漏洞 - 第817页-OGeek|极客世界-中国程序员成长平台

OGeek|极客世界-中国程序员成长平台 › 门户 ›漏洞

漏洞

RSS

下级分类:

CVE漏洞

CVE-2021-20576

IBM Security Verify Access 20.07 could allow a remote attacker to send a specially crafted HTTP GET request that could cause the application to crash.……

作者：菜鸟教程小白 | 时间：2022-2-5 10:41 | 阅读：18 | 回复：0
CVE漏洞

CVE-2021-20575

IBM Security Verify Access 20.07 allows web pages to be stored locally which can be read by another user on the system. X-Force ID: 199278.……

作者：菜鸟教程小白 | 时间：2022-2-5 10:41 | 阅读：14 | 回复：0
CVE漏洞

CVE-2021-20306

A flaw was found in the BPMN editor in version jBPM 7.51.0.Final. Any authenticated user from any project can see the name of Ruleflow Groups from other projects, despite the user not having access to ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:41 | 阅读：9 | 回复：0
CVE漏洞

CVE-2020-4561

IBM Cognos Analytics 11.0 and 11.1 DQM API allows submitting of all control requests in unauthenticated sessions. This allows a remote attacker who can access a valid CA endpoint to read and write fil ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:41 | 阅读：20 | 回复：0
CVE漏洞

CVE-2020-4520

IBM Cognos Analytics 11.0 and 11.1 could allow a remote attacker to inject malicious HTML code that when viewed by the authenticated victim would execute the code. IBM X-Force ID: 182395.……

作者：菜鸟教程小白 | 时间：2022-2-5 10:41 | 阅读：15 | 回复：0
CVE漏洞

CVE-2021-31935

OX App Suite 7.10.4 and earlier allows XSS via a crafted distribution list (payload in the common name) that is mishandled in the scheduling view.……

作者：菜鸟教程小白 | 时间：2022-2-5 10:40 | 阅读：98 | 回复：0
CVE漏洞

CVE-2021-31934

OX App Suite 7.10.4 and earlier allows XSS via a crafted contact object (payload in the position or company field) that is mishandled in the App Suite UI on a smartphone.……

作者：菜鸟教程小白 | 时间：2022-2-5 10:40 | 阅读：89 | 回复：0
CVE漏洞

CVE-2021-31792

XSS in the client account page in SuiteCRM before 7.11.19 allows an attacker to inject JavaScript via the name field……

作者：菜鸟教程小白 | 时间：2022-2-5 10:40 | 阅读：83 | 回复：0
CVE漏洞

CVE-2020-28944

OX Guard 2.10.4 and earlier allows a Denial of Service via a WKS server that responds slowly or with a large amount of data.……

作者：菜鸟教程小白 | 时间：2022-2-5 10:40 | 阅读：53 | 回复：0
CVE漏洞

CVE-2020-28943

OX App Suite 7.10.4 and earlier allows SSRF via a snippet.……

作者：菜鸟教程小白 | 时间：2022-2-5 10:40 | 阅读：65 | 回复：0
CVE漏洞

CVE-2021-31933

A remote code execution vulnerability exists in Chamilo through 1.11.14 due to improper input sanitization of a parameter used for file uploads, and improper file-extension filtering for certain filen ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:40 | 阅读：60 | 回复：0
CVE漏洞

CVE-2021-21547

Dell EMC Unity, UnityVSA, and Unity XT versions prior to 5.0.7.0.5.008 contain a plain-text password storage vulnerability when the Dell Upgrade Readiness Utility is run on the system. The credentials ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:40 | 阅读：62 | 回复：0
CVE漏洞

CVE-2021-21544

Dell EMC iDRAC9 versions prior to 4.40.00.00 contain an improper authentication vulnerability. A remote authenticated malicious user with high privileges could potentially exploit this vulnerability t ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:40 | 阅读：51 | 回复：0
CVE漏洞

CVE-2021-21543

Dell EMC iDRAC9 versions prior to 4.40.00.00 contain multiple stored cross-site scripting vulnerabilities. A remote authenticated malicious user with high privileges could potentially exploit these vu ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:40 | 阅读：46 | 回复：0
CVE漏洞

CVE-2021-21542

Dell EMC iDRAC9 versions prior to 4.40.10.00 contain multiple stored cross-site scripting vulnerabilities. A remote authenticated malicious user with high privileges could potentially exploit these vu ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:40 | 阅读：53 | 回复：0
CVE漏洞

CVE-2021-21541

Dell EMC iDRAC9 versions prior to 4.40.00.00 contain a DOM-based cross-site scripting vulnerability. A remote unauthenticated attacker could potentially exploit this vulnerability by tricking a victim ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:40 | 阅读：44 | 回复：0
CVE漏洞

CVE-2021-21540

Dell EMC iDRAC9 versions prior to 4.40.00.00 contain a stack-based overflow vulnerability. A remote authenticated attacker could potentially exploit this vulnerability to overwrite configuration infor ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:40 | 阅读：36 | 回复：0
CVE漏洞

CVE-2021-21539

Dell EMC iDRAC9 versions prior to 4.40.00.00 contain a Time-of-check Time-of-use (TOCTOU) race condition vulnerability. A remote authenticated attacker could potentially exploit this vulnerability to ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:40 | 阅读：49 | 回复：0
CVE漏洞

CVE-2021-21531

Dell Unisphere for PowerMax versions prior to 9.2.1.6 contain an Authorization Bypass Vulnerability. A local authenticated malicious user with monitor role may exploit this vulnerability to perform un ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:40 | 阅读：25 | 回复：0
CVE漏洞

