• 设为首页
  • 点击收藏
  • 手机版
    手机扫一扫访问
    迪恩网络手机版
  • 关注官方公众号
    微信扫一扫关注
    迪恩网络公众号
登陆 注册
描述文字
OGeek|极客世界-中国程序员成长平台 门户 漏洞

漏洞

RSS

下级分类:

  • CVE-2020-27748
    CVE漏洞
    CVE-2020-27748
    A flaw was found in the xdg-email component of xdg-utils-1.1.0-rc1 and newer. When handling mailto: URIs, xdg-email allows attachments to be discreetly added via the URI when being passed to Thunderbi ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:40 | 阅读:14 | 回复:0
  • CVE-2020-1920
    CVE漏洞
    CVE-2020-1920
    A regular expression denial of service (ReDoS) vulnerability in the validateBaseUrl function can cause the application to use excessive resources, become unresponsive, or crash. This was introduced in ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:40 | 阅读:11 | 回复:0
  • CVE-2019-4730
    CVE漏洞
    CVE-2019-4730
    IBM Cognos Analytics 11.0 and 11.1 is vulnerable to an XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive infor ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:40 | 阅读:18 | 回复:0
  • CVE-2019-4724
    CVE漏洞
    CVE-2019-4724
    IBM Cognos Analytics 11.0 and 11.1 could allow a remote attacker to obtain credentials from a user's browser via incorrect autocomplete settings in New Content Backup page. IBM X-Force ID: 172130. ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:40 | 阅读:13 | 回复:0
  • CVE-2019-4723
    CVE漏洞
    CVE-2019-4723
    IBM Cognos Analytics 11.0 and 11.1 could allow a remote attacker to obtain credentials from a user's browser via incorrect autocomplete settings in New Data Server Connection page. IBM X-Force ID: ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:40 | 阅读:18 | 回复:0
  • CVE-2019-4722
    CVE漏洞
    CVE-2019-4722
    IBM Cognos Analytics 11.0 and 11.1 could allow a remote attacker to obtain sensitive information via a stack trace due to mishandling of certain error conditions. IBM X-Force ID: 172128.……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:40 | 阅读:36 | 回复:0
  • CVE-2019-4653
    CVE漏洞
    CVE-2019-4653
    IBM Cognos Analytics 11.0 and 11.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality pote ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:40 | 阅读:29 | 回复:0
  • CVE-2019-4471
    CVE漏洞
    CVE-2019-4471
    IBM Cognos Analytics 11.0 and 11.1 could allow a remote attacker to obtain sensitive information, caused by the failure to set the secure flag for a sensitive cookie in an HTTPS session. A remote atta ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:40 | 阅读:20 | 回复:0
  • CVE-2021-23021
    CVE漏洞
    CVE-2021-23021
    The Nginx Controller 3.x before 3.7.0 agent configuration file /etc/controller-agent/agent.conf is world readable with current permission bits set to 644.……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:40 | 阅读:24 | 回复:0
  • CVE-2021-23020
    CVE漏洞
    CVE-2021-23020
    The NAAS 3.x before 3.10.0 API keys were generated using an insecure pseudo-random string and hashing algorithm which could lead to predictable keys.……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:40 | 阅读:18 | 回复:0
  • CVE-2021-23019
    CVE漏洞
    CVE-2021-23019
    The NGINX Controller 2.0.0 thru 2.9.0 and 3.x before 3.15.0 Administrator password may be exposed in the systemd.txt file that is included in the NGINX support package.……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:40 | 阅读:19 | 回复:0
  • CVE-2021-23017
    CVE漏洞
    CVE-2021-23017
    A security issue in nginx resolver was identified, which might allow an attacker who is able to forge UDP packets from the DNS server to cause 1-byte memory overwrite, resulting in worker process cras ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:40 | 阅读:14 | 回复:0
  • CVE-2021-27828
    CVE漏洞
    CVE-2021-27828
    SQL injection in In4Suite ERP 3.2.74.1370 allows attackers to modify or delete data, causing persistent changes to the application's content or behavior by using malicious SQL queries.……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:40 | 阅读:25 | 回复:0
  • CVE-2021-25932
    CVE漏洞
    CVE-2021-25932
    In OpenNMS Horizon, versions opennms-1-0-stable through opennms-27.1.0-1; OpenNMS Meridian, versions meridian-foundation-2015.1.0-1 through meridian-foundation-2019.1.18-1; meridian-foundation-2020.1. ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:40 | 阅读:14 | 回复:0
