• 设为首页
  • 点击收藏
  • 手机版
    手机扫一扫访问
    迪恩网络手机版
  • 关注官方公众号
    微信扫一扫关注
    迪恩网络公众号
登陆 注册
描述文字
OGeek|极客世界-中国程序员成长平台 门户 漏洞

漏洞

RSS

下级分类:

  • CVE-2021-33026
    CVE漏洞
    CVE-2021-33026
    The Flask-Caching extension through 1.10.1 for Flask relies on Pickle for serialization, which may lead to remote code execution or local privilege escalation. If an attacker gains access to cache sto ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:43 | 阅读:11 | 回复:0
  • CVE-2021-26420
    CVE漏洞
    CVE-2021-26420
    Microsoft SharePoint Server Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-31963, CVE-2021-31966.……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:43 | 阅读:19 | 回复:0
  • CVE-2021-26414
    CVE漏洞
    CVE-2021-26414
    Windows DCOM Server Security Feature Bypass……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:43 | 阅读:11 | 回复:0
  • CVE-2021-1675
    CVE漏洞
    CVE-2021-1675
    Windows Print Spooler Elevation of Privilege Vulnerability……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:43 | 阅读:31 | 回复:0
  • CVE-2021-33712
    CVE漏洞
    CVE-2021-33712
    A vulnerability has been identified in Mendix SAML Module (All versions V2.1.2). The configuration of the SAML module does not properly check various restrictions and validations imposed by an identi ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:43 | 阅读:13 | 回复:0
  • CVE-2021-31807
    CVE漏洞
    CVE-2021-31807
    An issue was discovered in Squid before 4.15 and 5.x before 5.0.6. An integer overflow problem allows a remote server to achieve Denial of Service when delivering responses to HTTP Range requests. The ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:43 | 阅读:25 | 回复:0
  • CVE-2021-31343
    CVE漏洞
    CVE-2021-31343
    The jutil.dll library in all versions of Solid Edge SE2020 before 2020MP14 and all versions of Solid Edge SE2021 before SE2021MP5 lack proper validation of user-supplied data when parsing DFT files. T ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:43 | 阅读:16 | 回复:0
  • CVE-2021-31342
    CVE漏洞
    CVE-2021-31342
    The ugeom2d.dll library in all versions of Solid Edge SE2020 before 2020MP14 and all versions of Solid Edge SE2021 before SE2021MP5 lack proper validation of user-supplied data when parsing DFT files. ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:43 | 阅读:15 | 回复:0
  • CVE-2021-31340
    CVE漏洞
    CVE-2021-31340
    A vulnerability has been identified in SIMATIC RF166C (All versions V1.1 and V1.3.2), SIMATIC RF185C (All versions V1.1 and V1.3.2), SIMATIC RF186C (All versions V1.1 and V1.3.2), SIMATIC RF186C ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:43 | 阅读:19 | 回复:0
  • CVE-2021-27399
    CVE漏洞
    CVE-2021-27399
    A vulnerability has been identified in Simcenter Femap 2020.2 (All versions V2020.2.MP3), Simcenter Femap 2021.1 (All versions V2021.1.MP3). The femap.exe application lacks proper validation of user ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:43 | 阅读:13 | 回复:0
  • CVE-2021-27390
    CVE漏洞
    CVE-2021-27390
    A vulnerability has been identified in JT2Go (All versions V13.1.0.3), Teamcenter Visualization (All versions V13.1.0.3). The TIFF_loader.dll library in affected applications lacks proper validation ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:43 | 阅读:11 | 回复:0
  • CVE-2021-27387
    CVE漏洞
    CVE-2021-27387
    A vulnerability has been identified in Simcenter Femap 2020.2 (All versions V2020.2.MP3), Simcenter Femap 2021.1 (All versions V2021.1.MP3). The femap.exe application lacks proper validation of user ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:43 | 阅读:14 | 回复:0
  • CVE-2021-22220
    CVE漏洞
    CVE-2021-22220
    An issue has been discovered in GitLab affecting all versions starting with 13.10. GitLab was vulnerable to a stored XSS in blob viewer of notebooks.……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:43 | 阅读:19 | 回复:0
  • CVE-2021-22216
    CVE漏洞
    CVE-2021-22216
    A denial of service vulnerability in all versions of GitLab CE/EE before 13.12.2, 13.11.5 or 13.10.5 allows an attacker to cause uncontrolled resource consumption with a very long issue or merge reque ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:43 | 阅读:21 | 回复:0
