• 设为首页
  • 点击收藏
  • 手机版
    手机扫一扫访问
    迪恩网络手机版
  • 关注官方公众号
    微信扫一扫关注
    迪恩网络公众号
登陆 注册
描述文字
OGeek|极客世界-中国程序员成长平台 门户 漏洞

漏洞

RSS

下级分类:

  • CVE-2021-36702
    CVE漏洞
    CVE-2021-36702
    The content field in the regular post page of the add content menu under dashboard in htmly 2.8.1 has a storage cross site scripting (XSS) vulnerability. It allows remote attackers to send authenticat ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:25 | 阅读:16 | 回复:0
  • CVE-2021-36701
    CVE漏洞
    CVE-2021-36701
    In htmly version 2.8.1, is vulnerable to an Arbitrary File Deletion on the local host when delete backup files. The vulnerability may allow a remote attacker to delete arbitrary know files on the host ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:25 | 阅读:25 | 回复:0
  • CVE-2021-36543
    CVE漏洞
    CVE-2021-36543
    Cross-Site Request Forgery (CSRF) vulnerability in the /op/op.UnlockDocument.php in SeedDMS v5.1.x 5.1.23 and v6.0.x 6.0.16 allows a remote attacker to unlock any document without victim's knowled ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:25 | 阅读:18 | 回复:0
  • CVE-2021-36542
    CVE漏洞
    CVE-2021-36542
    Cross-Site Request Forgery (CSRF) vulnerability in the /op/op.LockDocument.php in SeedDMS v5.1.x5.1.23 and v6.0.x 6.0.16 allows a remote attacker to lock any document without victim's knowledge, b ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:25 | 阅读:17 | 回复:0
  • CVE-2021-35343
    CVE漏洞
    CVE-2021-35343
    Cross-Site Request Forgery (CSRF) vulnerability in the /op/op.Ajax.php in SeedDMS v5.1.x5.1.23 and v6.0.x6.0.16 allows a remote attacker to edit document name without victim's knowledge, by entici ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:25 | 阅读:21 | 回复:0
  • CVE-2021-33330
    CVE漏洞
    CVE-2021-33330
    Liferay Portal 7.2.0 through 7.3.2, and Liferay DXP 7.2 before fix pack 9, allows access to Cross-origin resource sharing (CORS) protected resources if the user is only authenticated using the portal ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:25 | 阅读:17 | 回复:0
  • CVE-2021-33328
    CVE漏洞
    CVE-2021-33328
    Cross-site scripting (XSS) vulnerability in the Asset module's edit vocabulary page in Liferay Portal 7.0.0 through 7.3.4, and Liferay DXP 7.0 before fix pack 96, 7.1 before fix pack 20, and 7.2 b ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:25 | 阅读:13 | 回复:0
  • CVE-2021-33327
    CVE漏洞
    CVE-2021-33327
    The Portlet Configuration module in Liferay Portal 7.2.0 through 7.3.3, and Liferay DXP 7.0 fix pack pack 93 and 94, 7.1 fix pack 18, and 7.2 before fix pack 8, does not properly check user permission ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:25 | 阅读:25 | 回复:0
  • CVE-2021-33326
    CVE漏洞
    CVE-2021-33326
    Cross-site scripting (XSS) vulnerability in the Frontend JS module in Liferay Portal 7.3.4 and earlier, and Liferay DXP 7.0 before fix pack 96, 7.1 before fix pack 20 and 7.2 before fix pack 9, allows ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:25 | 阅读:18 | 回复:0
  • CVE-2021-33325
    CVE漏洞
    CVE-2021-33325
    The Portal Workflow module in Liferay Portal 7.3.2 and earlier, and Liferay DXP 7.0 before fix pack 93, 7.1 before fix pack 19, and 7.2 before fix pack 7, user's clear text passwords are stored in ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:25 | 阅读:22 | 回复:0
  • CVE-2021-33324
    CVE漏洞
    CVE-2021-33324
    The Layout module in Liferay Portal 7.1.0 through 7.3.1, and Liferay DXP 7.1 before fix pack 20, and 7.2 before fix pack 5, does not properly check permission of pages, which allows remote authenticat ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:25 | 阅读:23 | 回复:0
  • CVE-2021-33323
    CVE漏洞
    CVE-2021-33323
    The Dynamic Data Mapping module in Liferay Portal 7.1.0 through 7.3.2, and Liferay DXP 7.1 before fix pack 19, and 7.2 before fix pack 7, autosaves form values for unauthenticated users, which allows ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:25 | 阅读:14 | 回复:0
  • CVE-2021-33322
    CVE漏洞
    CVE-2021-33322
