• 设为首页
  • 点击收藏
  • 手机版
    手机扫一扫访问
    迪恩网络手机版
  • 关注官方公众号
    微信扫一扫关注
    迪恩网络公众号
登陆 注册
描述文字
OGeek|极客世界-中国程序员成长平台 门户 漏洞

漏洞

RSS

下级分类:

  • CVE-2021-21413
    CVE漏洞
    CVE-2021-21413
    isolated-vm is a library for nodejs which gives you access to v8's Isolate interface. Versions of isolated-vm before v4.0.0 have API pitfalls which may make it easy for implementers to expose supp ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 09:55 | 阅读:46 | 回复:0
  • CVE-2020-24995
    CVE漏洞
    CVE-2020-24995
    Buffer overflow vulnerability in sniff_channel_order function in aacdec_template.c in ffmpeg 3.1.2, allows attackers to execute arbitrary code (local).……
    作者:菜鸟教程小白 | 时间:2022-2-5 09:55 | 阅读:30 | 回复:0
  • CVE-2021-29650
    CVE漏洞
    CVE-2021-29650
    An issue was discovered in the Linux kernel before 5.11.11. The netfilter subsystem allows attackers to cause a denial of service (panic) because net/netfilter/x_tables.c and include/linux/netfilter/x ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 09:55 | 阅读:37 | 回复:0
  • CVE-2021-29649
    CVE漏洞
    CVE-2021-29649
    An issue was discovered in the Linux kernel before 5.11.11. The user mode driver (UMD) has a copy_process() memory leak, related to a lack of cleanup steps in kernel/usermode_driver.c and kernel/bpf/p ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 09:55 | 阅读:49 | 回复:0
  • CVE-2021-29648
    CVE漏洞
    CVE-2021-29648
    An issue was discovered in the Linux kernel before 5.11.11. The BPF subsystem does not properly consider that resolved_ids and resolved_sizes are intentionally uninitialized in the vmlinux BPF Type Fo ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 09:55 | 阅读:42 | 回复:0
  • CVE-2021-29647
    CVE漏洞
    CVE-2021-29647
    An issue was discovered in the Linux kernel before 5.11.11. qrtr_recvmsg in net/qrtr/qrtr.c allows attackers to obtain sensitive information from kernel memory because of a partially uninitialized dat ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 09:55 | 阅读:48 | 回复:0
  • CVE-2021-29646
    CVE漏洞
    CVE-2021-29646
    An issue was discovered in the Linux kernel before 5.11.11. tipc_nl_retrieve_key in net/tipc/node.c does not properly validate certain data sizes, aka CID-0217ed2848e8.……
    作者:菜鸟教程小白 | 时间:2022-2-5 09:55 | 阅读:51 | 回复:0
  • CVE-2020-24391
    CVE漏洞
    CVE-2020-24391
    mongo-express before 1.0.0 offers support for certain advanced syntax but implements this in an unsafe way. NOTE: this may overlap CVE-2019-10769.……
    作者:菜鸟教程小白 | 时间:2022-2-5 09:55 | 阅读:37 | 回复:0
  • CVE-2021-29642
    CVE漏洞
    CVE-2021-29642
    GistPad before 0.2.7 allows a crafted workspace folder to change the URL for the Gist API, which leads to leakage of GitHub access tokens.……
    作者:菜鸟教程小白 | 时间:2022-2-5 09:55 | 阅读:63 | 回复:0
  • CVE-2021-3476
    CVE漏洞
    CVE-2021-3476
    A flaw was found in OpenEXR's B44 uncompression functionality in versions before 3.0.0-beta. An attacker who is able to submit a crafted file to OpenEXR could trigger shift overflows, potentially ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 09:55 | 阅读:60 | 回复:0
  • CVE-2021-3475
    CVE漏洞
    CVE-2021-3475
    There is a flaw in OpenEXR in versions before 3.0.0-beta. An attacker who can submit a crafted file to be processed by OpenEXR could cause an integer overflow, potentially leading to problems with app ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 09:55 | 阅读:52 | 回复:0
  • CVE-2021-3474
    CVE漏洞
    CVE-2021-3474
    There's a flaw in OpenEXR in versions before 3.0.0-beta. A crafted input file that is processed by OpenEXR could cause a shift overflow in the FastHufDecoder, potentially leading to problems with ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 09:55 | 阅读:59 | 回复:0
  • CVE-2021-26579
    CVE漏洞
    CVE-2021-26579