  • CVE-2020-26136
    CVE漏洞
    CVE-2020-26136
    In SilverStripe through 4.6.0-rc1, GraphQL doesn't honour MFA (multi-factor authentication) when using basic authentication.……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:43 | 阅读:5 | 回复:0
  • CVE-2021-32658
    CVE漏洞
    CVE-2021-32658
    Nextcloud Android is the Android client for the Nextcloud open source home cloud system. Due to a timeout issue the Android client may not properly clean all sensitive data on account removal. This co ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:43 | 阅读:11 | 回复:0
  • CVE-2021-26474
    CVE漏洞
    CVE-2021-26474
    Various Vembu products allow an attacker to execute a (non-blind) http-only Cross Site Request Forgery (Other products or versions of products in this family may be affected too.)……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:43 | 阅读:24 | 回复:0
  • CVE-2021-26473
    CVE漏洞
    CVE-2021-26473
    In VembuBDR before 4.2.0.1 and VembuOffsiteDR before 4.2.0.1 the http API located at /sgwebservice_o.php action logFilePath allows an attacker to write arbitrary files in the context of the web server ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:43 | 阅读:11 | 回复:0
  • CVE-2021-26472
    CVE漏洞
    CVE-2021-26472
    In VembuBDR before 4.2.0.1 and VembuOffsiteDR before 4.2.0.1 installed on Windows, the http API located at /consumerweb/secure/download.php. Using this command argument an unauthenticated attacker can ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:43 | 阅读:11 | 回复:0
  • CVE-2021-26471
    CVE漏洞
    CVE-2021-26471
    In VembuBDR before 4.2.0.1 and VembuOffsiteDR before 4.2.0.1, the http API located at /sgwebservice_o.php accepts a command argument. Using this command argument an unauthenticated attacker can execut ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:43 | 阅读:17 | 回复:0
  • CVE-2021-22221
    CVE漏洞
    CVE-2021-22221
    An issue has been discovered in GitLab affecting all versions starting from 12.9.0 before 13.10.5, all versions starting from 13.11.0 before 13.11.5, all versions starting from 13.12.0 before 13.12.2. ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:43 | 阅读:27 | 回复:0
  • CVE-2021-22219
    CVE漏洞
    CVE-2021-22219
    GitLab CE/EE since version 9.5 allows a high privilege user to obtain sensitive information from log files because the sensitive information was not correctly registered for log masking.……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:43 | 阅读:16 | 回复:0
  • CVE-2021-22217
    CVE漏洞
    CVE-2021-22217
    A denial of service vulnerability in all versions of GitLab CE/EE before 13.12.2, 13.11.5 or 13.10.5 allows an attacker to cause uncontrolled resource consumption with a specially crafted issue or mer ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:43 | 阅读:22 | 回复:0
  • CVE-2021-22213
    CVE漏洞
    CVE-2021-22213
    A cross-site leak vulnerability in the OAuth flow of all versions of GitLab CE/EE since 7.10 allowed an attacker to leak an OAuth access token by getting the victim to visit a malicious page with Safa ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:43 | 阅读:12 | 回复:0
  • CVE-2020-28713
    CVE漏洞
    CVE-2020-28713
    Incorrect access control in push notification service in Night Owl Smart Doorbell FW version 20190505 allows remote users to send push notification events via an exposed PNS server. A remote attacker ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:43 | 阅读:10 | 回复:0
  • CVE-2021-33571
    CVE漏洞
    CVE-2021-33571
    In Django 2.2 before 2.2.24, 3.x before 3.1.12, and 3.2 before 3.2.4, URLValidator, validate_ipv4_address, and validate_ipv46_address do not prohibit leading zero characters in octal literals. This ma ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:43 | 阅读:20 | 回复:0
  • CVE-2021-33203
    CVE漏洞
    CVE-2021-33203
    Django before 2.2.24, 3.x before 3.1.12, and 3.2.x before 3.2.4 has a potential directory traversal via django.contrib.admindocs. Staff members could use the TemplateDetailView view to check the exist ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:43 | 阅读:21 | 回复:0
  • CVE-2021-32674
    CVE漏洞
    CVE-2021-32674
