漏洞 - 第829页-OGeek|极客世界-中国程序员成长平台

OGeek|极客世界-中国程序员成长平台 › 门户 ›漏洞

漏洞

RSS

下级分类:

CVE漏洞

CVE-2021-24250

The Business Directory Plugin â€“ Easy Listing Directories for WordPress WordPress plugin before 5.11.2 suffered from lack of sanitisation in the label of the Form Fields, leading to Authenticated ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:39 | 阅读：12 | 回复：0
CVE漏洞

CVE-2021-24249

The Business Directory Plugin â€“ Easy Listing Directories for WordPress WordPress plugin before 5.11.2 suffered from a Cross-Site Request Forgery issue, allowing an attacker to make a logged in ad ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:39 | 阅读：14 | 回复：0
CVE漏洞

CVE-2021-24248

The Business Directory Plugin â€“ Easy Listing Directories for WordPress WordPress plugin before 5.11.1 did not properly check for imported files, forbidding certain extension via a blacklist appro ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:39 | 阅读：9 | 回复：0
CVE漏洞

CVE-2021-24247

The Contact Form Check Tester WordPress plugin through 1.0.2 settings are visible to all registered users in the dashboard and are lacking any sanitisation. As a result, any registered user, such as s ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:39 | 阅读：16 | 回复：0
CVE漏洞

CVE-2021-24246

The Workscout Core WordPress plugin before 1.3.4, used by the WorkScout Theme did not sanitise the chat messages sent via the workscout_send_message_chat AJAX action, leading to Stored Cross-Site Scri ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:39 | 阅读：20 | 回复：0
CVE漏洞

CVE-2021-24245

The Stop Spammers WordPress plugin before 2021.9 did not escape user input when blocking requests (such as matching a spam word), outputting it in an attribute after sanitising it to remove HTML tags, ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:39 | 阅读：17 | 回复：0
CVE漏洞

CVE-2021-24244

An AJAX action registered by the WPBakery Page Builder (Visual Composer) Clipboard WordPress plugin before 4.5.8 did not have capability checks, allowing low privilege users, such as subscribers, to u ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:39 | 阅读：18 | 回复：0
CVE漏洞

CVE-2021-24243

An AJAX action registered by the WPBakery Page Builder (Visual Composer) Clipboard WordPress plugin before 4.5.6 did not have capability checks nor sanitization, allowing low privilege users (subscrib ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:39 | 阅读：17 | 回复：0
CVE漏洞

CVE-2021-24236

The Imagements WordPress plugin through 1.2.5 allows images to be uploaded in comments, however only checks for the Content-Type in the request to forbid dangerous files. This allows unauthenticated a ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:39 | 阅读：28 | 回复：0
CVE漏洞

CVE-2021-24214

The OpenID Connect Generic Client WordPress plugin 3.8.0 and 3.8.1 did not sanitise the login error when output back in the login form, leading to a reflected Cross-Site Scripting issue. This issue do ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:39 | 阅读：20 | 回复：0
CVE漏洞

CVE-2021-24179

The Business Directory Plugin â€“ Easy Listing Directories for WordPress WordPress plugin before 5.11 suffered from a Cross-Site Request Forgery issue, allowing an attacker to make a logged in admi ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:39 | 阅读：43 | 回复：0
CVE漏洞

CVE-2021-24178

The Business Directory Plugin â€“ Easy Listing Directories for WordPress WordPress plugin before 5.11.1 suffered from Cross-Site Request Forgery issues, allowing an attacker to make a logged in adm ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:39 | 阅读：16 | 回复：0
CVE漏洞

CVE-2021-22211

An issue has been discovered in GitLab CE/EE affecting all versions starting from 13.7. GitLab Dependency Proxy, under certain circumstances, can impersonate a user resulting in possibly incorrect acc ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:39 | 阅读：12 | 回复：0
CVE漏洞

CVE-2021-21550

Dell EMC PowerScale OneFS 8.1.0-9.1.0 contain an improper neutralization of special elements used in an OS command vulnerability. This vulnerability can allow an authenticated user with ISI_PRIV_LOGIN ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:39 | 阅读：13 | 回复：0
CVE漏洞

CVE-2021-21527

Dell PowerScale OneFS 8.1.0-9.1.0 contain an improper neutralization of special elements used in an OS command vulnerability. This vulnerability may allow an authenticated user with ISI_PRIV_LOGIN_SSH ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:39 | 阅读：13 | 回复：0
CVE漏洞

CVE-2021-21505

Dell EMC Integrated System for Microsoft Azure Stack Hub, versions 1906 – 2011, contain an undocumented default iDRAC account. A remote unauthenticated attacker, with the knowledge of the default cre ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:39 | 阅读：5 | 回复：0
CVE漏洞

CVE-2021-1535

A vulnerability in the cluster management interface of Cisco SD-WAN vManage Software could allow an unauthenticated, remote attacker to view sensitive information on an affected system. To be affected ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:39 | 阅读：15 | 回复：0
CVE漏洞

CVE-2021-1532

A vulnerability in the video endpoint API (xAPI) of Cisco TelePresence Collaboration Endpoint (CE) Software and Cisco RoomOS Software could allow an authenticated, remote attacker to read arbitrary fi ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:39 | 阅读：7 | 回复：0
CVE漏洞

CVE-2021-1530

A vulnerability in the web-based management interface of Cisco BroadWorks Messaging Server Software could allow an authenticated, remote attacker to access sensitive information or cause a partial den ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:39 | 阅读：6 | 回复：0
CVE漏洞

