• 设为首页
  • 点击收藏
  • 手机版
    手机扫一扫访问
    迪恩网络手机版
  • 关注官方公众号
    微信扫一扫关注
    迪恩网络公众号
登陆 注册
描述文字
OGeek|极客世界-中国程序员成长平台 门户 漏洞

漏洞

RSS

下级分类:

  • CVE-2020-6641
    CVE漏洞
    CVE-2020-6641
    Two authorization bypass through user-controlled key vulnerabilities in the Fortinet FortiPresence 2.1.0 administration interface may allow an attacker to gain access to some user data via portal mana ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:41 | 阅读:32 | 回复:0
  • CVE-2020-10743
    CVE漏洞
    CVE-2020-10743
    It was discovered that OpenShift Container Platform's (OCP) distribution of Kibana could open in an iframe, which made it possible to intercept and manipulate requests. This flaw allows an attacke ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:41 | 阅读:33 | 回复:0
  • CVE-2020-10742
    CVE漏洞
    CVE-2020-10742
    A flaw was found in the Linux kernel. An index buffer overflow during Direct IO write leading to the NFS client to crash. In some cases, a reach out of the index after one memory allocation by kmalloc ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:41 | 阅读:27 | 回复:0
  • CVE-2021-29089
    CVE漏洞
    CVE-2021-29089
    Improper neutralization of special elements used in an SQL command ('SQL Injection') vulnerability in thumbnail component in Synology Photo Station before 6.8.14-3500 allows remote attackers u ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:41 | 阅读:30 | 回复:0
  • CVE-2021-29091
    CVE漏洞
    CVE-2021-29091
    Improper limitation of a pathname to a restricted directory ('Path Traversal') vulnerability in file management component in Synology Photo Station before 6.8.14-3500 allows remote authenticat ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:41 | 阅读:31 | 回复:0
  • CVE-2021-29090
    CVE漏洞
    CVE-2021-29090
    Improper neutralization of special elements used in an SQL command ('SQL Injection') vulnerability in PHP component in Synology Photo Station before 6.8.14-3500 allows remote authenticated use ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:41 | 阅读:34 | 回复:0
  • CVE-2021-32657
    CVE漏洞
    CVE-2021-32657
    Nextcloud Server is a Nextcloud package that handles data storage. In versions of Nextcloud Server prior to 10.0.11, 20.0.10, and 21.0.2, a malicious user may be able to break the user administration ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:41 | 阅读:22 | 回复:0
  • CVE-2021-32656
    CVE漏洞
    CVE-2021-32656
    Nextcloud Server is a Nextcloud package that handles data storage. A vulnerability in federated share exists in versions prior to 19.0.11, 20.0.10, and 21.0.2. An attacker can gain access to basic inf ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:41 | 阅读:26 | 回复:0
  • CVE-2021-32655
    CVE漏洞
    CVE-2021-32655
    Nextcloud Server is a Nextcloud package that handles data storage. In versions prior to 19.0.11, 20.0.10, and 21.0.2, an attacker is able to convert a Files Drop link to a federated share. This causes ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:41 | 阅读:33 | 回复:0
  • CVE-2021-32654
    CVE漏洞
    CVE-2021-32654
    Nextcloud Server is a Nextcloud package that handles data storage. In versions prior to 19.0.11, 20.0.10, and 21.0.2, an attacker is able to receive write/read privileges on any Federated File Share. ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:41 | 阅读:27 | 回复:0
  • CVE-2020-22044
    CVE漏洞
    CVE-2020-22044
    A Denial of Service vulnerability exists in FFmpeg 4.2 due to a memory leak in the url_open_dyn_buf_internal function in libavformat/aviobuf.c.……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:41 | 阅读:35 | 回复:0
  • CVE-2021-3425
    CVE漏洞
    CVE-2021-3425
    A flaw was found in the AMQ Broker that discloses JDBC encrypted usernames and passwords when provided in the AMQ Broker application logfile when using the jdbc persistence functionality. Versions shi ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:41 | 阅读:31 | 回复:0
  • CVE-2021-32653
    CVE漏洞
    CVE-2021-32653
    Nextcloud Server is a Nextcloud package that handles data storage. Nextcloud Server versions prior to 19.0.11, 20.0.10, or 21.0.2 send user IDs to the lookup server even if the user has no fields set ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:41 | 阅读:34 | 回复:0