  • CVE-2021-23018
    CVE漏洞
    CVE-2021-23018
    Intra-cluster communication does not use TLS. The services within the NGINX Controller 3.x before 3.4.0 namespace are using cleartext protocols inside the cluster.……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:40 | 阅读:29 | 回复:0
  • CVE-2021-28280
    CVE漏洞
    CVE-2021-28280
    CSRF + Cross-site scripting (XSS) vulnerability in search.php in PHPFusion 9.03.110 allows remote attackers to inject arbitrary web script or HTML……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:39 | 阅读:41 | 回复:0
  • CVE-2021-27651
    CVE漏洞
    CVE-2021-27651
    In versions 8.2.1 through 8.5.2 of Pega Infinity, the password reset functionality for local accounts can be used to bypass local authentication checks.……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:39 | 阅读:37 | 回复:0
  • CVE-2021-20095
    CVE漏洞
    CVE-2021-20095
    ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Notes: none.……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:39 | 阅读:39 | 回复:0
  • CVE-2021-20092
    CVE漏洞
    CVE-2021-20092
    The web interfaces of Buffalo WSR-2533DHPL2 firmware version = 1.02 and WSR-2533DHP3 firmware version = 1.24 do not properly restrict access to sensitive information from an unauthorized actor.……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:39 | 阅读:29 | 回复:0
  • CVE-2021-20091
    CVE漏洞
    CVE-2021-20091
    The web interfaces of Buffalo WSR-2533DHPL2 firmware version = 1.02 and WSR-2533DHP3 firmware version = 1.24 do not properly sanitize user input. An authenticated remote attacker could leverage this v ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:39 | 阅读:38 | 回复:0
  • CVE-2021-20090
    CVE漏洞
    CVE-2021-20090
    A path traversal vulnerability in the web interfaces of Buffalo WSR-2533DHPL2 firmware version = 1.02 and WSR-2533DHP3 firmware version = 1.24 could allow unauthenticated remote attackers to bypass au ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:39 | 阅读:38 | 回复:0
  • CVE-2020-22002
    CVE漏洞
    CVE-2020-22002
    An Unauthenticated Server-Side Request Forgery (SSRF) vulnerability exists in Inim Electronics Smartliving SmartLAN/G/SI =6.x within the GetImage functionality. The application parses user supplied da ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:39 | 阅读:37 | 回复:0
  • CVE-2020-21997
    CVE漏洞
    CVE-2020-21997
    Smartwares HOME easy =1.0.9 is vulnerable to an unauthenticated database backup download and information disclosure vulnerability. An attacker could disclose sensitive and clear-text information resul ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:39 | 阅读:27 | 回复:0
  • CVE-2020-21995
    CVE漏洞
    CVE-2020-21995
    Inim Electronics Smartliving SmartLAN/G/SI =6.x uses default hardcoded credentials. An attacker could exploit this to gain Telnet, SSH and FTP access to the system.……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:39 | 阅读:34 | 回复:0
  • CVE-2020-21992
    CVE漏洞
    CVE-2020-21992
    Inim Electronics SmartLiving SmartLAN/G/SI =6.x suffers from an authenticated remote command injection vulnerability. The issue exist due to the 'par' POST parameter not being sanitized when c ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:39 | 阅读:24 | 回复:0
  • CVE-2021-29141
    CVE漏洞
    CVE-2021-29141
    A remote disclosure of sensitive information vulnerability was discovered in Aruba ClearPass Policy Manager version(s) prior to 6.9.5, 6.8.9, 6.7.14-HF1. Aruba has released patches for Aruba ClearPass ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:39 | 阅读:50 | 回复:0
  • CVE-2021-29139
    CVE漏洞
    CVE-2021-29139
    A remote cross-site scripting (XSS) vulnerability was discovered in Aruba ClearPass Policy Manager version(s) prior to 6.9.5, 6.8.9, 6.7.14-HF1. Aruba has released patches for Aruba ClearPass Policy M ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:39 | 阅读:35 | 回复:0
  • CVE-2020-21990
    CVE漏洞
    CVE-2020-21990
    Emmanuel MyDomoAtHome (MDAH) REST API REST API Domoticz ISS Gateway 0.2.40 is affected by an information disclosure vulnerability due to improper access control enforcement. An unauthenticated remote ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:39 | 阅读:46 | 回复:0
