漏洞 - 第747页-OGeek|极客世界-中国程序员成长平台

OGeek|极客世界-中国程序员成长平台 › 门户 ›漏洞

漏洞

RSS

下级分类:

CVE漏洞

CVE-2020-18671

Cross Site Scripting (XSS) vulnerability in Roundcube Mail =1.4.4 via smtp config in /installer/test.php.……

作者：菜鸟教程小白 | 时间：2022-2-5 10:52 | 阅读：26 | 回复：0
CVE漏洞

CVE-2020-18670

Cross Site Scripting (XSS) vulneraibility in Roundcube mail .4.4 via database host and user in /installer/test.php.……

作者：菜鸟教程小白 | 时间：2022-2-5 10:52 | 阅读：32 | 回复：0
CVE漏洞

CVE-2021-33004

The affected product is vulnerable to memory corruption condition due to lack of proper validation of user supplied files, which may allow an attacker to execute arbitrary code. User interaction is re ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:52 | 阅读：38 | 回复：0
CVE漏洞

CVE-2021-33002

Opening a maliciously crafted project file may cause an out-of-bounds write, which may allow an attacker to execute arbitrary code. User interaction is require on the WebAccess HMI Designer (versions ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:52 | 阅读：19 | 回复：0
CVE漏洞

CVE-2021-33000

Parsing a maliciously crafted project file may cause a heap-based buffer overflow, which may allow an attacker to perform arbitrary code execution. User interaction is required on the WebAccess HMI De ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:52 | 阅读：21 | 回复：0
CVE漏洞

CVE-2020-18668

Cross Site Scripting (XSS) vulnerabililty in WebPort =1.19.1 via the description parameter to script/listcalls.……

作者：菜鸟教程小白 | 时间：2022-2-5 10:52 | 阅读：23 | 回复：0
CVE漏洞

CVE-2021-32708

Flysystem is an open source file storage library for PHP. The whitespace normalisation using in 1.x and 2.x removes any unicode whitespace. Under certain specific conditions this could potentially all ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:52 | 阅读：18 | 回复：0
CVE漏洞

CVE-2021-21574

Dell BIOSConnect feature contains a buffer overflow vulnerability. An authenticated malicious admin user with local access to the system may potentially exploit this vulnerability to run arbitrary cod ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:52 | 阅读：16 | 回复：0
CVE漏洞

CVE-2021-21573

Dell BIOSConnect feature contains a buffer overflow vulnerability. An authenticated malicious admin user with local access to the system may potentially exploit this vulnerability to run arbitrary cod ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:52 | 阅读：26 | 回复：0
CVE漏洞

CVE-2021-21572

Dell BIOSConnect feature contains a buffer overflow vulnerability. An authenticated malicious admin user with local access to the system may potentially exploit this vulnerability to run arbitrary cod ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:52 | 阅读：16 | 回复：0
CVE漏洞

CVE-2021-21571

Dell UEFI BIOS https stack leveraged by the Dell BIOSConnect feature and Dell HTTPS Boot feature contains an improper certificate validation vulnerability. A remote unauthenticated attacker may exploi ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:52 | 阅读：6 | 回复：0
CVE漏洞

CVE-2020-18667

SQL Injection vulnerability in WebPort =1.19.1 via the new connection, parameter name in type-conn.……

作者：菜鸟教程小白 | 时间：2022-2-5 10:52 | 阅读：14 | 回复：0
CVE漏洞

CVE-2021-33346

There is an arbitrary password modification vulnerability in a D-LINK DSL-2888A router product. An attacker can use this vulnerability to modify the password of the admin user without authorization.……

作者：菜鸟教程小白 | 时间：2022-2-5 10:52 | 阅读：10 | 回复：0
CVE漏洞

CVE-2021-32704

DHIS 2 is an information system for data capture, management, validation, analytics and visualization. A SQL injection security vulnerability has been found in specific versions of DHIS2. This vulnera ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:52 | 阅读：6 | 回复：0
CVE漏洞

CVE-2021-31649

In applications using jfinal 4.9.08 and below, there is a deserialization vulnerability when using redis,may be vulnerable to remote code execute……

作者：菜鸟教程小白 | 时间：2022-2-5 10:52 | 阅读：15 | 回复：0
CVE漏洞

CVE-2020-21786

In IBOS 4.5.4 Open, Arbitrary File Inclusion causes getshell via /system/modules/dashboard/controllers/CronController.php.……

作者：菜鸟教程小白 | 时间：2022-2-5 10:52 | 阅读：7 | 回复：0
CVE漏洞

CVE-2020-21785

In IBOS 4.5.4 Open, the database backup has Command Injection Vulnerability.……

作者：菜鸟教程小白 | 时间：2022-2-5 10:52 | 阅读：13 | 回复：0
CVE漏洞

CVE-2020-21784

phpwcms 1.9.13 is vulnerable to Code Injection via /phpwcms/setup/setup.php.……

作者：菜鸟教程小白 | 时间：2022-2-5 10:52 | 阅读：10 | 回复：0
CVE漏洞

CVE-2020-21783

In IBOS 4.5.4 the email function has a cross site scripting (XSS) vulnerability in emailbody parameter.……

