• 设为首页
  • 点击收藏
  • 手机版
    手机扫一扫访问
    迪恩网络手机版
  • 关注官方公众号
    微信扫一扫关注
    迪恩网络公众号
登陆 注册
描述文字
OGeek|极客世界-中国程序员成长平台 门户 漏洞

漏洞

RSS

下级分类:

  • CVE-2020-21987
    CVE漏洞
    CVE-2020-21987
    HomeAutomation 3.3.2 is affected by persistent Cross Site Scripting (XSS). XSS vulnerabilities occur when input passed via several parameters to several scripts is not properly sanitized before being ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:39 | 阅读:8 | 回复:0
  • CVE-2021-29667
    CVE漏洞
    CVE-2021-29667
    IBM Spectrum Scale 5.0.0 through 5.0.5.6 and 5.1.0 through 5.1.0.2 is potentially vulnerable to CSV Injection. A remote attacker could execute arbitrary commands on the system, caused by improper vali ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:39 | 阅读:10 | 回复:0
  • CVE-2021-29666
    CVE漏洞
    CVE-2021-29666
    IBM Spectrum Scale 5.0.0 through 5.0.5.6 and 5.1.0 through 5.1.0.2 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:39 | 阅读:15 | 回复:0
  • CVE-2021-20550
    CVE漏洞
    CVE-2021-20550
    IBM Content Navigator 3.0.CD is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentiall ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:39 | 阅读:13 | 回复:0
  • CVE-2021-20549
    CVE漏洞
    CVE-2021-20549
    IBM Content Navigator 3.0.CD is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentiall ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:39 | 阅读:22 | 回复:0
  • CVE-2021-20448
    CVE漏洞
    CVE-2021-20448
    IBM Content Navigator 3.0.CD is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentiall ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:39 | 阅读:7 | 回复:0
  • CVE-2020-4981
    CVE漏洞
    CVE-2020-4981
    IBM Spectrum Scale 5.0.4.1 through 5.1.0.3 could allow a local privileged user to overwrite files due to improper input validation. IBM X-Force ID: 192541.……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:39 | 阅读:12 | 回复:0
  • CVE-2021-3464
    CVE漏洞
    CVE-2021-3464
    A DLL search path vulnerability was reported in Lenovo PCManager, prior to version 3.0.400.3252, that could allow privilege escalation.……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:39 | 阅读:11 | 回复:0
  • CVE-2021-3451
    CVE漏洞
    CVE-2021-3451
    A denial of service vulnerability was reported in Lenovo PCManager, prior to version 3.0.400.3252, that could allow configuration files to be written to non-standard locations.……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:39 | 阅读:20 | 回复:0
  • CVE-2021-30642
    CVE漏洞
    CVE-2021-30642
    An input validation flaw in the Symantec Security Analytics web UI 7.2 prior 7.2.7, 8.1, prior to 8.1.3-NSR3, 8.2, prior to 8.2.1-NSR2 or 8.2.2 allows a remote, unauthenticated attacker to execute arb ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:39 | 阅读:8 | 回复:0
  • CVE-2021-28269
    CVE漏洞
    CVE-2021-28269
    Soyal Technology 701Client 9.0.1 is vulnerable to Insecure permissions via client.exe binary with Authenticated Users group with Full permissions.……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:39 | 阅读:10 | 回复:0
  • CVE-2021-28271
    CVE漏洞
    CVE-2021-28271
    Soyal Technologies SOYAL 701Server 9.0.1 suffers from an elevation of privileges vulnerability which can be used by an authenticated user to change the executable file with a binary choice. The vulner ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:39 | 阅读:16 | 回复:0
  • CVE-2021-22664
    CVE漏洞
    CVE-2021-22664
    CNCSoft-B Versions 1.0.0.3 and prior is vulnerable to an out-of-bounds write, which may allow an attacker to execute arbitrary code.……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:39 | 阅读:10 | 回复:0
  • CVE-2021-22660
    CVE漏洞
    CVE-2021-22660
    CNCSoft-B Versions 1.0.0.3 and prior is vulnerable to an out-of-bounds read, which may allow an attacker to execute arbitrary code.……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:39 | 阅读:8 | 回复:0
  • CVE-2021-27480
    CVE漏洞
    CVE-2021-27480
    Delta Industrial Automation COMMGR Versions 1.12 and prior are vulnerable to a stack-based buffer overflow, which may allow an attacker to execute remote code.……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:39 | 阅读:18 | 回复:0
