漏洞 - 第84页-OGeek|极客世界-中国程序员成长平台

OGeek|极客世界-中国程序员成长平台 › 门户 ›漏洞

漏洞

RSS

下级分类:

CVE漏洞

CVE-2022-33114

Jfinal CMS v5.1.0 was discovered to contain a SQL injection vulnerability via the attrVal parameter at /jfinal_cms/system/dict/list.……

作者：菜鸟教程小白 | 时间：2022-7-7 07:59 | 阅读：42 | 回复：0
CVE漏洞

CVE-2022-33113

Jfinal CMS v5.1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the keyword text field under the publish blog module.……

作者：菜鸟教程小白 | 时间：2022-7-7 07:59 | 阅读：45 | 回复：0
CVE漏洞

CVE-2022-33105

Redis v7.0 was discovered to contain a memory leak via the component streamGetEdgeID.……

作者：菜鸟教程小白 | 时间：2022-7-7 07:59 | 阅读：44 | 回复：0
CVE漏洞

CVE-2022-33097

74cmsSE v3.5.1 was discovered to contain a SQL injection vulnerability via the keyword parameter at /home/campus/campus_job.……

作者：菜鸟教程小白 | 时间：2022-7-7 07:59 | 阅读：48 | 回复：0
CVE漏洞

CVE-2022-33096

74cmsSE v3.5.1 was discovered to contain a SQL injection vulnerability via the keyword parameter at /home/resume/index.……

作者：菜鸟教程小白 | 时间：2022-7-7 07:59 | 阅读：44 | 回复：0
CVE漏洞

CVE-2022-33095

74cmsSE v3.5.1 was discovered to contain a SQL injection vulnerability via the keyword parameter at /home/jobfairol/resumelist.……

作者：菜鸟教程小白 | 时间：2022-7-7 07:59 | 阅读：43 | 回复：0
CVE漏洞

CVE-2022-33094

74cmsSE v3.5.1 was discovered to contain a SQL injection vulnerability via the keyword parameter at /home/job/map.……

作者：菜鸟教程小白 | 时间：2022-7-7 07:59 | 阅读：40 | 回复：0
CVE漏洞

CVE-2022-33093

74cmsSE v3.5.1 was discovered to contain a SQL injection vulnerability via the key parameter at /freelance/resume_list.……

作者：菜鸟教程小白 | 时间：2022-7-7 07:59 | 阅读：41 | 回复：0
CVE漏洞

CVE-2022-33092

74cmsSE v3.5.1 was discovered to contain a SQL injection vulnerability via the keyword parameter at /home/job/index.……

作者：菜鸟教程小白 | 时间：2022-7-7 07:58 | 阅读：38 | 回复：0
CVE漏洞

CVE-2022-33070

Protobuf-c v1.4.0 was discovered to contain an invalid arithmetic shift via the function parse_tag_and_wiretype in protobuf-c/protobuf-c.c. This vulnerability allows attackers to cause a Denial of Ser ...……

作者：菜鸟教程小白 | 时间：2022-7-7 07:58 | 阅读：46 | 回复：0
CVE漏洞

CVE-2022-33069

Ethereum Solidity v0.8.14 contains an assertion failure via SMTEncoder::indexOrMemberAssignment() at SMTEncoder.cpp.……

作者：菜鸟教程小白 | 时间：2022-7-7 07:58 | 阅读：41 | 回复：0
CVE漏洞

CVE-2022-33068

An integer overflow in the component hb-ot-shape-fallback.cc of Harfbuzz v4.3.0 allows attackers to cause a Denial of Service (DoS) via unspecified vectors.……

作者：菜鸟教程小白 | 时间：2022-7-7 07:58 | 阅读：40 | 回复：0
CVE漏洞

CVE-2022-33067

Lrzip v0.651 was discovered to contain multiple invalid arithmetic shifts via the functions get_magic in lrzip.c and Predictor::init in libzpaq/libzpaq.cpp. These vulnerabilities allow attackers to ca ...……

作者：菜鸟教程小白 | 时间：2022-7-7 07:58 | 阅读：52 | 回复：0
CVE漏洞

CVE-2022-33034

LibreDWG v0.12.4.4608 was discovered to contain a stack overflow via the function copy_bytes at decode_r2007.c.……

