漏洞 - 第749页-OGeek|极客世界-中国程序员成长平台

OGeek|极客世界-中国程序员成长平台 › 门户 ›漏洞

漏洞

RSS

下级分类:

CVE漏洞

CVE-2021-25650

** UNSUPPORTED WHEN ASSIGNED ** A privilege escalation vulnerability was discovered in Avaya Aura Utility Services that may potentially allow a local user to execute specially crafted scripts as a pri ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:51 | 阅读：13 | 回复：0
CVE漏洞

CVE-2021-25649

** UNSUPPORTED WHEN ASSIGNED ** An information disclosure vulnerability was discovered in the directory and file management of Avaya Aura Utility Services. This vulnerability may potentially allow any ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:51 | 阅读：12 | 回复：0
CVE漏洞

CVE-2021-28800

A command injection vulnerability has been reported to affect QNAP NAS running legacy versions of QTS. If exploited, this vulnerability allows attackers to execute arbitrary commands in a compromised ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:51 | 阅读：11 | 回复：0
CVE漏洞

CVE-2021-35041

The blockchain node in FISCO-BCOS V2.7.2 may have a bug when dealing with unformatted packet and lead to a crash. A malicious node can send a packet continuously. The packet is in an incorrect format ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:51 | 阅读：7 | 回复：0
CVE漏洞

CVE-2021-32823

In the bindata RubyGem before version 2.4.10 there is a potential denial-of-service vulnerability. In affected versions it is very slow for certain classes in BinData to be created. For example BinDat ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:51 | 阅读：7 | 回复：0
CVE漏洞

CVE-2021-2322

Vulnerability in OpenGrok (component: Web App). Versions that are affected are 1.6.7 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via HTTPS to comprom ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:51 | 阅读：7 | 回复：0
CVE漏洞

CVE-2021-34071

Heap based buffer overflow in tsMuxer 2.6.16 allows attackers to cause a Denial of Service (DoS) by running the application with a crafted file.……

作者：菜鸟教程小白 | 时间：2022-2-5 10:51 | 阅读：11 | 回复：0
CVE漏洞

CVE-2021-34070

Out-of-bounds Read in tsMuxer 2.6.16 allows attackers to cause a Denial of Service (DoS) by running the application with a crafted file.……

作者：菜鸟教程小白 | 时间：2022-2-5 10:51 | 阅读：13 | 回复：0
CVE漏洞

CVE-2021-34069

Divide-by-zero bug in tsMuxer 2.6.16 allows attackers to cause a Denial of Service (DoS) by running the application with a crafted file.……

作者：菜鸟教程小白 | 时间：2022-2-5 10:51 | 阅读：10 | 回复：0
CVE漏洞

CVE-2021-34068

Heap based buffer overflow in tsMuxer 2.6.16 allows attackers to cause a Denial of Service (DoS) by running the application with a crafted file.……

作者：菜鸟教程小白 | 时间：2022-2-5 10:51 | 阅读：10 | 回复：0
CVE漏洞

CVE-2021-34067

Heap based buffer overflow in tsMuxer 2.6.16 allows attackers to cause a Denial of Service (DoS) by running the application with a crafted file.……

作者：菜鸟教程小白 | 时间：2022-2-5 10:51 | 阅读：18 | 回复：0
CVE漏洞

CVE-2021-21809

A command execution vulnerability exists in the default legacy spellchecker plugin in Moodle 3.10. A specially crafted series of HTTP requests can lead to command execution. An attacker must have admi ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:51 | 阅读：39 | 回复：0
CVE漏洞

CVE-2021-20019

A vulnerability in SonicOS where the HTTP server response leaks partial memory by sending a crafted HTTP request, this can potentially lead to an internal sensitive data disclosure vulnerability.……

作者：菜鸟教程小白 | 时间：2022-2-5 10:51 | 阅读：19 | 回复：0
CVE漏洞

CVE-2020-18660

GetSimpleCMS =3.3.15 has an open redirect in admin/changedata.php via the redirect function to the url parameter.……

作者：菜鸟教程小白 | 时间：2022-2-5 10:51 | 阅读：18 | 回复：0
CVE漏洞

CVE-2020-23962

A cross site scripting (XSS) vulnerability in Catfish CMS 4.9.90 allows attackers to execute arbitrary web scripts or HTML via a crafted payload entered into the announcement_gonggao parameter.……

作者：菜鸟教程小白 | 时间：2022-2-5 10:51 | 阅读：22 | 回复：0
CVE漏洞

CVE-2020-18659

Cross Site Scripting vulnerability in GetSimpleCMS =3.3.15 via the (1) sitename, (2) username, and (3) email parameters to /admin/setup.php……

作者：菜鸟教程小白 | 时间：2022-2-5 10:51 | 阅读：19 | 回复：0
CVE漏洞

CVE-2020-18658

Cross Site Scriptiong (XSS) vulnerability in GetSimpleCMS =3.3.15 via the timezone parameter to settings.php.……

作者：菜鸟教程小白 | 时间：2022-2-5 10:51 | 阅读：22 | 回复：0
CVE漏洞

CVE-2020-18657

Cross Site Scripting (XSS) vulnerability in GetSimpleCMS = 3.3.15 in admin/changedata.php via the redirect_url parameter and the headers_sent function.……

作者：菜鸟教程小白 | 时间：2022-2-5 10:51 | 阅读：21 | 回复：0
CVE漏洞

CVE-2021-29620

Report portal is an open source reporting and analysis framework. Starting from version 3.1.0 of the service-api XML parsing was introduced. Unfortunately the XML parser was not configured properly to ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:51 | 阅读：34 | 回复：0
CVE漏洞

