漏洞 - 第791页-OGeek|极客世界-中国程序员成长平台

OGeek|极客世界-中国程序员成长平台 › 门户 ›漏洞

漏洞

RSS

下级分类:

CVE漏洞

CVE-2020-20246

Mikrotik RouterOs stable 6.46.3 suffers from a memory corruption vulnerability in the mactel process. An authenticated remote attacker can cause a Denial of Service due to improper memory access.……

作者：菜鸟教程小白 | 时间：2022-2-5 10:44 | 阅读：24 | 回复：0
CVE漏洞

CVE-2020-20245

Mikrotik RouterOs stable 6.46.3 suffers from a memory corruption vulnerability in the log process. An authenticated remote attacker can cause a Denial of Service due to improper memory access.……

作者：菜鸟教程小白 | 时间：2022-2-5 10:44 | 阅读：16 | 回复：0
CVE漏洞

CVE-2020-20227

Mikrotik RouterOs stable 6.47 suffers from a memory corruption vulnerability in the /nova/bin/diskd process. An authenticated remote attacker can cause a Denial of Service due to invalid memory access ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:44 | 阅读：22 | 回复：0
CVE漏洞

CVE-2020-20220

Mikrotik RouterOs prior to stable 6.47 suffers from a memory corruption vulnerability in the /nova/bin/bfd process. An authenticated remote attacker can cause a Denial of Service (NULL pointer derefer ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:44 | 阅读：25 | 回复：0
CVE漏洞

CVE-2020-19924

In Boostnote 0.12.1, exporting to PDF contains opportunities for XSS attacks.……

作者：菜鸟教程小白 | 时间：2022-2-5 10:44 | 阅读：16 | 回复：0
CVE漏洞

CVE-2020-20237

Mikrotik RouterOs 6.46.3 (stable tree) suffers from a memory corruption vulnerability in the /nova/bin/sniffer process. An authenticated remote attacker can cause a Denial of Service due to improper m ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:44 | 阅读：17 | 回复：0
CVE漏洞

CVE-2020-20236

Mikrotik RouterOs 6.46.3 (stable tree) suffers from a memory corruption vulnerability in the /nova/bin/sniffer process. An authenticated remote attacker can cause a Denial of Service due to improper m ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:44 | 阅读：17 | 回复：0
CVE漏洞

CVE-2020-20222

Mikrotik RouterOs 6.44.6 (long-term tree) suffers from a memory corruption vulnerability in the /nova/bin/sniffer process. An authenticated remote attacker can cause a Denial of Service (NULL pointer ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:44 | 阅读：17 | 回复：0
CVE漏洞

CVE-2020-20214

Mikrotik RouterOs 6.44.6 (long-term tree) suffers from an assertion failure vulnerability in the btest process. An authenticated remote attacker can cause a Denial of Service due to an assertion failu ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:44 | 阅读：14 | 回复：0
CVE漏洞

CVE-2020-18178

Path Traversal in HongCMS v4.0.0 allows remote attackers to view, edit, and delete arbitrary files via a crafted POST request to the component /hcms/admin/index.php/language/ajax.……

作者：菜鸟教程小白 | 时间：2022-2-5 10:44 | 阅读：16 | 回复：0
CVE漏洞

CVE-2021-3200

Buffer overflow vulnerability in libsolv 2020-12-13 via the Solver * testcase_read(Pool *pool, FILE *fp, const char *testcase, Queue *job, char **resultp, int *resultflagsp function at src/testcase.c: ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:44 | 阅读：28 | 回复：0
CVE漏洞

CVE-2021-32305

WebSVN before 2.6.1 allows remote attackers to execute arbitrary commands via shell metacharacters in the search parameter.……

作者：菜鸟教程小白 | 时间：2022-2-5 10:44 | 阅读：17 | 回复：0
CVE漏洞

CVE-2020-24740

An issue was discovered in Pluck 4.7.10-dev2. There is a CSRF vulnerability that can editpage via a /admin.php?action=editpage……

