• 设为首页
  • 点击收藏
  • 手机版
    手机扫一扫访问
    迪恩网络手机版
  • 关注官方公众号
    微信扫一扫关注
    迪恩网络公众号
登陆 注册
描述文字
OGeek|极客世界-中国程序员成长平台 门户 漏洞

漏洞

RSS

下级分类:

  • CVE-2021-34387
    CVE漏洞
    CVE-2021-34387
    The ARM TrustZone Technology on which Trusty is based on contains a vulnerability in access permission settings where the portion of the DRAM reserved for TrustZone is identity-mapped by TLK with read ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:50 | 阅读:8 | 回复:0
  • CVE-2021-34386
    CVE漏洞
    CVE-2021-34386
    Trusty TLK contains a vulnerability in the NVIDIA TLK kernel where an integer overflow in the calloc size calculation can cause the multiplication of count and size can overflow, which might lead to h ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:50 | 阅读:9 | 回复:0
  • CVE-2021-32698
    CVE漏洞
    CVE-2021-32698
    eLabFTW is an open source electronic lab notebook for research labs. This vulnerability allows an attacker to make GET requests on behalf of the server. It is blind because the attacker cannot see the ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:50 | 阅读:14 | 回复:0
  • CVE-2021-35066
    CVE漏洞
    CVE-2021-35066
    An XXE vulnerability exists in ConnectWise Automate before 2021.0.6.132.……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:50 | 阅读:16 | 回复:0
  • CVE-2021-29063
    CVE漏洞
    CVE-2021-29063
    A Regular Expression Denial of Service (ReDOS) vulnerability was discovered in Mpmath v1.0.0 when the mpmathify function is called.……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:50 | 阅读:14 | 回复:0
  • CVE-2021-29061
    CVE漏洞
    CVE-2021-29061
    A Regular Expression Denial of Service (ReDOS) vulnerability was discovered in Vfsjfilechooser2 version 0.2.9 and below which occurs when the application attempts to validate crafted URIs.……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:50 | 阅读:8 | 回复:0
  • CVE-2021-24383
    CVE漏洞
    CVE-2021-24383
    The WP Google Maps WordPress plugin before 8.1.12 did not sanitise, validate of escape the Map Name when output in the Map List of the admin dashboard, leading to an authenticated Stored Cross-Site Sc ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:50 | 阅读:10 | 回复:0
  • CVE-2021-24379
    CVE漏洞
    CVE-2021-24379
    The Comments Like Dislike WordPress plugin before 1.1.4 allows users to like/dislike posted comments, however does not prevent them from replaying the AJAX request to add a like. This allows any user ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:50 | 阅读:6 | 回复:0
  • CVE-2021-24378
    CVE漏洞
    CVE-2021-24378
    The Autoptimize WordPress plugin before 2.7.8 does not check for malicious files such as .html in the archive uploaded via the 'Import Settings' feature. As a result, it is possible for a high ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:50 | 阅读:5 | 回复:0
  • CVE-2021-24377
    CVE漏洞
    CVE-2021-24377
    The Autoptimize WordPress plugin before 2.7.8 attempts to remove potential malicious files from the extracted archive uploaded via the 'Import Settings' feature, however this is not sufficient ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:50 | 阅读:5 | 回复:0
  • CVE-2021-24376
    CVE漏洞
    CVE-2021-24376
    The Autoptimize WordPress plugin before 2.7.8 attempts to delete malicious files (such as .php) form the uploaded archive via the Import Settings feature, after its extraction. However, the extracted ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:50 | 阅读:5 | 回复:0
  • CVE-2021-24374
    CVE漏洞
    CVE-2021-24374
    The Jetpack Carousel module of the JetPack WordPress plugin before 9.8 allows users to create a carousel type image gallery and allows users to comment on the images. A security vulnerability was foun ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:50 | 阅读:9 | 回复:0
  • CVE-2021-24373
    CVE漏洞
    CVE-2021-24373
    The WP Hardening – Fix Your WordPress Security WordPress plugin before 1.2.2 did not sanitise or escape the historyvalue GET parameter before outputting it in a Javascript block, leading to a ref ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:50 | 阅读:14 | 回复:0
  • CVE-2021-24372