作者：菜鸟教程小白 | 时间：2022-2-5 10:52 | 阅读：10 | 回复：0
CVE漏洞

CVE-2020-18666

** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2020-18664. Reason: This candidate is a duplicate of CVE-2020-18664. Notes: All CVE users should reference CVE-2020-18664 instead of this ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:52 | 阅读：9 | 回复：0
CVE漏洞

CVE-2020-18665

Directory Traversal vulnerability in WebPort =1.19.1 in tags of system settings.……

作者：菜鸟教程小白 | 时间：2022-2-5 10:52 | 阅读：16 | 回复：0
CVE漏洞

CVE-2020-18664

Cross Site Scripting (XSS) vulnerability in WebPort =1.19.1via the connection name parameter in type-conn.……

作者：菜鸟教程小白 | 时间：2022-2-5 10:52 | 阅读：14 | 回复：0
CVE漏洞

CVE-2020-18663

Cross Site Scripting (XSS) vulnerability in gnuboard5 =v5.3.2.8 via the act parameter in bbs/move_update.php.……

作者：菜鸟教程小白 | 时间：2022-2-5 10:52 | 阅读：13 | 回复：0
CVE漏洞

CVE-2020-18662

SQL Injection vulnerability in gnuboard5 =v5.3.2.8 via the table_prefix parameter in install_db.php.……

作者：菜鸟教程小白 | 时间：2022-2-5 10:52 | 阅读：25 | 回复：0
CVE漏洞

CVE-2021-33348

An issue was discovered in JFinal framework v4.9.10 and below. The set method of the Controller class of jfinal framework is not strictly filtered, which will lead to XSS vulnerabilities in some cases ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:52 | 阅读：30 | 回复：0
CVE漏洞

CVE-2021-23398

All versions of package react-bootstrap-table are vulnerable to Cross-site Scripting (XSS) via the dataFormat parameter. The problem is triggered when an invalid React element is returned, leading to ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:52 | 阅读：16 | 回复：0
CVE漏洞

CVE-2020-21788

In CRMEB 3.1.0+ strict domain name filtering leads to SSRF(Server-Side Request Forgery). The vulnerable code is in file /crmeb/app/admin/controller/store/CopyTaobao.php.……

作者：菜鸟教程小白 | 时间：2022-2-5 10:52 | 阅读：25 | 回复：0
CVE漏洞

CVE-2020-21787

CRMEB 3.1.0+ is vulnerable to File Upload Getshell via /crmeb/crmeb/services/UploadService.php.……

作者：菜鸟教程小白 | 时间：2022-2-5 10:52 | 阅读：10 | 回复：0
CVE漏洞

CVE-2020-18661

Cross Site Scripting (XSS) vulnerability in gnuboard5 =v5.3.2.8 via the url parameter to bbs/login.php.……

作者：菜鸟教程小白 | 时间：2022-2-5 10:52 | 阅读：6 | 回复：0
CVE漏洞

CVE-2021-29968

When drawing text onto a canvas with WebRender disabled, an out of bounds read could occur. *This bug only affects Firefox on Windows. Other operating systems are unaffected.*. This vulnerability affe ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:51 | 阅读：7 | 回复：0
CVE漏洞

CVE-2021-29967

Mozilla developers reported memory safety bugs present in Firefox 88 and Firefox ESR 78.11. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:51 | 阅读：20 | 回复：0
CVE漏洞

CVE-2021-29966

Mozilla developers reported memory safety bugs present in Firefox 88. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been explo ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:51 | 阅读：11 | 回复：0
CVE漏洞

CVE-2021-29965

A malicious website that causes an HTTP Authentication dialog to be spawned could trick the built-in password manager to suggest passwords for the currently active website instead of the website that ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:51 | 阅读：11 | 回复：0
CVE漏洞

CVE-2021-29964

A locally-installed hostile program could send `WM_COPYDATA` messages that Firefox would process incorrectly, leading to an out-of-bounds read. *This bug only affects Firefox on Windows. Other operati ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:51 | 阅读：11 | 回复：0
CVE漏洞

CVE-2021-29963

Address bar search suggestions in private browsing mode were re-using session data from normal mode. *This bug only affects Firefox for Android. Other operating systems are unaffected.*. This vulnerab ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:51 | 阅读：13 | 回复：0
CVE漏洞

CVE-2021-29962

Firefox for Android would become unstable and hard-to-recover when a website opened too many popups. *This bug only affects Firefox for Android. Other operating systems are unaffected.*. This vulnerab ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:51 | 阅读：6 | 回复：0
CVE漏洞

CVE-2021-29961

When styling and rendering an oversized `select` element, Firefox did not apply correct clipping which allowed an attacker to paint over the user interface. This vulnerability affects Firefox 89.……

作者：菜鸟教程小白 | 时间：2022-2-5 10:51 | 阅读：15 | 回复：0
CVE漏洞

CVE-2021-29960

Firefox used to cache the last filename used for printing a file. When generating a filename for printing, Firefox usually suggests the web page title. The caching and suggestion techniques combined m ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:51 | 阅读：8 | 回复：0
CVE漏洞

CVE-2021-29959

When a user has already allowed a website to access microphone and camera, disabling camera sharing would not fully prevent the website from re-enabling it without an additional prompt. This was only ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:51 | 阅读：15 | 回复：0
CVE漏洞

CVE-2021-29958

When a download was initiated, the client did not check whether it was in normal or private browsing mode, which led to private mode cookies being shared in normal browsing mode. This vulnerability af ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:51 | 阅读：28 | 回复：0