    A security vulnerability in HPE Unified Data Management (UDM) could allow the local disclosure of privileged information (CWE-321: Use of Hard-coded Cryptographic Key in a product). HPE has provided u ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 09:55 | 阅读:34 | 回复:0
  • CVE-2021-21412
    CVE漏洞
    CVE-2021-21412
    Potential for arbitrary code execution in npm package @thi.ng/egf `#gpg`-tagged property values (only if `decrypt: true` option is enabled). PR with patch has been submitted and will has been released ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 09:55 | 阅读:42 | 回复:0
  • CVE-2021-20520
    CVE漏洞
    CVE-2021-20520
    IBM Jazz Foundation Products are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potential ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 09:55 | 阅读:30 | 回复:0
  • CVE-2021-20518
    CVE漏洞
    CVE-2021-20518
    IBM Jazz Foundation Products are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potential ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 09:55 | 阅读:30 | 回复:0
  • CVE-2021-20506
    CVE漏洞
    CVE-2021-20506
    IBM Jazz Foundation Products are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potential ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 09:55 | 阅读:33 | 回复:0
  • CVE-2021-20504
    CVE漏洞
    CVE-2021-20504
    IBM Jazz Foundation Products are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potential ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 09:55 | 阅读:41 | 回复:0
  • CVE-2021-20503
    CVE漏洞
    CVE-2021-20503
    IBM Jazz Foundation Products are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potential ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 09:55 | 阅读:48 | 回复:0
  • CVE-2021-20502
    CVE漏洞
    CVE-2021-20502
    IBM Jazz Foundation Products are vulnerable to an XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive informatio ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 09:55 | 阅读:42 | 回复:0
  • CVE-2021-20447
    CVE漏洞
    CVE-2021-20447
    IBM Jazz Foundation Products are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potential ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 09:55 | 阅读:39 | 回复:0
  • CVE-2021-20352
    CVE漏洞
    CVE-2021-20352
    IBM Jazz Foundation Products are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potential ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 09:55 | 阅读:36 | 回复:0
  • CVE-2021-21398
    CVE漏洞
    CVE-2021-21398
    PrestaShop is a fully scalable open source e-commerce solution. In PrestaShop before version 1.7.7.3, an attacker can inject HTML when the Grid Column Type DataColumn is badly used. The problem is fix ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 09:55 | 阅读:26 | 回复:0
  • CVE-2021-20482
    CVE漏洞
    CVE-2021-20482
    IBM Cloud Pak for Automation 20.0.2 and 20.0.3 IF002 are vulnerable to an XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to exp ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 09:55 | 阅读:50 | 回复:0
  • CVE-2020-4944
    CVE漏洞
    CVE-2020-4944
    IBM UrbanCode Deploy (UCD) 7.0.3.0, 7.0.4.0, 7.0.5.3, 7.0.5.4, 7.1.0.0, 7.1.1.0, 7.1.1.1, and 7.1.1.2, stores keystore passwords in plain text after a manual edit, which can be read by a local user. I ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 09:55 | 阅读:46 | 回复:0
  • CVE-2020-4884
    CVE漏洞
    CVE-2020-4884
    IBM UrbanCode Deploy (UCD) 6.2.7.9, 7.0.5.4, and 7.1.1.1 stores user credentials in plain in clear text which can be read by a local user. IBM X-Force ID: 190908.……
    作者:菜鸟教程小白 | 时间:2022-2-5 09:55 | 阅读:57 | 回复:0
  • CVE-2020-4848
    CVE漏洞
    CVE-2020-4848
    IBM UrbanCode Deploy (UCD) 6.2.7.9, 7.0.5.4, and 7.1.1.1 could allow an authenticated user to initiate a plugin or compare process resources that they should not have access to. IBM X-Force ID: 190293 ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 09:55 | 阅读:40 | 回复:0
  • CVE-2021-27271
    CVE漏洞
    CVE-2021-27271
