漏洞 - 第739页-OGeek|极客世界-中国程序员成长平台

OGeek|极客世界-中国程序员成长平台 › 门户 ›漏洞

漏洞

RSS

下级分类:

CVE漏洞

CVE-2021-32730

XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. A cross-site request forgery vulnerability exists in versions prior to 12.10.5, and in versions ...……

作者：菜鸟教程小白 | 时间：2022-2-5 11:21 | 阅读：11 | 回复：0
CVE漏洞

CVE-2021-32729

XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. A vulnerability exists in versions prior to 12.6.88, 12.10.4, and 13.0. The script service meth ...……

作者：菜鸟教程小白 | 时间：2022-2-5 11:21 | 阅读：12 | 回复：0
CVE漏洞

CVE-2020-4935

IBM Datacap Fastdoc Capture (IBM Datacap Navigator 9.1.7 ) is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the int ...……

作者：菜鸟教程小白 | 时间：2022-2-5 11:21 | 阅读：9 | 回复：0
CVE漏洞

CVE-2020-4902

IBM Datacap Taskmaster Capture (IBM Datacap Navigator 9.1.7) is vulnerable to SQL injection. A remote attacker could send specially crafted SQL statements, which could allow the attacker to view, add, ...……

作者：菜鸟教程小白 | 时间：2022-2-5 11:21 | 阅读：12 | 回复：0
CVE漏洞

CVE-2020-27362

An issue exists within the SSH console of Akkadian Provisioning Manager 4.50.02 which allows a low-level privileged user to escape the web configuration file editor and escalate privileges.……

作者：菜鸟教程小白 | 时间：2022-2-5 11:21 | 阅读：7 | 回复：0
CVE漏洞

CVE-2020-27361

An issue exists within Akkadian Provisioning Manager 4.50.02 which allows attackers to view sensitive information within the /pme subdirectories.……

作者：菜鸟教程小白 | 时间：2022-2-5 11:21 | 阅读：5 | 回复：0
CVE漏洞

CVE-2021-28424

A stored cross-site scripting (XSS) vulnerability in Teachers Record Management System 1.0 allows remote authenticated users to inject arbitrary web script or HTML via the 'email' POST paramet ...……

作者：菜鸟教程小白 | 时间：2022-2-5 11:21 | 阅读：15 | 回复：0
CVE漏洞

CVE-2021-28423

Multiple SQL Injection vulnerabilities in Teachers Record Management System 1.0 allow remote authenticated users to execute arbitrary SQL commands via the 'editid' GET parameter in edit-subjec ...……

作者：菜鸟教程小白 | 时间：2022-2-5 11:21 | 阅读：10 | 回复：0
CVE漏洞

CVE-2021-28127

An issue was discovered in Stormshield SNS through 4.2.1. A brute-force attack can occur.……

作者：菜鸟教程小白 | 时间：2022-2-5 11:21 | 阅读：20 | 回复：0
CVE漏洞

CVE-2021-35337

Sourcecodester Phone Shop Sales Managements System 1.0 is vulnerable to Insecure Direct Object Reference (IDOR). Any attacker will be able to see the invoices of different users by changing the id par ...……

作者：菜鸟教程小白 | 时间：2022-2-5 11:21 | 阅读：17 | 回复：0
CVE漏洞

CVE-2021-27661

Successful exploitation of this vulnerability could give an authenticated Facility Explorer SNC Series Supervisory Controller (F4-SNC) user an unintended level of access to the controller’s file syst ...……

作者：菜鸟教程小白 | 时间：2022-2-5 11:21 | 阅读：7 | 回复：0
CVE漏洞

CVE-2021-27660

An insecure client auto update feature in C-CURE 9000 can allow remote execution of lower privileged Windows programs.……

作者：菜鸟教程小白 | 时间：2022-2-5 11:21 | 阅读：7 | 回复：0
CVE漏洞

CVE-2021-35336

Tieline IP Audio Gateway 2.6.4.8 and below is affected by Incorrect Access Control. A vulnerability in the Tieline Web Administrative Interface could allow an unauthenticated user to access a sensitiv ...……

