漏洞 - 第755页-OGeek|极客世界-中国程序员成长平台

OGeek|极客世界-中国程序员成长平台 › 门户 ›漏洞

漏洞

RSS

下级分类:

CVE漏洞

CVE-2020-20470

White Shark System (WSS) 1.3.2 has web site physical path leakage vulnerability.……

作者：菜鸟教程小白 | 时间：2022-2-5 10:50 | 阅读：13 | 回复：0
CVE漏洞

CVE-2020-20469

White Shark System (WSS) 1.3.2 has a SQL injection vulnerability. The vulnerability stems from the log_edit.php files failing to filter the csa_to_user parameter, remote attackers can exploit the vuln ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:50 | 阅读：16 | 回复：0
CVE漏洞

CVE-2020-20468

White Shark System (WSS) 1.3.2 is vulnerable to CSRF. Attackers can use the user_edit_password.php file to modify the user password.……

作者：菜鸟教程小白 | 时间：2022-2-5 10:50 | 阅读：27 | 回复：0
CVE漏洞

CVE-2020-20467

White Shark System (WSS) 1.3.2 is vulnerable to sensitive information disclosure via default_task_add.php, remote attackers can exploit the vulnerability to create a task.……

作者：菜鸟教程小白 | 时间：2022-2-5 10:50 | 阅读：17 | 回复：0
CVE漏洞

CVE-2020-20466

White Shark System (WSS) 1.3.2 is vulnerable to unauthorized access via user_edit_password.php, remote attackers can modify the password of any user.……

作者：菜鸟教程小白 | 时间：2022-2-5 10:50 | 阅读：11 | 回复：0
CVE漏洞

CVE-2021-24368

The Quiz And Survey Master â€“ Best Quiz, Exam and Survey Plugin WordPress plugin before 7.1.18 did not sanitise or escape its result_id parameter when displaying an existing quiz result page, lead ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:50 | 阅读：10 | 回复：0
CVE漏洞

CVE-2021-33186

SerenityOS in test-crypto.cpp contains a stack buffer overflow which could allow attackers to obtain sensitive information.……

作者：菜鸟教程小白 | 时间：2022-2-5 10:50 | 阅读：8 | 回复：0
CVE漏洞

CVE-2021-33185

SerenityOS contains a buffer overflow in the set_range test in TestBitmap which could allow attackers to obtain sensitive information.……

作者：菜鸟教程小白 | 时间：2022-2-5 10:50 | 阅读：11 | 回复：0
CVE漏洞

CVE-2021-31664

RIOT-OS 2021.01 before commit 44741ff99f7a71df45420635b238b9c22093647a contains a buffer overflow which could allow attackers to obtain sensitive information.……

作者：菜鸟教程小白 | 时间：2022-2-5 10:50 | 阅读：12 | 回复：0
CVE漏洞

CVE-2021-31663

RIOT-OS 2021.01 before commit bc59d60be60dfc0a05def57d74985371e4f22d79 contains a buffer overflow which could allow attackers to obtain sensitive information.……

作者：菜鸟教程小白 | 时间：2022-2-5 10:50 | 阅读：19 | 回复：0
CVE漏洞

CVE-2021-31662

RIOT-OS 2021.01 before commit 07f1254d8537497552e7dce80364aaead9266bbe contains a buffer overflow which could allow attackers to obtain sensitive information.……

作者：菜鸟教程小白 | 时间：2022-2-5 10:50 | 阅读：9 | 回复：0
CVE漏洞

CVE-2021-31661

RIOT-OS 2021.01 before commit 609c9ada34da5546cffb632a98b7ba157c112658 contains a buffer overflow that could allow attackers to obtain sensitive information.……

作者：菜鸟教程小白 | 时间：2022-2-5 10:50 | 阅读：11 | 回复：0
CVE漏洞

CVE-2021-31660

RIOT-OS 2021.01 before commit 85da504d2dc30188b89f44c3276fc5a25b31251f contains a buffer overflow which could allow attackers to obtain sensitive information.……

作者：菜鸟教程小白 | 时间：2022-2-5 10:50 | 阅读：10 | 回复：0
CVE漏洞

CVE-2021-31272

SerenityOS before commit 3844e8569689dd476064a0759d704bc64fb3ca2c contains a directory traversal vulnerability in tar/unzip that may lead to command execution or privilege escalation.……

作者：菜鸟教程小白 | 时间：2022-2-5 10:50 | 阅读：15 | 回复：0
CVE漏洞

CVE-2021-21410

Contiki-NG is an open-source, cross-platform operating system for Next-Generation IoT devices. An out-of-bounds read can be triggered by 6LoWPAN packets sent to devices running Contiki-NG 4.6 and prio ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:50 | 阅读：20 | 回复：0
CVE漏洞

CVE-2021-21281

Contiki-NG is an open-source, cross-platform operating system for internet of things devices. A buffer overflow vulnerability exists in Contiki-NG versions prior to 4.6. After establishing a TCP socke ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:50 | 阅读：13 | 回复：0
CVE漏洞

CVE-2021-21280

Contiki-NG is an open-source, cross-platform operating system for internet of things devices. It is possible to cause an out-of-bounds write in versions of Contiki-NG prior to 4.6 when transmitting a ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:50 | 阅读：11 | 回复：0
CVE漏洞

CVE-2021-21279

Contiki-NG is an open-source, cross-platform operating system for internet of things devices. In verions prior to 4.6, an attacker can perform a denial-of-service attack by triggering an infinite loop ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:50 | 阅读：17 | 回复：0
CVE漏洞