作者：菜鸟教程小白 | 时间：2022-2-5 10:44 | 阅读：10 | 回复：0
CVE漏洞

CVE-2020-23861

A heap-based buffer overflow vulnerability exists in LibreDWG 0.10.1 via the read_system_page function at libredwg-0.10.1/src/decode_r2007.c:666:5, which causes a denial of service by submitting a dwg ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:44 | 阅读：11 | 回复：0
CVE漏洞

CVE-2020-20951

In Pluck-4.7.10-dev2 admin background, a remote command execution vulnerability exists when uploading files.……

作者：菜鸟教程小白 | 时间：2022-2-5 10:44 | 阅读：11 | 回复：0
CVE漏洞

CVE-2021-32238

Epic Games / Psyonix Rocket League =1.95 is affected by Buffer Overflow. Stack-based buffer overflow occurs when Rocket League handles UPK object files that can result in code execution and denial of ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:44 | 阅读：11 | 回复：0
CVE漏洞

CVE-2020-24026

TinyShop, a free and open source mall based on RageFrame2, has a stored XSS vulnerability that affects version 1.2.0. TinyShop allows XSS via the explain_first and again_explain parameters of the /eva ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:44 | 阅读：19 | 回复：0
CVE漏洞

CVE-2020-23856

Use-after-Free vulnerability in cflow 1.6 in the void call(char *name, int line) function at src/parser.c, which could cause a denial of service via the pointer variable caller-callee.……

作者：菜鸟教程小白 | 时间：2022-2-5 10:44 | 阅读：26 | 回复：0
CVE漏洞

CVE-2020-23852

A heap based buffer overflow vulnerability exists in ffjpeg through 2020-07-02 in the jfif_decode(void *ctxt, BMP *pb) function at ffjpeg/src/jfif.c (line 544 line 545), which could cause a denial of ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:44 | 阅读：16 | 回复：0
CVE漏洞

CVE-2020-23851

A stack-based buffer overflow vulnerability exists in ffjpeg through 2020-07-02 in the jfif_decode(void *ctxt, BMP *pb) function at ffjpeg/src/jfif.c:513:28, which could cause a denial of service by s ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:44 | 阅读：21 | 回复：0
CVE漏洞

CVE-2021-30145

A format string vulnerability in mpv through 0.33.0 allows user-assisted remote attackers to achieve code execution via a crafted m3u playlist file.……

作者：菜鸟教程小白 | 时间：2022-2-5 10:44 | 阅读：23 | 回复：0
CVE漏洞

CVE-2020-20254

Mikrotik RouterOs before 6.47 (stable tree) suffers from a memory corruption vulnerability in the /nova/bin/lcdstat process. An authenticated remote attacker can cause a Denial of Service (NULL pointe ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:44 | 阅读：19 | 回复：0
CVE漏洞

CVE-2020-20253

Mikrotik RouterOs before 6.47 (stable tree) suffers from a divison by zero vulnerability in the /nova/bin/lcdstat process. An authenticated remote attacker can cause a Denial of Service due to a divid ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:44 | 阅读：11 | 回复：0
CVE漏洞

CVE-2021-22117

RabbitMQ installers on Windows prior to version 3.8.16 do not harden plugin directory permissions, potentially allowing attackers with sufficient local filesystem permissions to add arbitrary plugins.……

作者：菜鸟教程小白 | 时间：2022-2-5 10:44 | 阅读：13 | 回复：0
CVE漏洞

CVE-2021-3531

A flaw was found in the Red Hat Ceph Storage RGW in versions before 14.2.21. When processing a GET Request for a swift URL that ends with two slashes it can cause the rgw to crash, resulting in a deni ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:44 | 阅读：14 | 回复：0
CVE漏洞

CVE-2021-3518

There's a flaw in libxml2 in versions before 2.9.11. An attacker who is able to submit a crafted file to be processed by an application linked with libxml2 could trigger a use-after-free. The grea ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:44 | 阅读：21 | 回复：0
CVE漏洞