作者：菜鸟教程小白 | 时间：2022-2-5 11:21 | 阅读：5 | 回复：0
CVE漏洞

CVE-2021-27477

When JTEKT Corporation TOYOPUC PLC versions PC10G-CPU, 2PORT-EFR, Plus CPU, Plus EX, Plus EX2, Plus EFR, Plus EFR2, Plus 2P-EFR, PC10P-DP, PC10P-DP-IO, Plus BUS-EX, Nano 10GX, Nano 2ET,PC10PE, PC10PE- ...……

作者：菜鸟教程小白 | 时间：2022-2-5 11:21 | 阅读：14 | 回复：0
CVE漏洞

CVE-2021-31813

Zoho ManageEngine Applications Manager before 15130 is vulnerable to Stored XSS while importing malicious user details (e.g., a crafted user name) from AD.……

作者：菜鸟教程小白 | 时间：2022-2-5 11:21 | 阅读：12 | 回复：0
CVE漏洞

CVE-2021-22344

There is an Improper Access Control vulnerability in Huawei Smartphone. Successful exploitation of this vulnerability may cause temporary DoS.……

作者：菜鸟教程小白 | 时间：2022-2-5 11:21 | 阅读：17 | 回复：0
CVE漏洞

CVE-2021-22343

There is a Configuration Defect vulnerability in Huawei Smartphone. Successful exploitation of this vulnerability may affect service integrity and availability.……

作者：菜鸟教程小白 | 时间：2022-2-5 11:21 | 阅读：8 | 回复：0
CVE漏洞

CVE-2020-9158

There is a Missing Cryptographic Step vulnerability in Huawei Smartphone. Successful exploitation of this vulnerability may cause DoS of Samgr.……

作者：菜鸟教程小白 | 时间：2022-2-5 11:21 | 阅读：9 | 回复：0
CVE漏洞

CVE-2021-22347

There is an Improper Access Control vulnerability in Huawei Smartphone. Successful exploitation of this vulnerability may cause temporary DoS.……

作者：菜鸟教程小白 | 时间：2022-2-5 11:21 | 阅读：6 | 回复：0
CVE漏洞

CVE-2021-20778

Improper access control vulnerability in EC-CUBE 4.0.6 (EC-CUBE 4 series) allows a remote attacker to bypass access restriction and obtain sensitive information via unspecified vectors.……

作者：菜鸟教程小白 | 时间：2022-2-5 11:21 | 阅读：4 | 回复：0
CVE漏洞

CVE-2021-20752

Cross-site scripting vulnerability in IkaIka RSS Reader all versions allows a remote attacker to inject an arbitrary script via unspecified vectors.……

作者：菜鸟教程小白 | 时间：2022-2-5 11:21 | 阅读：18 | 回复：0
CVE漏洞

CVE-2021-36089

Grok 7.6.6 through 9.2.0 has a heap-based buffer overflow in grk::FileFormatDecompress::apply_palette_clr (called from grk::FileFormatDecompress::applyColour).……

作者：菜鸟教程小白 | 时间：2022-2-5 10:53 | 阅读：66 | 回复：0
CVE漏洞

CVE-2021-36088

Fluent Bit (aka fluent-bit) 1.7.0 through 1.7,4 has a double free in flb_free (called from flb_parser_json_do and flb_parser_do).……

作者：菜鸟教程小白 | 时间：2022-2-5 10:53 | 阅读：63 | 回复：0
CVE漏洞

CVE-2021-36087

The CIL compiler in SELinux 3.2 has a heap-based buffer over-read in ebitmap_match_any (called indirectly from cil_check_neverallow). This occurs because there is sometimes a lack of checks for invali ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:53 | 阅读：61 | 回复：0
CVE漏洞

CVE-2021-36086

The CIL compiler in SELinux 3.2 has a use-after-free in cil_reset_classpermission (called from cil_reset_classperms_set and cil_reset_classperms_list).……

作者：菜鸟教程小白 | 时间：2022-2-5 10:53 | 阅读：48 | 回复：0
CVE漏洞

CVE-2021-36085

The CIL compiler in SELinux 3.2 has a use-after-free in __cil_verify_classperms (called from __verify_map_perm_classperms and hashtab_map).……