CVE-2021-21530

Dell OpenManage Enterprise-Modular (OME-M) versions prior to 1.30.00 contain a security bypass vulnerability. An authenticated malicious user with low privileges may potentially exploit the vulnerabil ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:40 | 阅读：31 | 回复：0
CVE漏洞

CVE-2021-21507

Dell EMC Networking X-Series firmware versions prior to 3.0.1.8 and Dell EMC PowerEdge VRTX Switch Module firmware versions prior to 2.0.0.82 contain a Weak Password Encryption Vulnerability. A remote ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:40 | 阅读：32 | 回复：0
CVE漏洞

CVE-2021-21233

Heap buffer overflow in ANGLE in Google Chrome on Windows prior to 90.0.4430.93 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.……

作者：菜鸟教程小白 | 时间：2022-2-5 10:40 | 阅读：29 | 回复：0
CVE漏洞

CVE-2021-21232

Use after free in Dev Tools in Google Chrome prior to 90.0.4430.93 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.……

作者：菜鸟教程小白 | 时间：2022-2-5 10:40 | 阅读：36 | 回复：0
CVE漏洞

CVE-2021-21231

Insufficient data validation in V8 in Google Chrome prior to 90.0.4430.93 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.……

作者：菜鸟教程小白 | 时间：2022-2-5 10:40 | 阅读：22 | 回复：0
CVE漏洞

CVE-2021-21230

Type confusion in V8 in Google Chrome prior to 90.0.4430.93 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.……

作者：菜鸟教程小白 | 时间：2022-2-5 10:40 | 阅读：23 | 回复：0
CVE漏洞

CVE-2021-21229

Incorrect security UI in downloads in Google Chrome on Android prior to 90.0.4430.93 allowed a remote attacker to perform domain spoofing via a crafted HTML page.……

作者：菜鸟教程小白 | 时间：2022-2-5 10:40 | 阅读：24 | 回复：0
CVE漏洞

CVE-2021-21228

Insufficient policy enforcement in extensions in Google Chrome prior to 90.0.4430.93 allowed an attacker who convinced a user to install a malicious extension to bypass navigation restrictions via a c ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:40 | 阅读：19 | 回复：0
CVE漏洞

CVE-2021-21227

Insufficient data validation in V8 in Google Chrome prior to 90.0.4430.93 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.……

作者：菜鸟教程小白 | 时间：2022-2-5 10:40 | 阅读：34 | 回复：0
CVE漏洞

CVE-2020-18084

Cross Site Scripting (XSS) in yzmCMS v5.2 allows remote attackers to execute arbitrary code by injecting commands into the referer field of a POST request to the component /member/index/login.html whe ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:40 | 阅读：27 | 回复：0
CVE漏洞

CVE-2021-31926

AMP Application Deployment Service in CubeCoders AMP 2.1.x before 2.1.1.2 allows a remote, authenticated user to open ports in the local system firewall by crafting an HTTP(S) request directly to the ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:40 | 阅读：35 | 回复：0
CVE漏洞

CVE-2021-29464

Exiv2 is a command-line utility and C++ library for reading, writing, deleting, and modifying the metadata of image files. A heap buffer overflow was found in Exiv2 versions v0.27.3 and earlier. The h ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:40 | 阅读：24 | 回复：0
CVE漏洞

CVE-2021-29463

Exiv2 is a command-line utility and C++ library for reading, writing, deleting, and modifying the metadata of image files. An out-of-bounds read was found in Exiv2 versions v0.27.3 and earlier. The ou ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:40 | 阅读：32 | 回复：0
CVE漏洞

CVE-2021-29486

cumulative-distribution-function is an open source npm library used which calculates statistical cumulative distribution function from data array of x values. In versions prior to 2.0.0 apps using thi ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:40 | 阅读：22 | 回复：0
CVE漏洞

CVE-2021-21537

Dell Hybrid Client versions prior to 1.5 contain an information exposure vulnerability. A local unauthenticated attacker may exploit this vulnerability in order to view and exfiltrate sensitive inform ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:40 | 阅读：17 | 回复：0
CVE漏洞

CVE-2021-21536

Dell Hybrid Client versions prior to 1.5 contain an information exposure vulnerability. A local unauthenticated attacker may exploit this vulnerability in order to register the client to a server in o ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:40 | 阅读：30 | 回复：0
CVE漏洞

CVE-2021-21535

Dell Hybrid Client versions prior to 1.5 contain a missing authentication for a critical function vulnerability. A local unauthenticated attacker may exploit this vulnerability in order to gain root l ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:40 | 阅读：24 | 回复：0
CVE漏洞

CVE-2021-21534

Dell Hybrid Client versions prior to 1.5 contain an information exposure vulnerability. A local unauthenticated attacker may exploit this vulnerability in order to gain access to sensitive information ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:40 | 阅读：27 | 回复：0
CVE漏洞

CVE-2021-20515

IBM Informix Dynamic Server 14.10 is vulnerable to a stack based buffer overflow, caused by improper bounds checking. A local privileged user could overflow a buffer and execute arbitrary code on the ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:40 | 阅读：25 | 回复：0
CVE漏洞

CVE-2020-7731

This affects all versions of package github.com/russellhaering/gosaml2. There is a crash on nil-pointer dereference caused by sending malformed XML signatures.……

作者：菜鸟教程小白 | 时间：2022-2-5 10:40 | 阅读：31 | 回复：0
CVE漏洞

CVE-2020-4039

SUSI.AI is an intelligent Open Source personal assistant. SUSI.AI Server before version d27ed0f has a directory traversal vulnerability due to insufficient input validation. Any admin config and file ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:40 | 阅读：20 | 回复：0