漏洞 - 第811页-OGeek|极客世界-中国程序员成长平台

OGeek|极客世界-中国程序员成长平台 › 门户 ›漏洞

漏洞

RSS

下级分类:

CVE漏洞

CVE-2021-31167

Windows Container Manager Service Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-31165, CVE-2021-31168, CVE-2021-31169, CVE-2021-31208.……

作者：菜鸟教程小白 | 时间：2022-2-5 10:41 | 阅读：30 | 回复：0
CVE漏洞

CVE-2021-31166

HTTP Protocol Stack Remote Code Execution Vulnerability……

作者：菜鸟教程小白 | 时间：2022-2-5 10:41 | 阅读：11 | 回复：0
CVE漏洞

CVE-2021-31165

Windows Container Manager Service Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-31167, CVE-2021-31168, CVE-2021-31169, CVE-2021-31208.……

作者：菜鸟教程小白 | 时间：2022-2-5 10:41 | 阅读：13 | 回复：0
CVE漏洞

CVE-2021-28479

Windows CSC Service Information Disclosure Vulnerability……

作者：菜鸟教程小白 | 时间：2022-2-5 10:41 | 阅读：16 | 回复：0
CVE漏洞

CVE-2021-28478

Microsoft SharePoint Spoofing Vulnerability This CVE ID is unique from CVE-2021-26418, CVE-2021-31172.……

作者：菜鸟教程小白 | 时间：2022-2-5 10:41 | 阅读：18 | 回复：0
CVE漏洞

CVE-2021-28476

Hyper-V Remote Code Execution Vulnerability……

作者：菜鸟教程小白 | 时间：2022-2-5 10:41 | 阅读：18 | 回复：0
CVE漏洞

CVE-2021-28474

Microsoft SharePoint Server Remote Code Execution Vulnerability……

作者：菜鸟教程小白 | 时间：2022-2-5 10:41 | 阅读：17 | 回复：0
CVE漏洞

CVE-2021-28465

Web Media Extensions Remote Code Execution Vulnerability……

作者：菜鸟教程小白 | 时间：2022-2-5 10:41 | 阅读：23 | 回复：0
CVE漏洞

CVE-2021-28461

Dynamics Finance and Operations Cross-site Scripting Vulnerability……

作者：菜鸟教程小白 | 时间：2022-2-5 10:41 | 阅读：8 | 回复：0
CVE漏洞

CVE-2021-28455

Microsoft Jet Red Database Engine and Access Connectivity Engine Remote Code Execution Vulnerability……

作者：菜鸟教程小白 | 时间：2022-2-5 10:41 | 阅读：18 | 回复：0
CVE漏洞

CVE-2021-27068

Visual Studio Remote Code Execution Vulnerability……

作者：菜鸟教程小白 | 时间：2022-2-5 10:41 | 阅读：17 | 回复：0
CVE漏洞

CVE-2021-26422

Skype for Business and Lync Remote Code Execution Vulnerability……

作者：菜鸟教程小白 | 时间：2022-2-5 10:41 | 阅读：17 | 回复：0
CVE漏洞

CVE-2021-26421

Skype for Business and Lync Spoofing Vulnerability……

作者：菜鸟教程小白 | 时间：2022-2-5 10:41 | 阅读：13 | 回复：0
CVE漏洞

CVE-2021-26419

Scripting Engine Memory Corruption Vulnerability……

作者：菜鸟教程小白 | 时间：2022-2-5 10:41 | 阅读：16 | 回复：0
CVE漏洞

CVE-2021-26418

Microsoft SharePoint Spoofing Vulnerability This CVE ID is unique from CVE-2021-28478, CVE-2021-31172.……

作者：菜鸟教程小白 | 时间：2022-2-5 10:41 | 阅读：15 | 回复：0
CVE漏洞

CVE-2020-18964

Cross Site Request Forgery (CSRF) Vulnerability in ForestBlog latest version via the website Management background, which could let a remote malicious gain privileges.……

作者：菜鸟教程小白 | 时间：2022-2-5 10:41 | 阅读：19 | 回复：0
CVE漏洞

CVE-2021-32573

** DISPUTED ** The express-cart package through 1.1.10 for Node.js allows Reflected XSS (for an admin) via a user input field for product options. NOTE: the vendor states that this would rely on an ad ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:41 | 阅读：24 | 回复：0
CVE漏洞

CVE-2021-29509

Puma is a concurrent HTTP 1.1 server for Ruby/Rack applications. The fix for CVE-2019-16770 was incomplete. The original fix only protected existing connections that had already been accepted from hav ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:41 | 阅读：17 | 回复：0
CVE漏洞

CVE-2021-29508

Due to how Wire handles type information in its serialization format, malicious payloads can be passed to a deserializer. e.g. using a surrogate on the sender end, an attacker can pass information abo ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:41 | 阅读：18 | 回复：0
CVE漏洞

CVE-2020-4536

IBM OpenPages GRC Platform 8.1 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in furth ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:41 | 阅读：11 | 回复：0
CVE漏洞

CVE-2020-4535

IBM OpenPages GRC Platform 8.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentia ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:41 | 阅读：8 | 回复：0
CVE漏洞

