漏洞 - 第792页-OGeek|极客世界-中国程序员成长平台

OGeek|极客世界-中国程序员成长平台 › 门户 ›漏洞

漏洞

RSS

下级分类:

CVE漏洞

CVE-2020-21840

A heap based buffer overflow vulnerability exits in GNU LibreDWG 0.10 via bit_search_sentinel ../../src/bits.c:1985.……

作者：菜鸟教程小白 | 时间：2022-2-5 10:44 | 阅读：21 | 回复：0
CVE漏洞

CVE-2020-21839

An issue was discovered in GNU LibreDWG 0.10. Crafted input will lead to an memory leak in dwg_decode_eed ../../src/decode.c:3638.……

作者：菜鸟教程小白 | 时间：2022-2-5 10:44 | 阅读：12 | 回复：0
CVE漏洞

CVE-2020-21838

A heap based buffer overflow vulnerability exits in GNU LibreDWG 0.10 via: read_2004_section_appinfo ../../src/decode.c:2842.……

作者：菜鸟教程小白 | 时间：2022-2-5 10:44 | 阅读：30 | 回复：0
CVE漏洞

CVE-2020-21836

A heap based buffer overflow vulnerability exists in GNU LibreDWG 0.10 via read_2004_section_preview ../../src/decode.c:3175.……

作者：菜鸟教程小白 | 时间：2022-2-5 10:44 | 阅读：28 | 回复：0
CVE漏洞

CVE-2020-21835

A null pointer deference issue exists in GNU LibreDWG 0.10 via read_2004_compressed_section ../../src/decode.c:2337.……

作者：菜鸟教程小白 | 时间：2022-2-5 10:44 | 阅读：10 | 回复：0
CVE漏洞

CVE-2020-21834

A null pointer deference issue exists in GNU LibreDWG 0.10 via get_bmp ../../programs/dwgbmp.c:164.……

作者：菜鸟教程小白 | 时间：2022-2-5 10:44 | 阅读：14 | 回复：0
CVE漏洞

CVE-2020-21833

A heap based buffer overflow vulnerability exits in GNU LibreDWG 0.10 via: read_2004_section_classes ../../src/decode.c:2440.……

作者：菜鸟教程小白 | 时间：2022-2-5 10:44 | 阅读：11 | 回复：0
CVE漏洞

CVE-2020-21832

A heap based buffer overflow vulnerability exists in GNU LibreDWG 0.10 via read_2004_compressed_section ../../src/decode.c:2417.……

作者：菜鸟教程小白 | 时间：2022-2-5 10:44 | 阅读：16 | 回复：0
CVE漏洞

CVE-2020-21830

A heap based buffer overflow vulneraibility exists in GNU LibreDWG 0.10 via bit_calc_CRC ../../src/bits.c:2213.……

作者：菜鸟教程小白 | 时间：2022-2-5 10:44 | 阅读：17 | 回复：0
CVE漏洞

CVE-2021-32622

Matrix-React-SDK is a react-based SDK for inserting a Matrix chat/voip client into a web page. Before version 3.21.0, when uploading a file, the local file preview can lead to execution of scripts emb ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:44 | 阅读：20 | 回复：0
CVE漏洞

CVE-2020-21827

A heap based buffer overflow vulnerability exists in GNU LibreDWG 0.10 via read_2004_compressed_section ../../src/decode.c:2379.……

作者：菜鸟教程小白 | 时间：2022-2-5 10:44 | 阅读：23 | 回复：0
CVE漏洞

CVE-2021-29024

In InvoicePlane 1.5.11 a misconfigured web server allows unauthenticated directory listing and file download. Allowing an attacker to directory traversal and download files suppose to be private witho ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:44 | 阅读：23 | 回复：0
CVE漏洞

CVE-2021-29023

InvoicePlane 1.5.11 doesn't have any rate-limiting for password reset and the reset token is generated using a weak mechanism that is predictable.……