CVE-2021-1521

A vulnerability in the Cisco Discovery Protocol implementation for Cisco Video Surveillance 8000 Series IP Cameras could allow an unauthenticated, adjacent attacker to cause an affected IP camera to r ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:39 | 阅读：5 | 回复：0
CVE漏洞

CVE-2021-1520

A vulnerability in the internal message processing of Cisco RV340, RV340W, RV345, and RV345P Dual WAN Gigabit VPN Routers could allow an authenticated, local attacker to run arbitrary commands with ro ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:39 | 阅读：13 | 回复：0
CVE漏洞

CVE-2021-1519

A vulnerability in the interprocess communication (IPC) channel of Cisco AnyConnect Secure Mobility Client Software could allow an authenticated, local attacker to overwrite VPN profiles on an affecte ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:39 | 阅读：6 | 回复：0
CVE漏洞

CVE-2021-1516

A vulnerability in the web-based management interface of Cisco AsyncOS Software for Cisco Content Security Management Appliance (SMA), Cisco Email Security Appliance (ESA), and Cisco Web Security Appl ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:39 | 阅读：17 | 回复：0
CVE漏洞

CVE-2021-1515

A vulnerability in Cisco SD-WAN vManage Software could allow an unauthenticated, adjacent attacker to gain access to sensitive information. This vulnerability is due to improper access controls on API ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:39 | 阅读：15 | 回复：0
CVE漏洞

CVE-2021-1514

A vulnerability in the CLI of Cisco SD-WAN Software could allow an authenticated, local attacker to inject arbitrary commands to be executed with Administrator privileges on the underlying operating s ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:39 | 阅读：8 | 回复：0
CVE漏洞

CVE-2021-1513

A vulnerability in the vDaemon process of Cisco SD-WAN Software could allow an unauthenticated, remote attacker to cause a device to reload, resulting in a denial of service (DoS) condition. This vuln ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:39 | 阅读：11 | 回复：0
CVE漏洞

CVE-2021-1512

A vulnerability in the CLI of Cisco SD-WAN Software could allow an authenticated, local attacker to overwrite arbitrary files in the underlying file system of an affected system. This vulnerability is ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:39 | 阅读：22 | 回复：0
CVE漏洞

CVE-2021-1511

Multiple vulnerabilities in Cisco SD-WAN vEdge Software could allow an attacker to execute arbitrary code as the root user or cause a denial of service (DoS) condition on an affected device. For more ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:39 | 阅读：16 | 回复：0
CVE漏洞

CVE-2021-1510

Multiple vulnerabilities in Cisco SD-WAN vEdge Software could allow an attacker to execute arbitrary code as the root user or cause a denial of service (DoS) condition on an affected device. For more ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:39 | 阅读：17 | 回复：0
CVE漏洞

CVE-2021-1509

Multiple vulnerabilities in Cisco SD-WAN vEdge Software could allow an attacker to execute arbitrary code as the root user or cause a denial of service (DoS) condition on an affected device. For more ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:39 | 阅读：21 | 回复：0
CVE漏洞

CVE-2021-1508

Multiple vulnerabilities in Cisco SD-WAN vManage Software could allow an unauthenticated, remote attacker to execute arbitrary code or gain access to sensitive information, or allow an authenticated, ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:39 | 阅读：6 | 回复：0
CVE漏洞

CVE-2021-1507

A vulnerability in an API of Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against users of the application web-base ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:39 | 阅读：7 | 回复：0
CVE漏洞

CVE-2021-1506

Multiple vulnerabilities in Cisco SD-WAN vManage Software could allow an unauthenticated, remote attacker to execute arbitrary code or gain access to sensitive information, or allow an authenticated, ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:39 | 阅读：12 | 回复：0
CVE漏洞

CVE-2021-1505

Multiple vulnerabilities in Cisco SD-WAN vManage Software could allow an unauthenticated, remote attacker to execute arbitrary code or gain access to sensitive information, or allow an authenticated, ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:39 | 阅读：16 | 回复：0
CVE漏洞

CVE-2021-1499

A vulnerability in the web-based management interface of Cisco HyperFlex HX Data Platform could allow an unauthenticated, remote attacker to upload files to an affected device. This vulnerability is d ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:39 | 阅读：11 | 回复：0
CVE漏洞

CVE-2021-1498

Multiple vulnerabilities in the web-based management interface of Cisco HyperFlex HX could allow an unauthenticated, remote attacker to perform command injection attacks against an affected device. Fo ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:39 | 阅读：12 | 回复：0
CVE漏洞

CVE-2021-21226

Use after free in navigation in Google Chrome prior to 90.0.4430.85 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.……

作者：菜鸟教程小白 | 时间：2022-2-5 10:38 | 阅读：12 | 回复：0
CVE漏洞

CVE-2021-21225

Out of bounds memory access in V8 in Google Chrome prior to 90.0.4430.85 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.……

作者：菜鸟教程小白 | 时间：2022-2-5 10:38 | 阅读：7 | 回复：0
CVE漏洞

CVE-2021-21224

Type confusion in V8 in Google Chrome prior to 90.0.4430.85 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page.……

作者：菜鸟教程小白 | 时间：2022-2-5 10:38 | 阅读：9 | 回复：0
CVE漏洞

CVE-2021-21223

Integer overflow in Mojo in Google Chrome prior to 90.0.4430.85 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.……

作者：菜鸟教程小白 | 时间：2022-2-5 10:38 | 阅读：11 | 回复：0