• 设为首页
  • 点击收藏
  • 手机版
    手机扫一扫访问
    迪恩网络手机版
  • 关注官方公众号
    微信扫一扫关注
    迪恩网络公众号
登陆 注册
描述文字
OGeek|极客世界-中国程序员成长平台 门户 漏洞

漏洞

RSS

下级分类:

  • CVE-2021-27673
    CVE漏洞
    CVE-2021-27673
    Cross Site Scripting (XSS) in the admin_boxes.ajax.php component of Tribal Systems Zenario CMS v8.8.52729 allows remote attackers to execute arbitrary code by injecting arbitrary HTML into the cID par ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:35 | 阅读:12 | 回复:0
  • CVE-2021-27672
    CVE漏洞
    CVE-2021-27672
    SQL Injection in the admin_boxes.ajax.php component of Tribal Systems Zenario CMS v8.8.52729 allows remote attackers to obtain sesnitive database information by injecting SQL commands into the cID par ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:35 | 阅读:5 | 回复:0
  • CVE-2021-21100
    CVE漏洞
    CVE-2021-21100
    Adobe Digital Editions version 4.5.11.187245 (and earlier) is affected by a Privilege Escalation vulnerability during installation. An unauthenticated attacker could leverage this vulnerability to ach ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:35 | 阅读:5 | 回复:0
  • CVE-2021-21096
    CVE漏洞
    CVE-2021-21096
    Adobe Bridge versions 10.1.1 (and earlier) and 11.0.1 (and earlier) are affected by an Improper Authorization vulnerability in the Genuine Software Service. A low-privileged attacker could leverage th ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:35 | 阅读:7 | 回复:0
  • CVE-2021-21095
    CVE漏洞
    CVE-2021-21095
    Adobe Bridge versions 10.1.1 (and earlier) and 11.0.1 (and earlier) are affected by an Out-of-bounds write vulnerability when parsing a crafted file. An unauthenticated attacker could leverage this vu ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:35 | 阅读:9 | 回复:0
  • CVE-2021-21094
    CVE漏洞
    CVE-2021-21094
    Adobe Bridge versions 10.1.1 (and earlier) and 11.0.1 (and earlier) are affected by an Out-of-bounds write vulnerability when parsing a specially crafted file. An unauthenticated attacker could levera ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:35 | 阅读:5 | 回复:0
  • CVE-2021-21093
    CVE漏洞
    CVE-2021-21093
    Adobe Bridge versions 10.1.1 (and earlier) and 11.0.1 (and earlier) are affected by a memory corruption vulnerability when parsing a specially crafted file. An unauthenticated attacker could leverage ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:35 | 阅读:16 | 回复:0
  • CVE-2021-21092
    CVE漏洞
    CVE-2021-21092
    Adobe Bridge versions 10.1.1 (and earlier) and 11.0.1 (and earlier) are affected by a memory corruption vulnerability when parsing a specially crafted file. An unauthenticated attacker could leverage ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:35 | 阅读:28 | 回复:0
  • CVE-2021-21091
    CVE漏洞
    CVE-2021-21091
    Adobe Bridge versions 10.1.1 (and earlier) and 11.0.1 (and earlier) are affected by an Out-of-bounds read vulnerability when parsing a crafted file. An unauthenticated attacker could leverage this vul ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:35 | 阅读:6 | 回复:0
  • CVE-2021-21087
    CVE漏洞
    CVE-2021-21087
    Adobe Coldfusion versions 2016 (update 16 and earlier), 2018 (update 10 and earlier) and 2021.0.0.323925 are affected by an Improper Neutralization of Input During Web Page Generation ('Cross-site ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:35 | 阅读:10 | 回复:0
  • CVE-2020-28593
    CVE漏洞
    CVE-2020-28593
    A unauthenticated backdoor exists in the configuration server functionality of Cosori Smart 5.8-Quart Air Fryer CS158-AF 1.1.0. A specially crafted JSON object can lead to code execution. An attacker ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:35 | 阅读:11 | 回复:0
  • CVE-2020-28592
    CVE漏洞
    CVE-2020-28592
    A heap-based buffer overflow vulnerability exists in the configuration server functionality of the Cosori Smart 5.8-Quart Air Fryer CS158-AF 1.1.0. A specially crafted JSON object can lead to remote c ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:35 | 阅读:12 | 回复:0
  • CVE-2020-27239
    CVE漏洞
    CVE-2020-27239
    An exploitable SQL injection vulnerability exists in ‘getAssets.jsp’ page of OpenClinic GA 5.173.3. The assetStatus parameter in the getAssets.jsp page is vulnerable to unauthenticated SQL injection ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:35 | 阅读:27 | 回复:0
  • CVE-2020-27238
    CVE漏洞
    CVE-2020-27238