    In Liferay Portal 7.3.0 and earlier, and Liferay DXP 7.0 before fix pack 96, 7.1 before fix pack 18, and 7.2 before fix pack 5, password reset tokens are not invalidated after a user changes their pas ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:25 | 阅读:19 | 回复:0
  • CVE-2021-33321
    CVE漏洞
    CVE-2021-33321
    Insecure default configuration in Liferay Portal 6.2.3 through 7.3.2, and Liferay DXP before 7.3, allows remote attackers to enumerate user email address via the forgot password functionality. The por ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:25 | 阅读:14 | 回复:0
  • CVE-2021-33320
    CVE漏洞
    CVE-2021-33320
    The Flags module in Liferay Portal 7.3.1 and earlier, and Liferay DXP 7.0 before fix pack 96, 7.1 before fix pack 20, and 7.2 before fix pack 5, does not limit the rate at which content can be flagged ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:25 | 阅读:32 | 回复:0
  • CVE-2021-32804
    CVE漏洞
    CVE-2021-32804
    The npm package tar (aka node-tar) before versions 6.1.1, 5.0.6, 4.4.14, and 3.3.2 has a arbitrary File Creation/Overwrite vulnerability due to insufficient absolute path sanitization. node-tar aims t ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:25 | 阅读:17 | 回复:0
  • CVE-2021-32803
    CVE漏洞
    CVE-2021-32803
    The npm package tar (aka node-tar) before versions 6.1.2, 5.0.7, 4.4.15, and 3.2.3 has an arbitrary File Creation/Overwrite vulnerability via insufficient symlink protection. `node-tar` aims to guaran ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:25 | 阅读:15 | 回复:0
  • CVE-2021-30564
    CVE漏洞
    CVE-2021-30564
    Heap buffer overflow in WebXR in Google Chrome prior to 91.0.4472.164 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:25 | 阅读:12 | 回复:0
  • CVE-2021-30563
    CVE漏洞
    CVE-2021-30563
    Type Confusion in V8 in Google Chrome prior to 91.0.4472.164 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:25 | 阅读:10 | 回复:0
  • CVE-2021-30562
    CVE漏洞
    CVE-2021-30562
    Use after free in WebSerial in Google Chrome prior to 91.0.4472.164 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:25 | 阅读:28 | 回复:0
  • CVE-2021-30561
    CVE漏洞
    CVE-2021-30561
    Type Confusion in V8 in Google Chrome prior to 91.0.4472.164 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:25 | 阅读:29 | 回复:0
  • CVE-2021-30560
    CVE漏洞
    CVE-2021-30560
    Use after free in Blink XSLT in Google Chrome prior to 91.0.4472.164 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:25 | 阅读:47 | 回复:0
  • CVE-2021-30559
    CVE漏洞
    CVE-2021-30559
    Out of bounds write in ANGLE in Google Chrome prior to 91.0.4472.164 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:25 | 阅读:15 | 回复:0
  • CVE-2021-30541
    CVE漏洞
    CVE-2021-30541
    Use after free in V8 in Google Chrome prior to 91.0.4472.164 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:25 | 阅读:15 | 回复:0
  • CVE-2021-36654
    CVE漏洞
    CVE-2021-36654
    CMSuno 1.7 is vulnerable to an authenticated stored cross site scripting in modifying the filename parameter (tgo) while updating the theme.……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:25 | 阅读:5 | 回复:0
  • CVE-2021-36623
    CVE漏洞
    CVE-2021-36623
    Arbitrary File Upload in Sourcecodester Phone Shop Sales Management System 1.0 enables RCE.……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:25 | 阅读:5 | 回复:0
  • CVE-2021-36622
    CVE漏洞
    CVE-2021-36622
    Sourcecodester Online Covid Vaccination Scheduler System 1.0 is affected vulnerable to Arbitrary File Upload. The admin panel has an upload function of profile photo accessible at http://localhost/sch ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:25 | 阅读:12 | 回复:0
  • CVE-2021-32018
    CVE漏洞
    CVE-2021-32018
    An issue was discovered in JUMP AMS 3.6.0.04.009-2487. The JUMP SOAP API was vulnerable to arbitrary file reading due to an improper limitation of file loading on the server filesystem, aka directory ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:25 | 阅读:17 | 回复:0
  • CVE-2021-32016
    CVE漏洞
    CVE-2021-32016