  • CVE-2021-29142
    CVE漏洞
    CVE-2021-29142
    A remote cross-site scripting (XSS) vulnerability was discovered in Aruba ClearPass Policy Manager version(s) prior to 6.9.5, 6.8.9, 6.7.14-HF1. Aruba has released patches for Aruba ClearPass Policy M ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:39 | 阅读:54 | 回复:0
  • CVE-2021-29140
    CVE漏洞
    CVE-2021-29140
    A remote XML external entity (XXE) vulnerability was discovered in Aruba ClearPass Policy Manager version(s): Prior to 6.9.5, 6.8.9, 6.7.14-HF1. Aruba has released patches for Aruba ClearPass Policy M ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:39 | 阅读:32 | 回复:0
  • CVE-2021-29138
    CVE漏洞
    CVE-2021-29138
    A remote disclosure of privileged information vulnerability was discovered in Aruba ClearPass Policy Manager version(s) prior to 6.9.5, 6.8.9, 6.7.14-HF1. Aruba has released patches for Aruba ClearPas ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:39 | 阅读:26 | 回复:0
  • CVE-2021-29147
    CVE漏洞
    CVE-2021-29147
    A remote arbitrary command execution vulnerability was discovered in Aruba ClearPass Policy Manager version(s) prior to 6.9.5, 6.8.9, 6.7.14-HF1. Aruba has released patches for Aruba ClearPass Policy ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:39 | 阅读:26 | 回复:0
  • CVE-2021-29146
    CVE漏洞
    CVE-2021-29146
    A remote cross-site scripting (XSS) vulnerability was discovered in Aruba ClearPass Policy Manager version(s) prior to 6.9.5, 6.8.9, 6.7.14-HF1. Aruba has released patches for Aruba ClearPass Policy M ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:39 | 阅读:29 | 回复:0
  • CVE-2021-29145
    CVE漏洞
    CVE-2021-29145
    A remote server side request forgery (SSRF) remote code execution vulnerability was discovered in Aruba ClearPass Policy Manager version(s) prior to 6.9.5, 6.8.9, 6.7.14-HF1. Aruba has released patche ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:39 | 阅读:46 | 回复:0
  • CVE-2021-29144
    CVE漏洞
    CVE-2021-29144
    A remote disclosure of sensitive information vulnerability was discovered in Aruba ClearPass Policy Manager version(s) prior to 6.9.5, 6.8.9, 6.7.14-HF1. Aruba has released patches for Aruba ClearPass ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:39 | 阅读:40 | 回复:0
  • CVE-2021-29137
    CVE漏洞
    CVE-2021-29137
    A remote URL redirection vulnerability was discovered in Aruba AirWave Management Platform version(s) prior to 8.2.12.1. Aruba has released patches for AirWave Management Platform that address this se ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:39 | 阅读:28 | 回复:0
  • CVE-2021-25167
    CVE漏洞
    CVE-2021-25167
    A remote unauthorized access vulnerability was discovered in Aruba AirWave Management Platform version(s) prior to 8.2.12.1. Aruba has released patches for AirWave Management Platform that address thi ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:39 | 阅读:38 | 回复:0
  • CVE-2021-25166
    CVE漏洞
    CVE-2021-25166
    A remote unauthorized access vulnerability was discovered in Aruba AirWave Management Platform version(s) prior to 8.2.12.1. Aruba has released patches for AirWave Management Platform that address thi ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:39 | 阅读:21 | 回复:0
  • CVE-2021-25163
    CVE漏洞
    CVE-2021-25163
    A remote XML external entity vulnerability was discovered in Aruba AirWave Management Platform version(s) prior to 8.2.12.1. Aruba has released patches for AirWave Management Platform that address thi ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:39 | 阅读:25 | 回复:0
  • CVE-2021-31879
    CVE漏洞
    CVE-2021-31879
    GNU Wget through 1.21.1 does not omit the Authorization header upon a redirect to a different origin, a related issue to CVE-2018-1000007.……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:39 | 阅读:35 | 回复:0

关注我们

极客给你想要的成长

关注极客中国获取最新资讯

加入Q群 官方微博
热门推荐
More+
专题导读
More+
热门话题
More+
阅读排行榜

扫描微信二维码

查看手机版网站

随时了解更新最新资讯

139-2527-9053

在线客服(服务时间 9:00~18:00)

在线QQ客服
地址:深圳市南山区西丽大学城创智工业园
电邮:jeky_zhao#qq.com
移动电话:139-2527-9053

Powered by 互联科技 X3.4© 2001-2213 极客世界.|Sitemap