    An exploitable SQL injection vulnerability exists in ‘getAssets.jsp’ page of OpenClinic GA 5.173.3. The code parameter in the getAssets.jsp page is vulnerable to unauthenticated SQL injection. An at ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:35 | 阅读:54 | 回复:0
  • CVE-2020-27237
    CVE漏洞
    CVE-2020-27237
    An exploitable SQL injection vulnerability exists in ‘getAssets.jsp’ page of OpenClinic GA 5.173.3. The code parameter in the The nomenclature parameter in the getAssets.jsp page is vulnerable to un ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:35 | 阅读:30 | 回复:0
  • CVE-2021-0488
    CVE漏洞
    CVE-2021-0488
    In pb_write of pb_encode.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User intera ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:35 | 阅读:27 | 回复:0
  • CVE-2021-27545
    CVE漏洞
    CVE-2021-27545
    SQL Injection in the add-services.php component of PHPGurukul Beauty Parlour Management System v1.0 allows remote attackers to obtain sensitive database information by injecting SQL commands into the ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:35 | 阅读:37 | 回复:0
  • CVE-2021-27544
    CVE漏洞
    CVE-2021-27544
    Cross Site Scripting (XSS) in the add-services.php component of PHPGurukul Beauty Parlour Management System v1.0 allows remote attackers to execute arbitrary code by injecting arbitrary HTML into the ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:35 | 阅读:25 | 回复:0
  • CVE-2021-27129
    CVE漏洞
    CVE-2021-27129
    CASAP Automated Enrollment System version 1.0 contains a cross-site scripting (XSS) vulnerability through the Students Edit ROUTE parameter.……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:34 | 阅读:26 | 回复:0
  • CVE-2021-27850
    CVE漏洞
    CVE-2021-27850
    A critical unauthenticated remote code execution vulnerability was found all recent versions of Apache Tapestry. The affected versions include 5.4.5, 5.5.0, 5.6.2 and 5.7.0. The vulnerability I have f ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:34 | 阅读:37 | 回复:0
  • CVE-2021-23887
    CVE漏洞
    CVE-2021-23887
    Privilege Escalation vulnerability in McAfee Data Loss Prevention (DLP) Endpoint for Windows prior to 11.6.100 allows a local, low privileged, attacker to write to arbitrary controlled kernel addresse ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:34 | 阅读:14 | 回复:0
  • CVE-2021-23886
    CVE漏洞
    CVE-2021-23886
    Denial of Service vulnerability in McAfee Data Loss Prevention (DLP) Endpoint for Windows prior to 11.6.100 allows a local, low privileged, attacker to cause a BSoD through suspending a process, modif ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:34 | 阅读:8 | 回复:0
  • CVE-2021-23884
    CVE漏洞
    CVE-2021-23884
    Cleartext Transmission of Sensitive Information vulnerability in the ePO Extension of McAfee Content Security Reporter (CSR) prior to 2.8.0 allows an ePO administrator to view the unencrypted password ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:34 | 阅读:11 | 回复:0
  • CVE-2020-7308
    CVE漏洞
    CVE-2020-7308
    Cleartext Transmission of Sensitive Information between McAfee Endpoint Security (ENS) for Windows prior to 10.7.0 February 2021 Update and McAfee Global Threat Intelligence (GTI) servers using DNS al ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:34 | 阅读:7 | 回复:0
  • CVE-2020-7270
    CVE漏洞
    CVE-2020-7270
    Exposure of Sensitive Information in the web interface in McAfee Advanced Threat Defense (ATD) prior to 4.12.2 allows remote authenticated users to view sensitive unencrypted information via a careful ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:34 | 阅读:7 | 回复:0
  • CVE-2020-7269
    CVE漏洞
    CVE-2020-7269
    Exposure of Sensitive Information in the web interface in McAfee Advanced Threat Defense (ATD) prior to 4.12.2 allows remote authenticated users to view sensitive unencrypted information via a careful ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:34 | 阅读:9 | 回复:0
  • CVE-2021-30487
    CVE漏洞
    CVE-2021-30487
    In the topic moving API in Zulip Server 3.x before 3.4, organization administrators were able to move messages to streams in other organizations hosted by the same Zulip installation.……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:34 | 阅读:9 | 回复:0
  • CVE-2021-30479
    CVE漏洞
    CVE-2021-30479
