• 设为首页
  • 点击收藏
  • 手机版
    手机扫一扫访问
    迪恩网络手机版
  • 关注官方公众号
    微信扫一扫关注
    迪恩网络公众号
登陆 注册
描述文字
OGeek|极客世界-中国程序员成长平台 门户 漏洞

漏洞

RSS

下级分类:

  • CVE-2020-15153
    CVE漏洞
    CVE-2020-15153
    Ampache before version 4.2.2 allows unauthenticated users to perform SQL injection. Refer to the referenced GitHub Security Advisory for details and a workaround. This is fixed in version 4.2.2 and th ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:40 | 阅读:23 | 回复:0
  • CVE-2020-27519
    CVE漏洞
    CVE-2020-27519
    Pritunl Client v1.2.2550.20 contains a local privilege escalation vulnerability in the pritunl-service component. The attack vector is: malicious openvpn config. A local attacker could leverage the lo ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:40 | 阅读:26 | 回复:0
  • CVE-2021-31232
    CVE漏洞
    CVE-2021-31232
    The Alertmanager in CNCF Cortex before 1.8.1 has a local file disclosure vulnerability when -experimental.alertmanager.enable-api is used. The HTTP basic auth password_file can be used as an attack ve ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:40 | 阅读:21 | 回复:0
  • CVE-2021-31231
    CVE漏洞
    CVE-2021-31231
    The Alertmanager in Grafana Enterprise Metrics before 1.2.1 and Metrics Enterprise 1.2.1 has a local file disclosure vulnerability when experimental.alertmanager.enable-api is used. The HTTP basic aut ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:40 | 阅读:29 | 回复:0
  • CVE-2021-28959
    CVE漏洞
    CVE-2021-28959
    Zoho ManageEngine Eventlog Analyzer through 12147 is vulnerable to unauthenticated directory traversal via an entry in a ZIP archive. This leads to remote code execution.……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:40 | 阅读:22 | 回复:0
  • CVE-2021-20266
    CVE漏洞
    CVE-2021-20266
    A flaw was found in RPM's hdrblobInit() in lib/header.c. This flaw allows an attacker who can modify the rpmdb to cause an out-of-bounds read. The highest threat from this vulnerability is to syst ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:40 | 阅读:34 | 回复:0
  • CVE-2020-24918
    CVE漏洞
    CVE-2020-24918
    A buffer overflow in the RTSP service of the Ambarella Oryx RTSP Server 2020-01-07 allows an unauthenticated attacker to send a crafted RTSP request, with a long digest authentication header, to execu ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:40 | 阅读:32 | 回复:0
  • CVE-2020-1721
    CVE漏洞
    CVE-2020-1721
    A flaw was found in the Key Recovery Authority (KRA) Agent Service in pki-core 10.10.5 where it did not properly sanitize the recovery ID during a key recovery request, enabling a reflected cross-site ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:40 | 阅读:33 | 回复:0
  • CVE-2021-26807
    CVE漏洞
    CVE-2021-26807
    GalaxyClient version 2.0.28.9 loads unsigned DLLs such as zlib1.dll, libgcc_s_dw2-1.dll and libwinpthread-1.dll from PATH, which allows an attacker to potentially run code locally through unsigned DLL ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:40 | 阅读:26 | 回复:0
  • CVE-2021-20326
    CVE漏洞
    CVE-2021-20326
    A user authorized to performing a specific type of find query may trigger a denial of service. This issue affects: MongoDB Inc. MongoDB Server v4.4 versions prior to 4.4.4.……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:40 | 阅读:25 | 回复:0
  • CVE-2021-31873
    CVE漏洞
    CVE-2021-31873
    An issue was discovered in klibc before 2.0.9. Additions in the malloc() function may result in an integer overflow and a subsequent heap buffer overflow.……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:40 | 阅读:31 | 回复:0
  • CVE-2021-31872
    CVE漏洞
    CVE-2021-31872
    An issue was discovered in klibc before 2.0.9. Multiple possible integer overflows in the cpio command on 32-bit systems may result in a buffer overflow or other security impact.……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:40 | 阅读:28 | 回复:0
  • CVE-2021-31871
    CVE漏洞
    CVE-2021-31871
    An issue was discovered in klibc before 2.0.9. An integer overflow in the cpio command may result in a NULL pointer dereference on 64-bit systems.……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:40 | 阅读:18 | 回复:0