    CVE漏洞
    CVE-2021-24372
    The WP Hardening – Fix Your WordPress Security WordPress plugin before 1.2.2 did not sanitise or escape the $_SERVER before outputting it in an attribute, leading to a reflected Cross-Site Script ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:50 | 阅读:5 | 回复:0
  • CVE-2021-24370
    CVE漏洞
    CVE-2021-24370
    The Fancy Product Designer WordPress plugin before 4.6.9 allows unauthenticated attackers to upload arbitrary files, resulting in remote code execution.……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:50 | 阅读:15 | 回复:0
  • CVE-2021-24369
    CVE漏洞
    CVE-2021-24369
    In the GetPaid WordPress plugin before 2.3.4, users with the contributor role and above can create a new Payment Form, however the Label and Help Text input fields were not getting sanitized properly. ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:50 | 阅读:10 | 回复:0
  • CVE-2021-24367
    CVE漏洞
    CVE-2021-24367
    The WP Config File Editor WordPress plugin through 1.7.1 was affected by an Authenticated Stored Cross-Site Scripting (XSS) vulnerability.……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:50 | 阅读:8 | 回复:0
  • CVE-2021-24366
    CVE漏洞
    CVE-2021-24366
    The Admin Columns Free WordPress plugin before 4.3 and Admin Columns Pro WordPress plugin before 5.5.1, rendered input on the posted pages with improper input validation on the value passed into the f ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:50 | 阅读:15 | 回复:0
  • CVE-2021-24364
    CVE漏洞
    CVE-2021-24364
    The Jannah WordPress theme before 5.4.4 did not properly sanitize the options JSON parameter in its tie_get_user_weather AJAX action before outputting it back in the page, leading to a Reflected Cross ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:50 | 阅读:14 | 回复:0
  • CVE-2021-24361
    CVE漏洞
    CVE-2021-24361
    In the Location Manager WordPress plugin before 2.1.0.10, the AJAX action gd_popular_location_list did not properly sanitise or validate some of its POST parameters, which are then used in a SQL state ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:50 | 阅读:12 | 回复:0
  • CVE-2021-24339
    CVE漏洞
    CVE-2021-24339
    The Pods – Custom Content Types and Fields WordPress plugin before 2.7.27 was vulnerable to an Authenticated Stored Cross-Site Scripting (XSS) security vulnerability within the 'Menu Label&#3 ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:50 | 阅读:11 | 回复:0
  • CVE-2021-24338
    CVE漏洞
    CVE-2021-24338
    The Pods – Custom Content Types and Fields WordPress plugin before 2.7.27 was vulnerable to an Authenticated Stored Cross-Site Scripting (XSS) security vulnerability within the 'Singular Labe ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:50 | 阅读:9 | 回复:0
  • CVE-2020-27511
    CVE漏洞
    CVE-2020-27511
    An issue was discovered in the stripTags and unescapeHTML components in Prototype 1.7.3 where an attacker can cause a Regular Expression Denial of Service (ReDOS) through stripping crafted HTML tags.……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:50 | 阅读:6 | 回复:0
  • CVE-2021-32697
    CVE漏洞
    CVE-2021-32697
    neos/forms is an open source framework to build web forms. By crafting a special `GET` request containing a valid form state, a form can be submitted without invoking any validators. Form state is sec ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:50 | 阅读:17 | 回复:0
  • CVE-2021-21422
    CVE漏洞
    CVE-2021-21422
    mongo-express is a web-based MongoDB admin interface, written with Node.js and express. 1: As mentioned in this issue: https://github.com/mongo-express/mongo-express/issues/577, when the content of a ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:50 | 阅读:12 | 回复:0
  • CVE-2020-19511
    CVE漏洞
    CVE-2020-19511
    Cross Site Scriptiong vulnerability in Typesetter 5.1 via the !1) className and !2) Description fields in index.php/Admin/Classes,……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:50 | 阅读:13 | 回复:0
  • CVE-2020-19510
    CVE漏洞
    CVE-2020-19510
