小白 | 时间：2022-2-5 11:25 | 阅读：27 | 回复：0
CVE漏洞

CVE-2021-20368

IBM Cloud Pak for Applications 4.3 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality pote ...……

作者：菜鸟教程小白 | 时间：2022-2-5 11:25 | 阅读：28 | 回复：0
CVE漏洞

CVE-2021-20366

IBM Cloud Pak for Applications 4.3 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality pote ...……

作者：菜鸟教程小白 | 时间：2022-2-5 11:25 | 阅读：29 | 回复：0
CVE漏洞

CVE-2021-20365

IBM Cloud Pak for Applications 4.3 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality pote ...……

作者：菜鸟教程小白 | 时间：2022-2-5 11:25 | 阅读：32 | 回复：0
CVE漏洞

CVE-2021-20364

IBM Cloud Pak for Applications 4.3 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality pote ...……

作者：菜鸟教程小白 | 时间：2022-2-5 11:25 | 阅读：26 | 回复：0
CVE漏洞

CVE-2021-20363

IBM Cloud Pak for Applications 4.3 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality pote ...……

作者：菜鸟教程小白 | 时间：2022-2-5 11:25 | 阅读：29 | 回复：0
CVE漏洞

CVE-2021-20362

IBM Cloud Pak for Applications 4.3 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality pote ...……

作者：菜鸟教程小白 | 时间：2022-2-5 11:25 | 阅读：35 | 回复：0
CVE漏洞

CVE-2021-20361

IBM Cloud Pak for Applications 4.3 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality pote ...……

作者：菜鸟教程小白 | 时间：2022-2-5 11:25 | 阅读：40 | 回复：0
CVE漏洞

CVE-2021-20360

IBM Cloud Pak for Applications 4.3 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 195031.……

作者：菜鸟教程小白 | 时间：2022-2-5 11:25 | 阅读：39 | 回复：0
CVE漏洞

CVE-2020-22907

Stack overflow vulnerability in function jsi_evalcode_sub in jsish before 3.0.18, allows remote attackers to cause a Denial of Service via a crafted value to the execute parameter.……

作者：菜鸟教程小白 | 时间：2022-2-5 11:25 | 阅读：23 | 回复：0
CVE漏洞

CVE-2020-22886

Buffer overflow vulnerability in function jsG_markobject in jsgc.c in mujs before 1.0.8, allows remote attackers to cause a denial of service.……

作者：菜鸟教程小白 | 时间：2022-2-5 11:25 | 阅读：44 | 回复：0
CVE漏洞

CVE-2020-22885

Buffer overflow vulnerability in mujs before 1.0.8 due to recursion in the GC scanning phase, allows remote attackers to cause a denial of service.……

作者：菜鸟教程小白 | 时间：2022-2-5 11:25 | 阅读：21 | 回复：0
CVE漏洞

CVE-2020-22884

Buffer overflow vulnerability in function jsvGetStringChars in Espruino before RELEASE_2V09, allows remote attackers to execute arbitrary code.……

作者：菜鸟教程小白 | 时间：2022-2-5 11:25 | 阅读：29 | 回复：0
CVE漏洞

CVE-2020-22882

Issue was discovered in the fxParserTree function in moddable, allows attackers to cause denial of service via a crafted payload. Fixed in commit 723816ab9b52f807180c99fc69c7d08cf6c6bd61.……

作者：菜鸟教程小白 | 时间：2022-2-5 11:25 | 阅读：27 | 回复：0
CVE漏洞

CVE-2020-22876

Buffer Overflow vulnerability in quickjs.c in QuickJS, allows remote attackers to cause denial of service. This issue is resolved in the 2020-07-05 release.……

作者：菜鸟教程小白 | 时间：2022-2-5 11:25 | 阅读：41 | 回复：0
CVE漏洞

CVE-2020-22875

Integer overflow vulnerability in function Jsi_ObjSetLength in jsish before 3.0.6, allows remote attackers to execute arbitrary code.……

作者：菜鸟教程小白 | 时间：2022-2-5 11:25 | 阅读：41 | 回复：0
CVE漏洞

CVE-2020-22874

Integer overflow vulnerability in function Jsi_ObjArraySizer in jsish before 3.0.8, allows remote attackers to execute arbitrary code.……

作者：菜鸟教程小白 | 时间：2022-2-5 11:25 | 阅读：38 | 回复：0
CVE漏洞

CVE-2020-22873

Buffer overflow vulnerability in function NumberToPrecisionCmd in jsish before 3.0.7, allows remote attackers to execute arbitrary code.……