  • CVE-2021-31684
    CVE漏洞
    CVE-2021-31684
    A vulnerability was discovered in the indexOf function of JSONParserByteArray in JSON Smart versions 1.3 and 2.4 which causes a denial of service (DOS) via a crafted web request.……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:41 | 阅读:28 | 回复:0
  • CVE-2021-26111
    CVE漏洞
    CVE-2021-26111
    A missing release of memory after effective lifetime vulnerability in FortiSwitch 6.4.0 to 6.4.6, 6.2.0 to 6.2.6, 6.0.0 to 6.0.6, 3.6.11 and below may allow an attacker on an adjacent network to exhau ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:41 | 阅读:34 | 回复:0
  • CVE-2021-22123
    CVE漏洞
    CVE-2021-22123
    An OS command injection vulnerability in FortiWeb's management interface 6.3.7 and below, 6.2.3 and below, 6.1.x, 6.0.x, 5.9.x may allow a remote authenticated attacker to execute arbitrary comman ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:41 | 阅读:32 | 回复:0
  • CVE-2020-22043
    CVE漏洞
    CVE-2020-22043
    A Denial of Service vulnerability exists in FFmpeg 4.2 due to a memory leak at the fifo_alloc_common function in libavutil/fifo.c.……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:41 | 阅读:24 | 回复:0
  • CVE-2020-22042
    CVE漏洞
    CVE-2020-22042
    A Denial of Service vulnerability exists in FFmpeg 4.2 due to a memory leak is affected by: memory leak in the link_filter_inouts function in libavfilter/graphparser.c.……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:41 | 阅读:37 | 回复:0
  • CVE-2020-22041
    CVE漏洞
    CVE-2020-22041
    A Denial of Service vulnerability exists in FFmpeg 4.2 due to a memory leak in the av_buffersrc_add_frame_flags function in buffersrc.……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:41 | 阅读:27 | 回复:0
  • CVE-2020-22040
    CVE漏洞
    CVE-2020-22040
    A Denial of Service vulnerability exists in FFmpeg 4.2 idue to a memory leak in the v_frame_alloc function in frame.c.……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:41 | 阅读:26 | 回复:0
  • CVE-2020-22039
    CVE漏洞
    CVE-2020-22039
    A Denial of Service vulnerability exists in FFmpeg 4.2 due to a memory leak in the inavi_add_ientry function.……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:41 | 阅读:23 | 回复:0
  • CVE-2020-22038
    CVE漏洞
    CVE-2020-22038
    A Denial of Service vulnerability exists in FFmpeg 4.2 due to a memory leak in the ff_v4l2_m2m_create_context function in v4l2_m2m.c.……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:41 | 阅读:28 | 回复:0
  • CVE-2020-22037
    CVE漏洞
    CVE-2020-22037
    A Denial of Service vulnerability exists in FFmpeg 4.2 due to a memory leak in avcodec_alloc_context3 at options.c.……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:41 | 阅读:29 | 回复:0
  • CVE-2021-3424
    CVE漏洞
    CVE-2021-3424
    A flaw was found in keycloak as shipped in Red Hat Single Sign-On 7.4 where IDN homograph attacks are possible. A malicious user can register himself with a name already registered and trick admin to ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:41 | 阅读:32 | 回复:0
  • CVE-2021-32652
    CVE漏洞
    CVE-2021-32652
    Nextcloud Mail is a mail app for the Nextcloud platform. A missing permission check in Nextcloud Mail before 1.4.3 and 1.8.2 allows another authenticated users to access mail metadata of other users. ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:41 | 阅读:27 | 回复:0
  • CVE-2020-22036
    CVE漏洞
    CVE-2020-22036
    A heap-based Buffer Overflow vulnerability exists in FFmpeg 4.2 in filter_intra at libavfilter/vf_bwdif.c, which might lead to memory corruption and other potential consequences.……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:41 | 阅读:22 | 回复:0
  • CVE-2020-22035
    CVE漏洞
    CVE-2020-22035
    A heap-based Buffer Overflow vulnerability exists in FFmpeg 4.2 in get_block_row at libavfilter/vf_bm3d.c, which might lead to memory corruption and other potential consequences.……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:41 | 阅读:35 | 回复:0
  • CVE-2021-32924
    CVE漏洞
    CVE-2021-32924
    Invision Community (aka IPS Community Suite) before 4.6.0 allows eval-based PHP code injection by a moderator because the IPS\cms\modules\front\pages\_builder::previewBlock method interacts unsafely w ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:41 | 阅读:24 | 回复:0