  • CVE-2021-31870
    CVE漏洞
    CVE-2021-31870
    An issue was discovered in klibc before 2.0.9. Multiplication in the calloc() function may result in an integer overflow and a subsequent heap buffer overflow.……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:40 | 阅读:33 | 回复:0
  • CVE-2021-31919
    CVE漏洞
    CVE-2021-31919
    An issue was discovered in the rkyv crate before 0.6.0 for Rust. When an archive is created via serialization, the archive content may contain uninitialized values of certain parts of a struct.……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:40 | 阅读:26 | 回复:0
  • CVE-2020-18070
    CVE漏洞
    CVE-2020-18070
    Path Traversal in iCMS v7.0.13 allows remote attackers to delete folders by injecting commands into a crafted HTTP request to the do_del() method of the component database.admincp.php.……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:40 | 阅读:25 | 回复:0
  • CVE-2020-18035
    CVE漏洞
    CVE-2020-18035
    Cross Site Scripting (XSS) in Jeesns v1.4.2 allows remote attackers to execute arbitrary code by injecting commands into the CKEditorFuncNum parameter in the component CkeditorUploadController.java.……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:40 | 阅读:37 | 回复:0
  • CVE-2021-29484
    CVE漏洞
    CVE-2021-29484
    Ghost is a Node.js CMS. An unused endpoint added during the development of 4.0.0 has left sites vulnerable to untrusted users gaining access to Ghost Admin. Attackers can gain access by getting logged ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:40 | 阅读:28 | 回复:0
  • CVE-2021-29468
    CVE漏洞
    CVE-2021-29468
    Cygwin Git is a patch set for the git command line tool for the cygwin environment. A specially crafted repository that contains symbolic links as well as files with backslash characters in the file n ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:40 | 阅读:26 | 回复:0
  • CVE-2020-15225
    CVE漏洞
    CVE-2020-15225
    django-filter is a generic system for filtering Django QuerySets based on user selections. In django-filter before version 2.4.0, automatically generated `NumberFilter` instances, whose value was late ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:40 | 阅读:27 | 回复:0
  • CVE-2021-1087
    CVE漏洞
    CVE-2021-1087
    NVIDIA vGPU driver contains a vulnerability in the Virtual GPU Manager (vGPU plugin), which could allow an attacker to retrieve information that could lead to a Address Space Layout Randomization (ASL ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:40 | 阅读:40 | 回复:0
  • CVE-2021-1086
    CVE漏洞
    CVE-2021-1086
    NVIDIA vGPU driver contains a vulnerability in the Virtual GPU Manager (vGPU plugin) where it allows guests to control unauthorized resources, which may lead to integrity and confidentiality loss or i ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:40 | 阅读:33 | 回复:0
  • CVE-2021-1085
    CVE漏洞
    CVE-2021-1085
    NVIDIA vGPU driver contains a vulnerability in the Virtual GPU Manager (vGPU plugin), where there is the potential to write to a shared memory location and manipulate the data after the data has been ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:40 | 阅读:24 | 回复:0
  • CVE-2021-1084
    CVE漏洞
    CVE-2021-1084
    NVIDIA vGPU driver contains a vulnerability in the guest kernel mode driver and Virtual GPU Manager (vGPU plugin), in which an input length is not validated, which may lead to information disclosure, ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:40 | 阅读:23 | 回复:0
  • CVE-2021-1083
    CVE漏洞
    CVE-2021-1083
    NVIDIA vGPU software contains a vulnerability in the guest kernel mode driver and Virtual GPU Manager (vGPU plugin), in which an input length is not validated, which may lead to information disclosure ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:40 | 阅读:36 | 回复:0
  • CVE-2021-1082
    CVE漏洞
    CVE-2021-1082
    NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager (vGPU plugin), in which an input length is not validated, which may lead to information disclosure, tampering of data, or denia ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:40 | 阅读:28 | 回复:0