  • CVE-2020-35542
    CVE漏洞
    CVE-2020-35542
    Unisys Data Exchange Management Studio through 5.0.34 doesn't sanitize the input to a HTML document field. This could be used for an XSS attack.……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:39 | 阅读:14 | 回复:0
  • CVE-2021-28125
    CVE漏洞
    CVE-2021-28125
    Apache Superset up to and including 1.0.1 allowed for the creation of an external URL that could be malicious. By not checking user input for open redirects the URL shortener functionality would allow ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:39 | 阅读:11 | 回复:0
  • CVE-2020-17517
    CVE漏洞
    CVE-2020-17517
    The S3 buckets and keys in a secure Apache Ozone Cluster must be inaccessible to anonymous access by default. The current security vulnerability allows access to keys and buckets through a curl comman ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:39 | 阅读:10 | 回复:0
  • CVE-2021-20715
    CVE漏洞
    CVE-2021-20715
    Improper access control vulnerability in Hot Pepper Gourmet App for Android ver.4.111.0 and earlier, and for iOS ver.4.111.0 and earlier allows a remote attacker to lead a user to access an arbitrary ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:39 | 阅读:18 | 回复:0
  • CVE-2021-20714
    CVE漏洞
    CVE-2021-20714
    Directory traversal vulnerability in WP Fastest Cache versions prior to 0.9.1.7 allows a remote attacker with administrator privileges to delete arbitrary files on the server via unspecified vectors.……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:39 | 阅读:14 | 回复:0
  • CVE-2019-25042
    CVE漏洞
    CVE-2019-25042
    ** DISPUTED ** Unbound before 1.9.5 allows an out-of-bounds write via a compressed name in rdata_copy. NOTE: The vendor disputes that this is a vulnerability. Although the code may be vulnerable, a ru ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:39 | 阅读:15 | 回复:0
  • CVE-2019-25041
    CVE漏洞
    CVE-2019-25041
    ** DISPUTED ** Unbound before 1.9.5 allows an assertion failure via a compressed name in dname_pkt_copy. NOTE: The vendor disputes that this is a vulnerability. Although the code may be vulnerable, a ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:39 | 阅读:22 | 回复:0
  • CVE-2019-25040
    CVE漏洞
    CVE-2019-25040
    ** DISPUTED ** Unbound before 1.9.5 allows an infinite loop via a compressed name in dname_pkt_copy. NOTE: The vendor disputes that this is a vulnerability. Although the code may be vulnerable, a runn ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:39 | 阅读:14 | 回复:0
  • CVE-2019-25039
    CVE漏洞
    CVE-2019-25039
    ** DISPUTED ** Unbound before 1.9.5 allows an integer overflow in a size calculation in respip/respip.c. NOTE: The vendor disputes that this is a vulnerability. Although the code may be vulnerable, a ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:39 | 阅读:12 | 回复:0
  • CVE-2019-25038
    CVE漏洞
    CVE-2019-25038
    ** DISPUTED ** Unbound before 1.9.5 allows an integer overflow in a size calculation in dnscrypt/dnscrypt.c. NOTE: The vendor disputes that this is a vulnerability. Although the code may be vulnerable ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:39 | 阅读:6 | 回复:0
  • CVE-2019-25037
    CVE漏洞
    CVE-2019-25037
    ** DISPUTED ** Unbound before 1.9.5 allows an assertion failure and denial of service in dname_pkt_copy via an invalid packet. NOTE: The vendor disputes that this is a vulnerability. Although the code ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:39 | 阅读:17 | 回复:0
  • CVE-2019-25036
    CVE漏洞
    CVE-2019-25036
    ** DISPUTED ** Unbound before 1.9.5 allows an assertion failure and denial of service in synth_cname. NOTE: The vendor disputes that this is a vulnerability. Although the code may be vulnerable, a run ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:39 | 阅读:6 | 回复:0
  • CVE-2019-25035
    CVE漏洞
    CVE-2019-25035
    ** DISPUTED ** Unbound before 1.9.5 allows an out-of-bounds write in sldns_bget_token_par. NOTE: The vendor disputes that this is a vulnerability. Although the code may be vulnerable, a running Unboun ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:39 | 阅读:15 | 回复:0