作者：菜鸟教程小白 | 时间：2022-7-7 07:58 | 阅读：44 | 回复：0
CVE漏洞

CVE-2022-33033

LibreDWG v0.12.4.4608 was discovered to contain a double-free via the function dwg_read_file at dwg.c.……

作者：菜鸟教程小白 | 时间：2022-7-7 07:58 | 阅读：48 | 回复：0
CVE漏洞

CVE-2022-33032

LibreDWG v0.12.4.4608 was discovered to contain a heap-buffer-overflow via the function decode_preR13_section_hdr at decode_r11.c.……

作者：菜鸟教程小白 | 时间：2022-7-7 07:58 | 阅读：47 | 回复：0
CVE漏洞

CVE-2022-33028

LibreDWG v0.12.4.4608 was discovered to contain a heap buffer overflow via the function dwg_add_object at decode.c.……

作者：菜鸟教程小白 | 时间：2022-7-7 07:57 | 阅读：46 | 回复：0
CVE漏洞

CVE-2022-33027

LibreDWG v0.12.4.4608 was discovered to contain a heap-use-after-free via the function dwg_add_handleref at dwg.c.……

作者：菜鸟教程小白 | 时间：2022-7-7 07:57 | 阅读：47 | 回复：0
CVE漏洞

CVE-2022-33026

LibreDWG v0.12.4.4608 was discovered to contain a heap buffer overflow via the function bit_calc_CRC at bits.c.……

作者：菜鸟教程小白 | 时间：2022-7-7 07:57 | 阅读：50 | 回复：0
CVE漏洞

CVE-2022-33025

LibreDWG v0.12.4.4608 was discovered to contain a heap-use-after-free via the function decode_preR13_section at decode_r11.c.……

作者：菜鸟教程小白 | 时间：2022-7-7 07:57 | 阅读：47 | 回复：0
CVE漏洞

CVE-2022-33024

There is an Assertion `int decode_preR13_entities(BITCODE_RL, BITCODE_RL, unsigned int, BITCODE_RL, BITCODE_RL, Bit_Chain *, Dwg_Data *' failed at dwg2dxf: decode.c:5801 in libredwg v0.12.4.4608. ...……

作者：菜鸟教程小白 | 时间：2022-7-7 07:57 | 阅读：51 | 回复：0
CVE漏洞

CVE-2022-32554

Pure Storage FlashArray products running Purity//FA 6.2.0 - 6.2.3, 6.1.0 - 6.1.12, 6.0.0 - 6.0.8, 5.3.0 - 5.3.17, 5.2.x and prior Purity//FA releases, and Pure Storage FlashBlade products running Puri ...……

作者：菜鸟教程小白 | 时间：2022-7-7 07:57 | 阅读：40 | 回复：0
CVE漏洞

CVE-2022-32553

Pure Storage FlashArray products running Purity//FA 6.2.0 - 6.2.3, 6.1.0 - 6.1.12, 6.0.0 - 6.0.8, 5.3.0 - 5.3.17, 5.2.x and prior Purity//FA releases, and Pure Storage FlashBlade products running Puri ...……

作者：菜鸟教程小白 | 时间：2022-7-7 07:57 | 阅读：47 | 回复：0
CVE漏洞

CVE-2022-32552

Pure Storage FlashArray products running Purity//FA 6.2.0 - 6.2.3, 6.1.0 - 6.1.12, 6.0.0 - 6.0.8, 5.3.0 - 5.3.17, 5.2.x and prior Purity//FA releases, and Pure Storage FlashBlade products running Puri ...……

作者：菜鸟教程小白 | 时间：2022-7-7 07:56 | 阅读：44 | 回复：0
CVE漏洞

CVE-2022-32536

The user access rights validation in the web server of the Bosch Ethernet switch PRA-ES8P2S with software version 1.01.05 was insufficient. This would allow a non-administrator user to obtain administ ...……

作者：菜鸟教程小白 | 时间：2022-7-7 07:56 | 阅读：50 | 回复：0
CVE漏洞

CVE-2022-32535

The Bosch Ethernet switch PRA-ES8P2S with software version 1.01.05 runs its web server with root privilege. In combination with CVE-2022-23534 this could give an attacker root access to the switch.……