作者：菜鸟教程小白 | 时间：2022-2-5 10:44 | 阅读：47 | 回复：0
CVE漏洞

CVE-2020-29205

XSS in signup form in Project Worlds Online Examination System 1.0 allows remote attacker to inject arbitrary code via the name field……

作者：菜鸟教程小白 | 时间：2022-2-5 10:44 | 阅读：13 | 回复：0
CVE漏洞

CVE-2020-24993

There is a cross site scripting vulnerability on CmsWing 1.3.7. This vulnerability (stored XSS) is triggered when visitors access the article module.……

作者：菜鸟教程小白 | 时间：2022-2-5 10:44 | 阅读：29 | 回复：0
CVE漏洞

CVE-2020-24992

There is a cross site scripting vulnerability on CmsWing 1.3.7. This vulnerability (stored XSS) is triggered when an administrator accesses the content management module.……

作者：菜鸟教程小白 | 时间：2022-2-5 10:44 | 阅读：17 | 回复：0
CVE漏洞

CVE-2020-21819

A heap based buffer overflow vulnerability exists in GNU LibreDWG 0.10.2641via htmlescape ../../programs/escape.c:51.……

作者：菜鸟教程小白 | 时间：2022-2-5 10:44 | 阅读：15 | 回复：0
CVE漏洞

CVE-2020-21818

A heap based buffer overflow vulnerability exists in GNU LibreDWG 0.10.2641 via htmlescape ../../programs/escape.c:48.……

作者：菜鸟教程小白 | 时间：2022-2-5 10:44 | 阅读：17 | 回复：0
CVE漏洞

CVE-2020-21817

A null pointer dereference issue exists in GNU LibreDWG 0.10.2641 via htmlescape ../../programs/escape.c:29. which causes a denial of service (application crash).……

作者：菜鸟教程小白 | 时间：2022-2-5 10:44 | 阅读：23 | 回复：0
CVE漏洞

CVE-2020-21816

A heab based buffer overflow issue exists in GNU LibreDWG 0.10.2641 via htmlescape ../../programs/escape.c:46.……

作者：菜鸟教程小白 | 时间：2022-2-5 10:44 | 阅读：12 | 回复：0
CVE漏洞

CVE-2020-21815

A null pointer deference issue exists in GNU LibreDWG 0.10.2641 via output_TEXT ../../programs/dwg2SVG.c:114, which causes a denial of service (application crash).……

作者：菜鸟教程小白 | 时间：2022-2-5 10:44 | 阅读：25 | 回复：0
CVE漏洞

CVE-2020-21814

A heap based buffer overflow issue exists in GNU LibreDWG 0.10.2641 via htmlwescape ../../programs/escape.c:97.……

作者：菜鸟教程小白 | 时间：2022-2-5 10:44 | 阅读：32 | 回复：0
CVE漏洞

CVE-2021-32618

The Python Flask-Security-Too package is used for adding security features to your Flask application. It is an is an independently maintained version of Flask-Security based on the 3.0.0 version of Fl ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:44 | 阅读：19 | 回复：0
CVE漏洞

CVE-2021-32617

Exiv2 is a command-line utility and C++ library for reading, writing, deleting, and modifying the metadata of image files. An inefficient algorithm (quadratic complexity) was found in Exiv2 versions v ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:44 | 阅读：19 | 回复：0
CVE漏洞

CVE-2021-32456

SITEL CAP/PRX firmware version 5.2.01 allows an attacker with access to the local network of the device to obtain the authentication passwords by analysing the network traffic.……

作者：菜鸟教程小白 | 时间：2022-2-5 10:44 | 阅读：20 | 回复：0
CVE漏洞

CVE-2021-32454

SITEL CAP/PRX firmware version 5.2.01 makes use of a hardcoded password. An attacker with access to the device could modify these credentials, leaving the administrators of the device without access.……