  • CVE-2021-1081
    CVE漏洞
    CVE-2021-1081
    NVIDIA vGPU software contains a vulnerability in the guest kernel mode driver and Virtual GPU manager (vGPU plugin), in which an input length is not validated, which may lead to information disclosure ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:40 | 阅读:18 | 回复:0
  • CVE-2021-1080
    CVE漏洞
    CVE-2021-1080
    NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager (vGPU plugin), in which certain input data is not validated, which may lead to information disclosure, tampering of data, or de ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:40 | 阅读:23 | 回复:0
  • CVE-2020-22808
    CVE漏洞
    CVE-2020-22808
    An issue was found in yii2_fecshop 2.x. There is a reflected XSS vulnerability in the check cart page.……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:40 | 阅读:36 | 回复:0
  • CVE-2020-22807
    CVE漏洞
    CVE-2020-22807
    An issue was dicovered in vtiger crm 7.2. Union sql injection in the calendar exportdata feature.……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:40 | 阅读:23 | 回复:0
  • CVE-2021-21388
    CVE漏洞
    CVE-2021-21388
    systeminformation is an open source system and OS information library for node.js. A command injection vulnerability has been discovered in versions of systeminformation prior to 5.6.4. The issue has ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:40 | 阅读:33 | 回复:0
  • CVE-2021-1504
    CVE漏洞
    CVE-2021-1504
    Multiple vulnerabilities in Cisco Adaptive Security Appliance (ASA) Software and Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (D ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:40 | 阅读:32 | 回复:0
  • CVE-2021-1501
    CVE漏洞
    CVE-2021-1501
    A vulnerability in the SIP inspection engine of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to ca ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:40 | 阅读:31 | 回复:0
  • CVE-2021-1495
    CVE漏洞
    CVE-2021-1495
    Multiple Cisco products are affected by a vulnerability in the Snort detection engine that could allow an unauthenticated, remote attacker to bypass a configured file policy for HTTP. The vulnerabilit ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:40 | 阅读:29 | 回复:0
  • CVE-2021-1493
    CVE漏洞
    CVE-2021-1493
    A vulnerability in the web services interface of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, remote attacker to cau ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:40 | 阅读:26 | 回复:0
  • CVE-2021-1489
    CVE漏洞
    CVE-2021-1489
    A vulnerability in filesystem usage management for Cisco Firepower Device Manager (FDM) Software could allow an authenticated, remote attacker to exhaust filesystem resources, resulting in a denial of ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:40 | 阅读:30 | 回复:0
  • CVE-2021-1488
    CVE漏洞
    CVE-2021-1488
    A vulnerability in the upgrade process of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local attacker to inject comm ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:40 | 阅读:39 | 回复:0
  • CVE-2021-1477
    CVE漏洞
    CVE-2021-1477
    A vulnerability in an access control mechanism of Cisco Firepower Management Center (FMC) Software could allow an authenticated, remote attacker to access services beyond the scope of their authorizat ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:40 | 阅读:28 | 回复:0
  • CVE-2021-1476
    CVE漏洞
    CVE-2021-1476
    A vulnerability in the CLI of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local attacker to execute arbitrary comma ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:40 | 阅读:29 | 回复:0
  • CVE-2021-1458
    CVE漏洞
    CVE-2021-1458
    Multiple vulnerabilities in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XS ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:40 | 阅读:29 | 回复:0

关注我们

极客给你想要的成长

关注极客中国获取最新资讯

加入Q群 官方微博
热门推荐
More+
专题导读
More+
热门话题
More+
阅读排行榜

扫描微信二维码

查看手机版网站

随时了解更新最新资讯

139-2527-9053

在线客服(服务时间 9:00~18:00)

在线QQ客服
地址:深圳市南山区西丽大学城创智工业园
电邮:jeky_zhao#qq.com
移动电话:139-2527-9053

Powered by 互联科技 X3.4© 2001-2213 极客世界.|Sitemap