    Zope is an open-source web application server. This advisory extends the previous advisory at https://github.com/zopefoundation/Zope/security/advisories/GHSA-5pr9-v234-jw36 with additional cases of TA ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:43 | 阅读:18 | 回复:0
  • CVE-2021-28293
    CVE漏洞
    CVE-2021-28293
    Seceon aiSIEM before 6.3.2 (build 585) is prone to an unauthenticated account takeover vulnerability in the Forgot Password feature. The lack of correct configuration leads to recovery of the password ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:43 | 阅读:28 | 回复:0
  • CVE-2021-21559
    CVE漏洞
    CVE-2021-21559
    Dell EMC NetWorker, versions 18.x, 19.1.x, 19.2.x 19.3.x, 19.4, and 19.4.0.1 contain an Improper Certificate Validation vulnerability in the client (NetWorker Management Console) components which uses ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:43 | 阅读:20 | 回复:0
  • CVE-2021-21558
    CVE漏洞
    CVE-2021-21558
    Dell EMC NetWorker, 18.x, 19.1.x, 19.2.x 19.3.x, 19.4 and 19.4.0.1, contains an Information Disclosure vulnerability. A local administrator of the gstd system may potentially exploit this vulnerabilit ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:43 | 阅读:27 | 回复:0
  • CVE-2020-26138
    CVE漏洞
    CVE-2020-26138
    In SilverStripe through 4.6.0-rc1, a FormField with square brackets in the field name skips validation.……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:43 | 阅读:32 | 回复:0
  • CVE-2020-25817
    CVE漏洞
    CVE-2020-25817
    SilverStripe through 4.6.0-rc1 has an XXE Vulnerability in CSSContentParser. A developer utility meant for parsing HTML within unit tests can be vulnerable to XML External Entity (XXE) attacks. When t ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:43 | 阅读:25 | 回复:0
  • CVE-2021-32673
    CVE漏洞
    CVE-2021-32673
    reg-keygen-git-hash-plugin is a reg-suit plugin to detect the snapshot key to be compare with using Git commit hash. reg-keygen-git-hash-plugin through and including 0.10.15 allow remote attackers to ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:43 | 阅读:22 | 回复:0
  • CVE-2021-32015
    CVE漏洞
    CVE-2021-32015
    In Nuvoton NPCT75x TPM 1.2 firmware 7.4.0.0, a local authenticated malicious user with high privileges could potentially gain unauthorized access to TPM non-volatile memory. NOTE: Upgrading to firmwar ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:43 | 阅读:26 | 回复:0
  • CVE-2021-22218
    CVE漏洞
    CVE-2021-22218
    All versions of GitLab CE/EE starting with 12.8 were affected by an issue in the handling of x509 certificates that could be used to spoof author of signed commits.……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:43 | 阅读:22 | 回复:0
  • CVE-2021-22215
    CVE漏洞
    CVE-2021-22215
    An information disclosure vulnerability in GitLab EE versions 13.11 and later allowed a project owner to leak information about the members' on-call rotations in other projects……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:43 | 阅读:24 | 回复:0
  • CVE-2021-34280
    CVE漏洞
    CVE-2021-34280
    Polaris Office v9.103.83.44230 is affected by a Uninitialized Pointer Vulnerability in PolarisOffice.exe and EngineDLL.dll that may cause a Remote Code Execution. To exploit the vulnerability, someone ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:43 | 阅读:22 | 回复:0
  • CVE-2021-33190
    CVE漏洞
    CVE-2021-33190
    In Apache APISIX Dashboard version 2.6, we changed the default value of listen host to 0.0.0.0 in order to facilitate users to configure external network access. In the IP allowed list restriction, a ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:43 | 阅读:18 | 回复:0
  • CVE-2021-33176
    CVE漏洞
    CVE-2021-33176
    VerneMQ MQTT Broker versions prior to 1.12.0 are vulnerable to a denial of service attack as a result of excessive memory consumption due to the handling of untrusted inputs. These inputs cause the me ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:43 | 阅读:18 | 回复:0

关注我们

极客给你想要的成长

关注极客中国获取最新资讯

加入Q群 官方微博
热门推荐
More+
专题导读
More+
热门话题
More+
阅读排行榜

扫描微信二维码

查看手机版网站

随时了解更新最新资讯

139-2527-9053

在线客服(服务时间 9:00~18:00)

在线QQ客服
地址:深圳市南山区西丽大学城创智工业园
电邮:jeky_zhao#qq.com
移动电话:139-2527-9053

Powered by 互联科技 X3.4© 2001-2213 极客世界.|Sitemap