CVE-2021-21257

Contiki-NG is an open-source, cross-platform operating system for internet of things devices. The RPL-Classic and RPL-Lite implementations in the Contiki-NG operating system versions prior to 4.6 do n ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:50 | 阅读：32 | 回复：0
CVE漏洞

CVE-2021-33824

An issue was discovered on MOXA Mgate MB3180 Version 2.1 Build 18113012. Attackers can use slowhttptest tool to send incomplete HTTP request, which could make server keep waiting for the packet to fin ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:50 | 阅读：20 | 回复：0
CVE漏洞

CVE-2021-33823

An issue was discovered on MOXA Mgate MB3180 Version 2.1 Build 18113012. Attacker could send a huge amount of TCP SYN packet to make web service's resource exhausted. Then the web server is denial ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:50 | 阅读：11 | 回复：0
CVE漏洞

CVE-2021-32696

The npm package striptags is an implementation of PHP's strip_tags in Typescript. In striptags before version 3.2.0, a type-confusion vulnerability can cause `striptags` to concatenate unsanitized ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:50 | 阅读：12 | 回复：0
CVE漏洞

CVE-2021-21282

Contiki-NG is an open-source, cross-platform operating system for internet of things devices. In versions prior to 4.5, buffer overflow can be triggered by an input packet when using either of Contiki ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:50 | 阅读：9 | 回复：0
CVE漏洞

CVE-2021-33822

An issue was discovered on 4GEE ROUTER HH70VB Version HH70_E1_02.00_22. Attackers can use slowhttptest tool to send incomplete HTTP request, which could make server keep waiting for the packet to fini ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:50 | 阅读：7 | 回复：0
CVE漏洞

CVE-2021-33820

An issue was discovered in UniFi Protect G3 FLEX Camera Version UVC.v4.30.0.67.Attacker could send a huge amount of TCP SYN packet to make web service's resource exhausted. Then the web server is ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:50 | 阅读：11 | 回复：0
CVE漏洞

CVE-2021-33818

An issue was discovered in UniFi Protect G3 FLEX Camera Version UVC.v4.30.0.67. Attackers can use slowhttptest tool to send incomplete HTTP request, which could make server keep waiting for the packet ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:50 | 阅读：15 | 回复：0
CVE漏洞

CVE-2021-3604

Secure 8 (Evalos) does not validate user input data correctly, allowing a remote attacker to perform a Blind SQL Injection. An attacker could exploit this vulnerability in order to extract information ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:50 | 阅读：21 | 回复：0
CVE漏洞

CVE-2020-18442

Infinite Loop in zziplib v0.13.69 allows remote attackers to cause a denial of service via the return value zzip_file_read in the function unzzip_cat_file.……

作者：菜鸟教程小白 | 时间：2022-2-5 10:50 | 阅读：15 | 回复：0
CVE漏洞

CVE-2005-2795

** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Notes: none.……

作者：菜鸟教程小白 | 时间：2022-2-5 10:50 | 阅读：16 | 回复：0
CVE漏洞

CVE-2021-32956

Advantech WebAccess/SCADA Versions 9.0.1 and prior is vulnerable to redirection, which may allow an attacker to send a maliciously crafted URL that could result in redirecting a user to a malicious we ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:50 | 阅读：19 | 回复：0
CVE漏洞

CVE-2021-32954

Advantech WebAccess/SCADA Versions 9.0.1 and prior is vulnerable to a directory traversal, which may allow an attacker to remotely read arbitrary files on the file system.……

作者：菜鸟教程小白 | 时间：2022-2-5 10:50 | 阅读：20 | 回复：0
CVE漏洞

CVE-2021-23846

When using http protocol, the user password is transmitted as a clear text parameter for which it is possible to be obtained by an attacker through a MITM attack. This will be fixed starting from Firm ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:50 | 阅读：16 | 回复：0
CVE漏洞

CVE-2021-23845

This vulnerability could allow an attacker to hijack a session while a user is logged in the configuration web page. This vulnerability was discovered by a security researcher in B426 and found during ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:50 | 阅读：12 | 回复：0
CVE漏洞

CVE-2018-14639

** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Notes: none.……

作者：菜鸟教程小白 | 时间：2022-2-5 10:50 | 阅读：8 | 回复：0
CVE漏洞

CVE-2021-21997

VMware Tools for Windows (11.x.y prior to 11.3.0) contains a denial-of-service vulnerability in the VM3DMP driver. A malicious actor with local user privileges in the Windows guest operating system, w ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:50 | 阅读：30 | 回复：0
CVE漏洞

CVE-2007-3733

** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Notes: none.……

作者：菜鸟教程小白 | 时间：2022-2-5 10:50 | 阅读：22 | 回复：0
CVE漏洞

CVE-2005-0394

** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Notes: none.……

作者：菜鸟教程小白 | 时间：2022-2-5 10:50 | 阅读：15 | 回复：0
CVE漏洞

CVE-2021-34815

CheckSec Canopy before 3.5.2 allows XSS attacks against the login page via the LOGIN_PAGE_DISCLAIMER parameter.……

作者：菜鸟教程小白 | 时间：2022-2-5 10:50 | 阅读：21 | 回复：0
CVE漏洞

CVE-2021-26835

No filtering of cross-site scripting (XSS) payloads in the markdown-editor in Zettlr 1.8.7 allows attackers to perform remote code execution via a crafted file.……

作者：菜鸟教程小白 | 时间：2022-2-5 10:50 | 阅读：15 | 回复：0
CVE漏洞

CVE-2021-26834

A cross-site scripting (XSS) vulnerability exists in Znote 0.5.2. An attacker can insert payloads, and the code execution will happen immediately on markdown view mode.……

作者：菜鸟教程小白 | 时间：2022-2-5 10:50 | 阅读：16 | 回复：0