作者：菜鸟教程小白 | 时间：2022-2-5 10:53 | 阅读：53 | 回复：0
CVE漏洞

CVE-2021-36084

The CIL compiler in SELinux 3.2 has a use-after-free in __cil_verify_classperms (called from __cil_verify_classpermission and __cil_pre_verify_helper).……

作者：菜鸟教程小白 | 时间：2022-2-5 10:53 | 阅读：61 | 回复：0
CVE漏洞

CVE-2021-36083

KDE KImageFormats 5.70.0 through 5.81.0 has a stack-based buffer overflow in XCFImageFormat::loadTileRLE.……

作者：菜鸟教程小白 | 时间：2022-2-5 10:53 | 阅读：38 | 回复：0
CVE漏洞

CVE-2021-36082

ntop nDPI 3.4 has a stack-based buffer overflow in processClientServerHello.……

作者：菜鸟教程小白 | 时间：2022-2-5 10:53 | 阅读：37 | 回复：0
CVE漏洞

CVE-2021-36081

Tesseract OCR 5.0.0-alpha-20201231 has a one_ell_conflict use-after-free during a strpbrk call.……

作者：菜鸟教程小白 | 时间：2022-2-5 10:53 | 阅读：52 | 回复：0
CVE漏洞

CVE-2021-36080

GNU LibreDWG 0.12.3.4163 through 0.12.3.4191 has a double-free in bit_chain_free (called from dwg_encode_MTEXT and dwg_encode_add_object).……

作者：菜鸟教程小白 | 时间：2022-2-5 10:53 | 阅读：46 | 回复：0
CVE漏洞

CVE-2020-36407

libavif 0.8.0 and 0.8.1 has an out-of-bounds write in avifDecoderDataFillImageGrid.……

作者：菜鸟教程小白 | 时间：2022-2-5 10:53 | 阅读：39 | 回复：0
CVE漏洞

CVE-2020-36406

** DISPUTED ** uWebSockets 18.11.0 and 18.12.0 has a stack-based buffer overflow in uWS::TopicTree::trimTree (called from uWS::TopicTree::unsubscribeAll). NOTE: the vendor's position is that this ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:53 | 阅读：21 | 回复：0
CVE漏洞

CVE-2020-36405

Keystone Engine 0.9.2 has a use-after-free in llvm_ks::X86Operand::getToken.……

作者：菜鸟教程小白 | 时间：2022-2-5 10:53 | 阅读：41 | 回复：0
CVE漏洞

CVE-2020-36404

Keystone Engine 0.9.2 has an invalid free in llvm_ks::SmallVectorImplllvm_ks::MCFixup::~SmallVectorImpl.……

作者：菜鸟教程小白 | 时间：2022-2-5 10:53 | 阅读：32 | 回复：0
CVE漏洞

CVE-2020-36403

HTSlib 1.10 through 1.10.2 allows out-of-bounds write access in vcf_parse_format (called from vcf_parse and vcf_read).……

作者：菜鸟教程小白 | 时间：2022-2-5 10:53 | 阅读：34 | 回复：0
CVE漏洞

CVE-2020-36402

Solidity 0.7.5 has a stack-use-after-return issue in smtutil::CHCSmtLib2Interface::querySolver. NOTE: c39a5e2b7a3fabbf687f53a2823fc087be6c1a7e is cited in the OSV fixed field but does not have a code ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:53 | 阅读：31 | 回复：0
CVE漏洞

CVE-2020-36401

mruby 2.1.2 has a double free in mrb_default_allocf (called from mrb_free and obj_free).……

作者：菜鸟教程小白 | 时间：2022-2-5 10:53 | 阅读：37 | 回复：0
CVE漏洞

CVE-2020-36400

ZeroMQ libzmq 4.3.3 has a heap-based buffer overflow in zmq::tcp_read, a different vulnerability than CVE-2021-20235.……

作者：菜鸟教程小白 | 时间：2022-2-5 10:53 | 阅读：51 | 回复：0
CVE漏洞

CVE-2019-25049

LibreSSL 2.9.1 through 3.2.1 has an out-of-bounds read in asn1_item_print_ctx (called from asn1_template_print_ctx).……

作者：菜鸟教程小白 | 时间：2022-2-5 10:53 | 阅读：43 | 回复：0