CVE-2021-31827

In Progress MOVEit Transfer before 2021.0 (13.0), a SQL injection vulnerability has been found in the MOVEit Transfer web app that could allow an authenticated attacker to gain unauthorized access to ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:44 | 阅读：11 | 回复：0
CVE漏洞

CVE-2020-25709

A flaw was found in OpenLDAP. This flaw allows an attacker who can send a malicious packet to be processed by OpenLDAP’s slapd server, to trigger an assertion failure. The highest threat from this vu ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:44 | 阅读：12 | 回复：0
CVE漏洞

CVE-2002-2438

TCP firewalls could be circumvented by sending a SYN Packets with other flags (like e.g. RST flag) set, which was not correctly discarded by the Linux TCP stack after firewalling.……

作者：菜鸟教程小白 | 时间：2022-2-5 10:44 | 阅读：5 | 回复：0
CVE漏洞

CVE-2021-3423

Uncontrolled Search Path Element vulnerability in the openssl component as used in Bitdefender GravityZone Business Security allows an attacker to load a third party DLL to elevate privileges. This is ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:44 | 阅读：12 | 回复：0
CVE漏洞

CVE-2020-15279

An Improper Access Control vulnerability in the logging component of Bitdefender Endpoint Security Tools for Windows versions prior to 6.6.23.320 allows a regular user to learn the scanning exclusion ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:44 | 阅读：18 | 回复：0
CVE漏洞

CVE-2020-24755

In Ubiquiti UniFi Video v3.10.13, when the executable starts, its first library validation is in the current directory. This allows the impersonation and modification of the library to execute code on ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:44 | 阅读：14 | 回复：0
CVE漏洞

CVE-2020-21844

GNU LibreDWG 0.10 is affected by: memcpy-param-overlap. The impact is: execute arbitrary code (remote). The component is: read_2004_section_header ../../src/decode.c:2580.……

作者：菜鸟教程小白 | 时间：2022-2-5 10:44 | 阅读：13 | 回复：0
CVE漏洞

CVE-2020-21843

A heap based buffer overflow vulnerability exits in GNU LibreDWG 0.10 via bit_read_RC ../../src/bits.c:318.……

作者：菜鸟教程小白 | 时间：2022-2-5 10:44 | 阅读：7 | 回复：0
CVE漏洞

CVE-2020-21842

A heap based buffer overflow vulnerability exists in GNU LibreDWG 0.10 via read_2004_section_revhistory ../../src/decode.c:3051.……

作者：菜鸟教程小白 | 时间：2022-2-5 10:44 | 阅读：22 | 回复：0
CVE漏洞

CVE-2020-21831

A heap based buffer overflow vulnerability exists in GNU LibreDWG 0.10 via read_2004_section_handles ../../src/decode.c:2637.……

作者：菜鸟教程小白 | 时间：2022-2-5 10:44 | 阅读：25 | 回复：0
CVE漏洞

CVE-2020-18198

Cross Site Request Forgery (CSRF) in Pluck CMS v4.7.9 allows remote attackers to execute arbitrary code and delete specific images via the component /admin.php?action=images.……

作者：菜鸟教程小白 | 时间：2022-2-5 10:44 | 阅读：21 | 回复：0
CVE漏洞

CVE-2020-18195

Cross Site Request Forgery (CSRF) in Pluck CMS v4.7.9 allows remote attackers to execute arbitrary code and delete a specific article via the component /admin.php?action=page.……

作者：菜鸟教程小白 | 时间：2022-2-5 10:44 | 阅读：23 | 回复：0
CVE漏洞

CVE-2020-18194

Cross Site Scripting (XSS) in emlog v6.0.0 allows remote attackers to execute arbitrary code by adding a crafted script as a link to a new blog post.……

作者：菜鸟教程小白 | 时间：2022-2-5 10:44 | 阅读：20 | 回复：0
CVE漏洞

CVE-2020-21841

A heap based buffer overflow vulnerability exits in GNU LibreDWG 0.10 via bit_read_B ../../src/bits.c:135.……

作者：菜鸟教程小白 | 时间：2022-2-5 10:44 | 阅读：25 | 回复：0