  • CVE-2021-32651
    CVE漏洞
    CVE-2021-32651
    OneDev is a development operations platform. If the LDAP external authentication mechanism is enabled in OneDev versions 4.4.1 and prior, an attacker can manipulate a user search filter to send forged ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:41 | 阅读:31 | 回复:0
  • CVE-2021-31643
    CVE漏洞
    CVE-2021-31643
    An XSS vulnerability exists in several IoT devices from CHIYU Technology, including SEMAC, Biosense, BF-630, BF-631, and Webpass due to a lack of sanitization on the component if.cgi - username parame ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:41 | 阅读:26 | 回复:0
  • CVE-2021-31642
    CVE漏洞
    CVE-2021-31642
    A denial of service condition exists after an integer overflow in several IoT devices from CHIYU Technology, including BIOSENSE, Webpass, and BF-630, BF-631, and SEMAC. The vulnerability can be explor ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:41 | 阅读:37 | 回复:0
  • CVE-2021-31641
    CVE漏洞
    CVE-2021-31641
    An unauthenticated XSS vulnerability exists in several IoT devices from CHIYU Technology, including BF-630, BF-450M, BF-430, BF-431, BF631-W, BF830-W, Webpass, BF-MINI-W, and SEMAC due to a lack of sa ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:41 | 阅读:39 | 回复:0
  • CVE-2020-27377
    CVE漏洞
    CVE-2020-27377
    A cross-site scripting (XSS) vulnerability was discovered in the Administrator panel on the 'Setting News' module on CMS Made Simple 2.2.14 which allows an attacker to execute arbitrary web sc ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:41 | 阅读:39 | 回复:0
  • CVE-2020-26693
    CVE漏洞
    CVE-2020-26693
    A stored cross-site scripting (XSS) vulnerability was discovered in pfSense 2.4.5-p1 which allows an authenticated attacker to execute arbitrary web scripts via exploitation of the load_balancer_monit ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:41 | 阅读:36 | 回复:0
  • CVE-2020-26670
    CVE漏洞
    CVE-2020-26670
    A vulnerability has been discovered in BigTree CMS 4.4.10 and earlier which allows an authenticated attacker to execute arbitrary commands through a crafted request sent to the server via the 'Cre ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:41 | 阅读:26 | 回复:0
  • CVE-2020-26669
    CVE漏洞
    CVE-2020-26669
    A stored cross-site scripting (XSS) vulnerability was discovered in BigTree CMS 4.4.10 and earlier which allows an authenticated attacker to execute arbitrary web scripts or HTML via the page content ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:41 | 阅读:23 | 回复:0
  • CVE-2020-26668
    CVE漏洞
    CVE-2020-26668
    A SQL injection vulnerability was discovered in /core/feeds/custom.php in BigTree CMS 4.4.10 and earlier which allows an authenticated attacker to inject a malicious SQL query to the applications via ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:41 | 阅读:32 | 回复:0
  • CVE-2020-17541
    CVE漏洞
    CVE-2020-17541
    Libjpeg-turbo all version have a stack-based buffer overflow in the transform component. A remote attacker can send a malformed jpeg file to the service and cause arbitrary code execution or denial of ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:41 | 阅读:24 | 回复:0
  • CVE-2021-3543
    CVE漏洞
    CVE-2021-3543
    A flaw null pointer dereference in the Nitro Enclaves kernel driver was found in the way that Enclaves VMs forces closures on the enclave file descriptor. A local user of a host machine could use this ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:41 | 阅读:29 | 回复:0
  • CVE-2021-3516
    CVE漏洞
    CVE-2021-3516
    There's a flaw in libxml2's xmllint in versions before 2.9.11. An attacker who is able to submit a crafted file to be processed by xmllint could trigger a use-after-free. The greatest impact o ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:41 | 阅读:35 | 回复:0

关注我们

极客给你想要的成长

关注极客中国获取最新资讯

加入Q群 官方微博
热门推荐
More+
专题导读
More+
热门话题
More+
阅读排行榜

扫描微信二维码

查看手机版网站

随时了解更新最新资讯

139-2527-9053

在线客服(服务时间 9:00~18:00)

在线QQ客服
地址:深圳市南山区西丽大学城创智工业园
电邮:jeky_zhao#qq.com
移动电话:139-2527-9053

Powered by 互联科技 X3.4© 2001-2213 极客世界.|Sitemap