CVE-2021-3526

** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Notes: none.……

作者：菜鸟教程小白 | 时间：2022-2-5 10:51 | 阅读：29 | 回复：0
CVE漏洞

CVE-2021-33624

In kernel/bpf/verifier.c in the Linux kernel before 5.12.13, a branch can be mispredicted (e.g., because of type confusion) and consequently an unprivileged BPF program can read arbitrary memory locat ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:51 | 阅读：22 | 回复：0
CVE漏洞

CVE-2021-35438

phpIPAM 1.4.3 allows Reflected XSS via app/dashboard/widgets/ipcalc-result.php and app/tools/ip-calculator/result.php of the IP calculator.……

作者：菜鸟教程小白 | 时间：2022-2-5 10:51 | 阅读：21 | 回复：0
CVE漏洞

CVE-2021-25950

** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none.……

作者：菜鸟教程小白 | 时间：2022-2-5 10:51 | 阅读：22 | 回复：0
CVE漏洞

CVE-2020-20392

SQL Injection vulnerability in imcat v5.2 via the fm parameters in coms/add_coms.php.……

作者：菜鸟教程小白 | 时间：2022-2-5 10:51 | 阅读：12 | 回复：0
CVE漏洞

CVE-2020-20391

Cross Site Scripting vulnerability in GetSimpleCMS 3.4.0a in admin/snippets.php via (1) Add Snippet and (2) Save snippets.……

作者：菜鸟教程小白 | 时间：2022-2-5 10:51 | 阅读：20 | 回复：0
CVE漏洞

CVE-2020-20389

Cross Site Scripting (XSS) vulnerability in GetSimpleCMS 3.4.0a in admin/edit.php.……

作者：菜鸟教程小白 | 时间：2022-2-5 10:51 | 阅读：24 | 回复：0
CVE漏洞

CVE-2011-2926

** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Notes: none.……

作者：菜鸟教程小白 | 时间：2022-2-5 10:51 | 阅读：19 | 回复：0
CVE漏洞

CVE-2011-1955

** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Notes: none.……

作者：菜鸟教程小白 | 时间：2022-2-5 10:51 | 阅读：23 | 回复：0
CVE漏洞

CVE-2011-1942

** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Notes: none.……

作者：菜鸟教程小白 | 时间：2022-2-5 10:51 | 阅读：40 | 回复：0
CVE漏洞

CVE-2011-1177

** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Notes: none.……

作者：菜鸟教程小白 | 时间：2022-2-5 10:51 | 阅读：23 | 回复：0
CVE漏洞

CVE-2011-0023

** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Notes: none.……

作者：菜鸟教程小白 | 时间：2022-2-5 10:51 | 阅读：21 | 回复：0
CVE漏洞

CVE-2021-28977

Cross Site Scripting vulnerability in GetSimpleCMS 3.3.16 in admin/upload.php by adding comments or jpg and other file header information to the content of xla, pages, and gzip files,……

作者：菜鸟教程小白 | 时间：2022-2-5 10:51 | 阅读：27 | 回复：0
CVE漏洞

CVE-2021-28976

Remote Code Execution vulnerability in GetSimpleCMS before 3.3.16 in admin/upload.php via phar filess.……

作者：菜鸟教程小白 | 时间：2022-2-5 10:51 | 阅读：26 | 回复：0
CVE漏洞

CVE-2021-31586

Accellion Kiteworks before 7.4.0 allows an authenticated user to perform SQL Injection via LDAPGroup Search.……

作者：菜鸟教程小白 | 时间：2022-2-5 10:51 | 阅读：21 | 回复：0
CVE漏洞

CVE-2021-31585

Accellion Kiteworks before 7.3.1 allows a user with Admin privileges to escalate their privileges by generating SSH passwords that allow local access.……

作者：菜鸟教程小白 | 时间：2022-2-5 10:51 | 阅读：17 | 回复：0
CVE漏洞

CVE-2021-21999

VMware Tools for Windows (11.x.y prior to 11.2.6), VMware Remote Console for Windows (12.x prior to 12.0.1) , VMware App Volumes (2.x prior to 2.18.10 and 4 prior to 2103) contain a local privilege es ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:51 | 阅读：20 | 回复：0
CVE漏洞

CVE-2021-21998

VMware Carbon Black App Control 8.0, 8.1, 8.5 prior to 8.5.8, and 8.6 prior to 8.6.2 has an authentication bypass. A malicious actor with network access to the VMware Carbon Black App Control manageme ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:51 | 阅读：22 | 回复：0
CVE漏洞

CVE-2021-35210

Contao 4.5.x through 4.9.x before 4.9.16, and 4.10.x through 4.11.x before 4.11.5, allows XSS. It is possible to inject code into the tl_log table that will be executed in the browser when the system ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:51 | 阅读：18 | 回复：0
CVE漏洞

CVE-2021-29087

Improper limitation of a pathname to a restricted directory ('Path Traversal') vulnerability in webapi component in Synology DiskStation Manager (DSM) before 6.2.3-25426-3 allows remote attack ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:51 | 阅读：20 | 回复：0
CVE漏洞

CVE-2021-29086

Exposure of sensitive information to an unauthorized actor vulnerability in webapi component in Synology DiskStation Manager (DSM) before 6.2.3-25426-3 allows remote attackers to obtain sensitive info ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:51 | 阅读：14 | 回复：0