作者：菜鸟教程小白 | 时间：2022-2-5 11:25 | 阅读：30 | 回复：0
CVE漏洞

CVE-2021-36124

An issue was discovered in Echo ShareCare 8.15.5. It does not perform authentication or authorization checks when accessing a subset of sensitive resources, leading to the ability for unauthenticated ...……

作者：菜鸟教程小白 | 时间：2022-2-5 11:25 | 阅读：38 | 回复：0
CVE漏洞

CVE-2021-36123

An issue was discovered in Echo ShareCare 8.15.5. The TextReader feature in General/TextReader/TextReader.cfm is susceptible to a local file inclusion vulnerability when processing remote input in the ...……

作者：菜鸟教程小白 | 时间：2022-2-5 11:25 | 阅读：30 | 回复：0
CVE漏洞

CVE-2021-36122

An issue was discovered in Echo ShareCare 8.15.5. The UnzipFile feature in Access/EligFeedParse_Sup/UnzipFile_Upd.cfm is susceptible to a command argument injection vulnerability when processing remot ...……

作者：菜鸟教程小白 | 时间：2022-2-5 11:25 | 阅读：20 | 回复：0
CVE漏洞

CVE-2021-36121

An issue was discovered in Echo ShareCare 8.15.5. The file-upload feature in Access/DownloadFeed_Mnt/FileUpload_Upd.cfm is susceptible to an unrestricted upload vulnerability via the name1 parameter, ...……

作者：菜鸟教程小白 | 时间：2022-2-5 11:25 | 阅读：30 | 回复：0
CVE漏洞

CVE-2021-35957

Stormshield Endpoint Security Evolution 2.0.0 through 2.0.2 does not accomplish the intended defense against local administrators who can replace the Visual C++ runtime DLLs (in %WINDIR%\system32) wit ...……

作者：菜鸟教程小白 | 时间：2022-2-5 11:25 | 阅读：63 | 回复：0
CVE漏洞

CVE-2021-33578

Echo ShareCare 8.15.5 is susceptible to SQL injection vulnerabilities when processing remote input from both authenticated and unauthenticated users, leading to the ability to bypass authentication, e ...……

作者：菜鸟教程小白 | 时间：2022-2-5 11:25 | 阅读：28 | 回复：0
CVE漏洞

CVE-2021-31224

SES Evolution before 2.1.0 allows duplicating an existing security policy by leveraging access of a user having read-only access to security policies.……

作者：菜鸟教程小白 | 时间：2022-2-5 11:25 | 阅读：30 | 回复：0
CVE漏洞

CVE-2021-31223

SES Evolution before 2.1.0 allows reading some parts of a security policy by leveraging access to a computer having the administration console installed.……

作者：菜鸟教程小白 | 时间：2022-2-5 11:25 | 阅读：21 | 回复：0
CVE漏洞

CVE-2021-31222

SES Evolution before 2.1.0 allows updating some parts of a security policy by leveraging access to a computer having the administration console installed.……

作者：菜鸟教程小白 | 时间：2022-2-5 11:25 | 阅读：22 | 回复：0
CVE漏洞

CVE-2021-31221

SES Evolution before 2.1.0 allows deleting some parts of a security policy by leveraging access to a computer having the administration console installed.……

作者：菜鸟教程小白 | 时间：2022-2-5 11:25 | 阅读：19 | 回复：0
CVE漏洞

CVE-2021-31220

SES Evolution before 2.1.0 allows modifying security policies by leveraging access of a user having read-only access to security policies.……

作者：菜鸟教程小白 | 时间：2022-2-5 11:25 | 阅读：30 | 回复：0
CVE漏洞

CVE-2021-20593

Incorrect Implementation of Authentication Algorithm in Mitsubishi Electric Air Conditioning System/Centralized Controllers (G-50A Ver.2.50 to Ver. 3.35, GB-50A Ver.2.50 to Ver. 3.35, AG-150A-A Ver.3. ...……

作者：菜鸟教程小白 | 时间：2022-2-5 11:25 | 阅读：29 | 回复：0
CVE漏洞

CVE-2021-36376

dandavison delta before 0.8.3 on Windows resolves an executable's pathname as a relative path from the current directory.……

作者：菜鸟教程小白 | 时间：2022-2-5 11:25 | 阅读：26 | 回复：0
CVE漏洞

CVE-2021-31810

An issue was discovered in Ruby through 2.6.7, 2.7.x through 2.7.3, and 3.x through 3.0.1. A malicious FTP server can use the PASV response to trick Net::FTP into connecting back to a given IP address ...……

作者：菜鸟教程小白 | 时间：2022-2-5 11:25 | 阅读：23 | 回复：0