CVE-2021-31537

SIS SIS-REWE Go before 7.7 SP17 allows XSS: rewe/prod/web/index.php (affected parameters are config, version, win, db, pwd, and user) and /rewe/prod/web/rewe_go_check.php (version and all other parame ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:41 | 阅读：9 | 回复：0
CVE漏洞

CVE-2021-29471

Synapse is a Matrix reference homeserver written in python (pypi package matrix-synapse). Matrix is an ecosystem for open federated Instant Messaging and VoIP. In Synapse before version 1.33.2 Push ru ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:41 | 阅读：10 | 回复：0
CVE漏洞

CVE-2021-27619

SAP Commerce (Backoffice Search), versions - 1808, 1811, 1905, 2005, 2011, allows a low privileged user to search for attributes which are not supposed to be displayed to them. Although the search res ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:41 | 阅读：17 | 回复：0
CVE漏洞

CVE-2021-27618

The Integration Builder Framework of SAP Process Integration versions - 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50, does not check the file type extension of the file uploaded from local source. An atta ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:41 | 阅读：13 | 回复：0
CVE漏洞

CVE-2021-27617

The Integration Builder Framework of SAP Process Integration versions - 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50, does not sufficiently validate an XML document uploaded from local source. An attacker ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:41 | 阅读：10 | 回复：0
CVE漏洞

CVE-2021-27616

Under certain conditions, SAP Business One Hana Chef Cookbook, versions - 8.82, 9.0, 9.1, 9.2, 9.3, 10.0, used to install SAP Business One for SAP HANA, allows an attacker to exploit an insecure tempo ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:41 | 阅读：8 | 回复：0
CVE漏洞

CVE-2021-27614

SAP Business One Hana Chef Cookbook, versions - 8.82, 9.0, 9.1, 9.2, 9.3, 10.0, used to install SAP Business One on SAP HANA, allows an attacker to inject code that can be executed by the application. ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:41 | 阅读：17 | 回复：0
CVE漏洞

CVE-2021-27613

Under certain conditions, SAP Business One Chef cookbook, version - 9.2, 9.3, 10.0, used to install SAP Business One, allows an attacker to exploit an insecure temporary folder for incoming outgoing ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:41 | 阅读：20 | 回复：0
CVE漏洞

CVE-2021-27612

In specific situations SAP GUI for Windows until and including 7.60 PL9, 7.70 PL0, forwards a user to specific malicious website which could contain malware or might lead to phishing attacks to steal ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:41 | 阅读：19 | 回复：0
CVE漏洞

CVE-2021-27611

SAP NetWeaver AS ABAP, versions - 700, 701, 702, 730, 731, allow a high privileged attacker to inject malicious code by executing an ABAP report when the attacker has access to the local SAP system. T ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:41 | 阅读：13 | 回复：0
CVE漏洞

CVE-2021-21656

Jenkins Xcode integration Plugin 2.0.14 and earlier does not configure its XML parser to prevent XML external entity (XXE) attacks.……

作者：菜鸟教程小白 | 时间：2022-2-5 10:41 | 阅读：14 | 回复：0
CVE漏洞

CVE-2021-21655

A cross-site request forgery (CSRF) vulnerability in Jenkins P4 Plugin 1.11.4 and earlier allows attackers to connect to an attacker-specified Perforce server using attacker-specified username and pas ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:41 | 阅读：18 | 回复：0
CVE漏洞

CVE-2021-21654

Jenkins P4 Plugin 1.11.4 and earlier does not perform permission checks in multiple HTTP endpoints, allowing attackers with Overall/Read permission to connect to an attacker-specified Perforce server ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:41 | 阅读：12 | 回复：0
CVE漏洞

CVE-2021-21653

Jenkins Xray - Test Management for Jira Plugin 2.4.0 and earlier does not perform a permission check in an HTTP endpoint, allowing with Overall/Read permission to enumerate credentials IDs of credenti ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:41 | 阅读：16 | 回复：0
CVE漏洞

CVE-2021-21652

A cross-site request forgery (CSRF) vulnerability in Jenkins Xray - Test Management for Jira Plugin 2.4.0 and earlier allows attackers to connect to an attacker-specified URL using attacker-specified ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:41 | 阅读：15 | 回复：0
CVE漏洞

CVE-2021-21651

Jenkins S3 publisher Plugin 0.11.6 and earlier does not perform a permission check in an HTTP endpoint, allowing attackers with Overall/Read permission to obtain the list of configured profiles.……

作者：菜鸟教程小白 | 时间：2022-2-5 10:41 | 阅读：24 | 回复：0
CVE漏洞

CVE-2021-21650

Jenkins S3 publisher Plugin 0.11.6 and earlier does not perform Run/Artifacts permission checks in various HTTP endpoints and API models, allowing attackers with Item/Read permission to obtain informa ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:41 | 阅读：26 | 回复：0
CVE漏洞

CVE-2021-21649

Jenkins Dashboard View Plugin 2.15 and earlier does not escape URLs referenced in Image Dashboard Portlets, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:41 | 阅读：15 | 回复：0
CVE漏洞

CVE-2021-21648

Jenkins Credentials Plugin 2.3.18 and earlier does not escape user-controlled information on a view it provides, resulting in a reflected cross-site scripting (XSS) vulnerability.……

作者：菜鸟教程小白 | 时间：2022-2-5 10:41 | 阅读：24 | 回复：0