作者：菜鸟教程小白 | 时间：2022-7-7 07:56 | 阅读：47 | 回复：0
CVE漏洞

CVE-2022-32534

The Bosch Ethernet switch PRA-ES8P2S with software version 1.01.05 and earlier was found to be vulnerable to command injection through its diagnostics web interface. This allows execution of shell com ...……

作者：菜鸟教程小白 | 时间：2022-7-7 07:56 | 阅读：51 | 回复：0
CVE漏洞

CVE-2022-32131

74cmsSE v3.5.1 was discovered to contain a reflective cross-site scripting (XSS) vulnerability via the path /index/notice/show.……

作者：菜鸟教程小白 | 时间：2022-7-7 07:56 | 阅读：51 | 回复：0
CVE漏洞

CVE-2022-32130

74cmsSE v3.5.1 was discovered to contain a reflective cross-site scripting (XSS) vulnerability via the path /company/down_resume/total/nature.……

作者：菜鸟教程小白 | 时间：2022-7-7 07:56 | 阅读：48 | 回复：0
CVE漏洞

CVE-2022-32129

74cmsSE v3.5.1 was discovered to contain a reflective cross-site scripting (XSS) vulnerability via the path /company/account/safety/trade.……

作者：菜鸟教程小白 | 时间：2022-7-7 07:56 | 阅读：55 | 回复：0
CVE漏洞

CVE-2022-32128

74cmsSE v3.5.1 was discovered to contain a reflective cross-site scripting (XSS) vulnerability via the path /company/service/increment/add/im.……

作者：菜鸟教程小白 | 时间：2022-7-7 07:56 | 阅读：60 | 回复：0
CVE漏洞

CVE-2022-32127

74cmsSE v3.5.1 was discovered to contain a reflective cross-site scripting (XSS) vulnerability via the path /company/view_be_browsed/total.……

作者：菜鸟教程小白 | 时间：2022-7-7 07:55 | 阅读：62 | 回复：0
CVE漏洞

CVE-2022-32126

74cmsSE v3.5.1 was discovered to contain a reflective cross-site scripting (XSS) vulnerability via the path /company.……

作者：菜鸟教程小白 | 时间：2022-7-7 07:55 | 阅读：51 | 回复：0
CVE漏洞

CVE-2022-32125

74cmsSE v3.5.1 was discovered to contain a reflective cross-site scripting (XSS) vulnerability via the path /job.……

作者：菜鸟教程小白 | 时间：2022-7-7 07:55 | 阅读：48 | 回复：0
CVE漏洞

CVE-2022-32124

74cmsSE v3.5.1 was discovered to contain a reflective cross-site scripting (XSS) vulnerability via the component /index/jobfairol/show/.……

作者：菜鸟教程小白 | 时间：2022-7-7 07:55 | 阅读：58 | 回复：0
CVE漏洞

CVE-2022-31787

IdeaTMS 2022 is vulnerable to SQL Injection via the PATH_INFO……

作者：菜鸟教程小白 | 时间：2022-7-7 07:55 | 阅读：50 | 回复：0
CVE漏洞

CVE-2022-31395

Algo Communication Products Ltd. 8373 IP Zone Paging Adapter Firmware 1.7.6 allows attackers to perform a directory traversal via a web request sent to /fm-data.lua.……

作者：菜鸟教程小白 | 时间：2022-7-7 07:55 | 阅读：62 | 回复：0
CVE漏洞

CVE-2022-31362

** UNSUPPORTED WHEN ASSIGNED ** Docebo Community Edition v4.0.5 and below was discovered to contain an arbitrary file upload vulnerability. NOTE: This vulnerability only affects products that are no l ...……

作者：菜鸟教程小白 | 时间：2022-7-7 07:55 | 阅读：60 | 回复：0
CVE漏洞

CVE-2022-31361

** UNSUPPORTED WHEN ASSIGNED ** Docebo Community Edition v4.0.5 and below was discovered to contain a SQL injection vulnerability. NOTE: This vulnerability only affects products that are no longer sup ...……

作者：菜鸟教程小白 | 时间：2022-7-7 07:55 | 阅读：64 | 回复：0
CVE漏洞

CVE-2022-29526

Go before 1.17.10 and 1.18.x before 1.18.2 has Incorrect Privilege Assignment. When called with a non-zero flags parameter, the Faccessat function could incorrectly report that a file is accessible.……

作者：菜鸟教程小白 | 时间：2022-7-7 07:54 | 阅读：66 | 回复：0