  • CVE-2019-25034
    CVE漏洞
    CVE-2019-25034
    ** DISPUTED ** Unbound before 1.9.5 allows an integer overflow in sldns_str2wire_dname_buf_origin, leading to an out-of-bounds write. NOTE: The vendor disputes that this is a vulnerability. Although t ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:39 | 阅读:12 | 回复:0
  • CVE-2019-25033
    CVE漏洞
    CVE-2019-25033
    ** DISPUTED ** Unbound before 1.9.5 allows an integer overflow in the regional allocator via the ALIGN_UP macro. NOTE: The vendor disputes that this is a vulnerability. Although the code may be vulner ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:39 | 阅读:18 | 回复:0
  • CVE-2019-25032
    CVE漏洞
    CVE-2019-25032
    ** DISPUTED ** Unbound before 1.9.5 allows an integer overflow in the regional allocator via regional_alloc. NOTE: The vendor disputes that this is a vulnerability. Although the code may be vulnerable ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:39 | 阅读:5 | 回复:0
  • CVE-2019-25031
    CVE漏洞
    CVE-2019-25031
    ** DISPUTED ** Unbound before 1.9.5 allows configuration injection in create_unbound_ad_servers.sh upon a successful man-in-the-middle attack against a cleartext HTTP session. NOTE: The vendor does no ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:39 | 阅读:9 | 回复:0
  • CVE-2021-31826
    CVE漏洞
    CVE-2021-31826
    Shibboleth Service Provider 3.x before 3.2.2 is prone to a NULL pointer dereference flaw involving the session recovery feature. The flaw is exploitable (for a daemon crash) on systems not using this ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:39 | 阅读:12 | 回复:0
  • CVE-2021-31671
    CVE漏洞
    CVE-2021-31671
    pgsync before 0.6.7 is affected by Information Disclosure of sensitive information. Syncing the schema with the --schema-first and --schema-only options is mishandled. For example, the sslmode connect ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:39 | 阅读:22 | 回复:0
  • CVE-2021-30635
    CVE漏洞
    CVE-2021-30635
    Sonatype Nexus Repository Manager 3.x before 3.30.1 allows a remote attacker to get a list of files and directories that exist in a UI-related folder via directory traversal (no customer-specific data ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:39 | 阅读:13 | 回复:0
  • CVE-2021-30165
    CVE漏洞
    CVE-2021-30165
    The default administrator account password of the EDIMAX wireless network camera is hard-coded. Remote attackers can disassemble firmware to obtain the privileged permission and further control the d ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:39 | 阅读:26 | 回复:0
  • CVE-2021-29474
    CVE漏洞
    CVE-2021-29474
    HedgeDoc (formerly known as CodiMD) is an open-source collaborative markdown editor. An attacker can read arbitrary `.md` files from the server's filesystem due to an improper input validation, wh ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:39 | 阅读:14 | 回复:0
  • CVE-2021-31784
    CVE漏洞
    CVE-2021-31784
    An out-of-bounds write vulnerability exists in the file-reading procedure in Open Design Alliance Drawings SDK before 2021.6 on all supported by ODA platforms in static configuration. This can allow a ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:39 | 阅读:15 | 回复:0
  • CVE-2021-31783
    CVE漏洞
    CVE-2021-31783
    show_default.php in the LocalFilesEditor extension before 11.4.0.1 for Piwigo allows Local File Inclusion because the file parameter is not validated with a proper regular-expression check.……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:39 | 阅读:17 | 回复:0
  • CVE-2021-31646
    CVE漏洞
    CVE-2021-31646
    Gestsup before 3.2.10 allows account takeover through the password recovery functionality (remote). The affected component is the file forgot_pwd.php - it uses a weak algorithm for the generation of p ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:39 | 阅读:16 | 回复:0

关注我们

极客给你想要的成长

关注极客中国获取最新资讯

加入Q群 官方微博
热门推荐
More+
专题导读
More+
热门话题
More+
阅读排行榜

扫描微信二维码

查看手机版网站

随时了解更新最新资讯

139-2527-9053

在线客服(服务时间 9:00~18:00)

在线QQ客服
地址:深圳市南山区西丽大学城创智工业园
电邮:jeky_zhao#qq.com
移动电话:139-2527-9053

Powered by 互联科技 X3.4© 2001-2213 极客世界.|Sitemap