    An issue was discovered in JUMP AMS 3.6.0.04.009-2487. A JUMP SOAP endpoint permitted the writing of arbitrary files to a user-controlled location on the remote filesystem (with user-controlled conten ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:25 | 阅读:18 | 回复:0
  • CVE-2021-27942
    CVE漏洞
    CVE-2021-27942
    Vizio P65-F1 6.0.31.4-2 and E50x-E1 10.0.31.4-2 Smart TVs allow a threat actor to execute arbitrary code from a USB drive via the Smart Cast functionality, because files on the USB drive are effective ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:25 | 阅读:13 | 回复:0
  • CVE-2021-34330
    CVE漏洞
    CVE-2021-34330
    A vulnerability has been identified in JT2Go (All versions V13.2), Teamcenter Visualization (All versions V13.2). The Jt981.dll library in affected applications lacks proper validation of user-suppl ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:24 | 阅读:40 | 回复:0
  • CVE-2021-34329
    CVE漏洞
    CVE-2021-34329
    A vulnerability has been identified in JT2Go (All versions V13.2), Solid Edge SE2021 (All Versions SE2021MP5), Teamcenter Visualization (All versions V13.2). The plmxmlAdapterSE70.dll library in af ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:24 | 阅读:43 | 回复:0
  • CVE-2021-34328
    CVE漏洞
    CVE-2021-34328
    A vulnerability has been identified in JT2Go (All versions V13.2), Solid Edge SE2021 (All Versions SE2021MP5), Teamcenter Visualization (All versions V13.2). The plmxmlAdapterSE70.dll library in af ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:24 | 阅读:35 | 回复:0
  • CVE-2021-34327
    CVE漏洞
    CVE-2021-34327
    A vulnerability has been identified in JT2Go (All versions V13.2), Solid Edge SE2021 (All Versions SE2021MP5), Teamcenter Visualization (All versions V13.2). The plmxmlAdapterSE70.dll library in af ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:24 | 阅读:28 | 回复:0
  • CVE-2021-34326
    CVE漏洞
    CVE-2021-34326
    A vulnerability has been identified in JT2Go (All versions V13.2), Solid Edge SE2021 (All Versions SE2021MP5), Teamcenter Visualization (All versions V13.2). The plmxmlAdapterSE70.dll library in af ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:24 | 阅读:24 | 回复:0
  • CVE-2021-34325
    CVE漏洞
    CVE-2021-34325
    A vulnerability has been identified in JT2Go (All versions V13.2), Teamcenter Visualization (All versions V13.2). The Jt981.dll library in affected applications lacks proper validation of user-suppl ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:24 | 阅读:19 | 回复:0
  • CVE-2021-34324
    CVE漏洞
    CVE-2021-34324
    A vulnerability has been identified in JT2Go (All versions V13.2), Teamcenter Visualization (All versions V13.2). The Jt981.dll library in affected applications lacks proper validation of user-suppl ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:24 | 阅读:31 | 回复:0
  • CVE-2021-34323
    CVE漏洞
    CVE-2021-34323
    A vulnerability has been identified in JT2Go (All versions V13.2), Teamcenter Visualization (All versions V13.2). The Jt981.dll library in affected applications lacks proper validation of user-suppl ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:24 | 阅读:33 | 回复:0
  • CVE-2021-34322
    CVE漏洞
    CVE-2021-34322
    A vulnerability has been identified in JT2Go (All versions V13.2), Teamcenter Visualization (All versions V13.2). The JPEG2K_Loader.dll library in affected applications lacks proper validation of us ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:24 | 阅读:27 | 回复:0
  • CVE-2021-34321
    CVE漏洞
    CVE-2021-34321
    A vulnerability has been identified in JT2Go (All versions V13.2), Teamcenter Visualization (All versions V13.2). The VisDraw.dll library in affected applications lacks proper validation of user-sup ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:24 | 阅读:24 | 回复:0

关注我们

极客给你想要的成长

关注极客中国获取最新资讯

加入Q群 官方微博
热门推荐
More+
专题导读
More+
热门话题
More+
阅读排行榜

扫描微信二维码

查看手机版网站

随时了解更新最新资讯

139-2527-9053

在线客服(服务时间 9:00~18:00)

在线QQ客服
地址:深圳市南山区西丽大学城创智工业园
电邮:jeky_zhao#qq.com
移动电话:139-2527-9053

Powered by 互联科技 X3.4© 2001-2213 极客世界.|Sitemap