    An issue was discovered in Zulip Server before 3.4. A bug in the implementation of the all_public_streams API feature resulted in guest users being able to receive message traffic to public streams th ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:34 | 阅读:5 | 回复:0
  • CVE-2021-30478
    CVE漏洞
    CVE-2021-30478
    An issue was discovered in Zulip Server before 3.4. A bug in the implementation of the can_forge_sender permission (previously is_api_super_user) resulted in users with this permission being able to s ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:34 | 阅读:26 | 回复:0
  • CVE-2021-30477
    CVE漏洞
    CVE-2021-30477
    An issue was discovered in Zulip Server before 3.4. A bug in the implementation of replies to messages sent by outgoing webhooks to private streams meant that an outgoing webhook bot could be used to ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:34 | 阅读:10 | 回复:0
  • CVE-2021-26076
    CVE漏洞
    CVE-2021-26076
    The jira.editor.user.mode cookie set by the Jira Editor Plugin in Jira Server and Data Center before version 8.5.12, from version 8.6.0 before version 8.13.4, and from version 8.14.0 before version 8. ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:34 | 阅读:18 | 回复:0
  • CVE-2021-26075
    CVE漏洞
    CVE-2021-26075
    The Jira importers plugin AttachTemporaryFile rest resource in Jira Server and Data Center before version 8.5.12, from version 8.6.0 before 8.13.4, and from version 8.14.0 before 8.15.1 allowed remote ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:34 | 阅读:17 | 回复:0
  • CVE-2020-36288
    CVE漏洞
    CVE-2020-36288
    The issue navigation and search view in Jira Server and Data Center before version 8.5.12, from version 8.6.0 before version 8.13.4, and from version 8.14.0 before version 8.15.1 allows remote attacke ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:34 | 阅读:17 | 回复:0
  • CVE-2021-27183
    CVE漏洞
    CVE-2021-27183
    An issue was discovered in MDaemon before 20.0.4. Administrators can use Remote Administration to exploit an Arbitrary File Write vulnerability. An attacker is able to create new files in any location ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:34 | 阅读:22 | 回复:0
  • CVE-2021-27182
    CVE漏洞
    CVE-2021-27182
    An issue was discovered in MDaemon before 20.0.4. There is an IFRAME injection vulnerability in Webmail (aka WorldClient). It can be exploited via an email message. It allows an attacker to perform an ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:34 | 阅读:30 | 回复:0
  • CVE-2021-27181
    CVE漏洞
    CVE-2021-27181
    An issue was discovered in MDaemon before 20.0.4. Remote Administration allows an attacker to perform a fixation of the anti-CSRF token. In order to exploit this issue, the user has to click on a mali ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:34 | 阅读:18 | 回复:0
  • CVE-2021-27180
    CVE漏洞
    CVE-2021-27180
    An issue was discovered in MDaemon before 20.0.4. There is Reflected XSS in Webmail (aka WorldClient). It can be exploited via a GET request. It allows performing any action with the privileges of the ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:34 | 阅读:35 | 回复:0
  • CVE-2021-29449
    CVE漏洞
    CVE-2021-29449
    Pi-hole is a Linux network-level advertisement and Internet tracker blocking application. Multiple privilege escalation vulnerabilities were discovered in version 5.2.4 of Pi-hole core. See the refere ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:34 | 阅读:12 | 回复:0
  • CVE-2021-28157
    CVE漏洞
    CVE-2021-28157
    An SQL Injection issue in Devolutions Server before 2021.1 and Devolutions Server LTS before 2020.3.18 allows an administrative user to execute arbitrary SQL commands via a username in api/security/us ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:34 | 阅读:15 | 回复:0
  • CVE-2021-28048
    CVE漏洞
    CVE-2021-28048
    An overly permissive CORS policy in Devolutions Server before 2021.1 and Devolutions Server LTS before 2020.3.18 allows a remote attacker to leak cross-origin data via a crafted HTML page.……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:34 | 阅读:34 | 回复:0

关注我们

极客给你想要的成长

关注极客中国获取最新资讯

加入Q群 官方微博
热门推荐
More+
专题导读
More+
热门话题
More+
阅读排行榜

扫描微信二维码

查看手机版网站

随时了解更新最新资讯

139-2527-9053

在线客服(服务时间 9:00~18:00)

在线QQ客服
地址:深圳市南山区西丽大学城创智工业园
电邮:jeky_zhao#qq.com
移动电话:139-2527-9053

Powered by 互联科技 X3.4© 2001-2213 极客世界.|Sitemap