    Textpattern 4.7.3 contains an aribtrary file load via the file_insert function in include/txp_file.php.……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:50 | 阅读:14 | 回复:0
  • CVE-2021-26461
    CVE漏洞
    CVE-2021-26461
    Apache Nuttx Versions prior to 10.1.0 are vulnerable to integer wrap-around in functions malloc, realloc and memalign. This improper memory assignment can lead to arbitrary memory allocation, resultin ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:50 | 阅读:18 | 回复:0
  • CVE-2021-0533
    CVE漏洞
    CVE-2021-0533
    In memory management driver, there is a possible memory corruption due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User intera ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:50 | 阅读:16 | 回复:0
  • CVE-2021-0532
    CVE漏洞
    CVE-2021-0532
    In memory management driver, there is a possible memory corruption due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User intera ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:50 | 阅读:10 | 回复:0
  • CVE-2021-0531
    CVE漏洞
    CVE-2021-0531
    In memory management driver, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User intera ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:50 | 阅读:13 | 回复:0
  • CVE-2021-0530
    CVE漏洞
    CVE-2021-0530
    In memory management driver, there is a possible out of bounds write due to uninitialized data. This could lead to local escalation of privilege with no additional execution privileges needed. User in ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:50 | 阅读:14 | 回复:0
  • CVE-2021-0529
    CVE漏洞
    CVE-2021-0529
    In memory management driver, there is a possible memory corruption due to improper locking. This could lead to local escalation of privilege with no additional execution privileges needed. User intera ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:50 | 阅读:6 | 回复:0
  • CVE-2021-0528
    CVE漏洞
    CVE-2021-0528
    In memory management driver, there is a possible memory corruption due to a double free. This could lead to local escalation of privilege with no additional execution privileges needed. User interacti ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:50 | 阅读:13 | 回复:0
  • CVE-2021-0527
    CVE漏洞
    CVE-2021-0527
    In memory management driver, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User intera ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:50 | 阅读:10 | 回复:0
  • CVE-2021-0526
    CVE漏洞
    CVE-2021-0526
    In memory management driver, there is a possible out of bounds write due to uninitialized data. This could lead to local escalation of privilege with no additional execution privileges needed. User in ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:50 | 阅读:8 | 回复:0
  • CVE-2021-0525
    CVE漏洞
    CVE-2021-0525
    In memory management driver, there is a possible out of bounds write due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User inte ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:50 | 阅读:10 | 回复:0
  • CVE-2021-0523
    CVE漏洞
    CVE-2021-0523
    In onCreate of WifiScanModeActivity.java, there is a possible way to enable Wi-Fi scanning without user consent due to a tapjacking/overlay attack. This could lead to local escalation of privilege wit ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:50 | 阅读:15 | 回复:0
  • CVE-2021-0522
    CVE漏洞
    CVE-2021-0522
    In ConnectionHandler::SdpCb of connection_handler.cc, there is a possible out of bounds read due to a use after free. This could lead to remote information disclosure with no additional execution priv ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:50 | 阅读:20 | 回复:0
  • CVE-2021-0521
    CVE漏洞
    CVE-2021-0521
    In getAllPackages of PackageManagerService, there is a possible information disclosure due to a missing permission check. This could lead to local information disclosure of cross-user permissions with ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:50 | 阅读:14 | 回复:0

关注我们

极客给你想要的成长

关注极客中国获取最新资讯

加入Q群 官方微博
热门推荐
More+
专题导读
More+
热门话题
More+
阅读排行榜

扫描微信二维码

查看手机版网站

随时了解更新最新资讯

139-2527-9053

在线客服(服务时间 9:00~18:00)

在线QQ客服
地址:深圳市南山区西丽大学城创智工业园
电邮:jeky_zhao#qq.com
移动电话:139-2527-9053

Powered by 互联科技 X3.4© 2001-2213 极客世界.|Sitemap