作者：菜鸟教程小白 | 时间：2022-2-5 10:44 | 阅读：16 | 回复：0
CVE漏洞

CVE-2021-23384

The package koa-remove-trailing-slashes before 2.0.2 are vulnerable to Open Redirect via the use of trailing double slashes in the URL when accessing the vulnerable endpoint (such as https://example.c ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:44 | 阅读：15 | 回复：0
CVE漏洞

CVE-2020-21813

A heap based buffer overflow issue exists in GNU LibreDWG 0.10.2641 via output_TEXT ../../programs/dwg2SVG.c:114.……

作者：菜鸟教程小白 | 时间：2022-2-5 10:44 | 阅读：6 | 回复：0
CVE漏洞

CVE-2021-3524

A flaw was found in the Red Hat Ceph Storage RadosGW (Ceph Object Gateway) in versions before 14.2.21. The vulnerability is related to the injection of HTTP headers via a CORS ExposeHeader tag. The ne ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:44 | 阅读：16 | 回复：0
CVE漏洞

CVE-2021-33041

vmd through 1.34.0 allows 'div class=markdown-body' XSS, as demonstrated by Electron remote code execution via require('child_process').execSync('calc.exe') on Windows and a si ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:44 | 阅读：12 | 回复：0
CVE漏洞

CVE-2021-32455

SITEL CAP/PRX firmware version 5.2.01, allows an attacker with access to the device´s network to cause a denial of service condition on the device. An attacker could exploit this vulnerability by sen ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:44 | 阅读：16 | 回复：0
CVE漏洞

CVE-2021-32453

SITEL CAP/PRX firmware version 5.2.01 allows an attacker with access to the local network, to access via HTTP to the internal configuration database of the device without any authentication. An attack ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:44 | 阅读：15 | 回复：0
CVE漏洞

CVE-2021-29747

IBM InfoSphere Information Server 11.7 could allow a remote attacker to obtain highly sensitive information due to a vulnerability in the authentication mechanism. IBM X-Force ID: 201775.……

作者：菜鸟教程小白 | 时间：2022-2-5 10:44 | 阅读：15 | 回复：0
CVE漏洞

CVE-2021-25264

In multiple versions of Sophos Endpoint products for MacOS, a local attacker could execute arbitrary code with administrator privileges.……

作者：菜鸟教程小白 | 时间：2022-2-5 10:44 | 阅读：45 | 回复：0
CVE漏洞

CVE-2021-24327

The SEO Redirection Plugin â€“ 301 Redirect Manager WordPress plugin before 6.4 did not sanitise the Redirect From and Redirect To fields when creating a new redirect in the dashboard, allowing hig ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:44 | 阅读：19 | 回复：0
CVE漏洞

CVE-2021-24326

The tab parameter of the settings page of the All 404 Redirect to Homepage WordPress plugin before 1.21 was vulnerable to an authenticated reflected Cross-Site Scripting (XSS) issue as user input was ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:44 | 阅读：16 | 回复：0
CVE漏洞

CVE-2021-24325

The tab parameter of the settings page of the 404 SEO Redirection WordPress plugin through 1.3 is vulnerable to a reflected Cross-Site Scripting (XSS) issue as user input is not properly sanitised or ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:44 | 阅读：15 | 回复：0
CVE漏洞

CVE-2021-24324

The 404 SEO Redirection WordPress plugin through 1.3 is lacking CSRF checks in all its settings, allowing attackers to make a logged in user change the plugin's settings. Due to the lack of saniti ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:44 | 阅读：19 | 回复：0
CVE漏洞

CVE-2021-24323

When taxes are enabled, the Additional tax classes field was not properly sanitised or escaped before being output back in the admin dashboard, allowing high privilege users such as admin to use XSS p ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:44 | 阅读：8 | 回复：0
CVE漏洞

CVE-2021-24315

The GiveWP â€“ Donation Plugin and Fundraising Platform WordPress plugin before 2.10.4 did not sanitise or escape the Background Image field of its Stripe Checkout Setting and Logo field in its Ema ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:44 | 阅读：19 | 回复：0