    This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PhantomPDF 10.1.0.37527. User interaction is required to exploit this vulnerability in that the ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 09:55 | 阅读:41 | 回复:0
  • CVE-2021-27270
    CVE漏洞
    CVE-2021-27270
    This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PhantomPDF 10.1.0.37527. User interaction is required to exploit this vulnerability in that the ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 09:55 | 阅读:37 | 回复:0
  • CVE-2021-27269
    CVE漏洞
    CVE-2021-27269
    This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PhantomPDF 10.1.0.37527. User interaction is required to exploit this vulnerability in that the ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 09:55 | 阅读:35 | 回复:0
  • CVE-2021-27268
    CVE漏洞
    CVE-2021-27268
    This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PhantomPDF 10.1.0.37527. User interaction is required to exploit this vulnerability in that the ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 09:55 | 阅读:34 | 回复:0
  • CVE-2021-27267
    CVE漏洞
    CVE-2021-27267
    This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PhantomPDF 10.1.0.37527. User interaction is required to exploit this vulnerability in that the ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 09:55 | 阅读:41 | 回复:0
  • CVE-2021-27266
    CVE漏洞
    CVE-2021-27266
    This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PhantomPDF 10.1.0.37527. User interaction is required to exploit this vulnerability in t ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 09:55 | 阅读:38 | 回复:0
  • CVE-2021-27265
    CVE漏洞
    CVE-2021-27265
    This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PhantomPDF 10.1.0.37527. User interaction is required to exploit this vulnerability in t ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 09:55 | 阅读:41 | 回复:0
  • CVE-2021-27264
    CVE漏洞
    CVE-2021-27264
    This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PhantomPDF 10.1.0.37527. User interaction is required to exploit this vulnerability in t ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 09:55 | 阅读:46 | 回复:0
  • CVE-2021-27263
    CVE漏洞
    CVE-2021-27263
    This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PhantomPDF 10.1.0.37527. User interaction is required to exploit this vulnerability in t ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 09:55 | 阅读:44 | 回复:0
  • CVE-2021-27262
    CVE漏洞
    CVE-2021-27262
    This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PhantomPDF 10.1.0.37527. User interaction is required to exploit this vulnerability in t ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 09:55 | 阅读:31 | 回复:0
  • CVE-2021-27261
    CVE漏洞
    CVE-2021-27261
    This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PhantomPDF 10.1.0.37527. User interaction is required to exploit this vulnerability in that the ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 09:55 | 阅读:24 | 回复:0
  • CVE-2021-23363
    CVE漏洞
    CVE-2021-23363
    This affects the package kill-by-port before 0.0.2. If (attacker-controlled) user input is given to the killByPort function, it is possible for an attacker to execute arbitrary commands. This is due t ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 09:55 | 阅读:25 | 回复:0
  • CVE-2021-21409
    CVE漏洞
    CVE-2021-21409
    Netty is an open-source, asynchronous event-driven network application framework for rapid development of maintainable high performance protocol servers clients. In Netty (io.netty:netty-codec-http2) ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 09:55 | 阅读:43 | 回复:0

关注我们

极客给你想要的成长

关注极客中国获取最新资讯

加入Q群 官方微博
热门推荐
More+
专题导读
More+
热门话题
More+
阅读排行榜

扫描微信二维码

查看手机版网站

随时了解更新最新资讯

139-2527-9053

在线客服(服务时间 9:00~18:00)

在线QQ客服
地址:深圳市南山区西丽大学城创智工业园
电邮:jeky_zhao#qq.com
移动电话:139-2527-9053

Powered by 互联科技 X3.4© 2001-2213 极客世界.|Sitemap