• 设为首页
  • 点击收藏
  • 手机版
    手机扫一扫访问
    迪恩网络手机版
  • 关注官方公众号
    微信扫一扫关注
    迪恩网络公众号
登陆 注册
描述文字
OGeek|极客世界-中国程序员成长平台 门户 漏洞

漏洞

RSS

下级分类:

  • CVE-2021-29009
    CVE漏洞
    CVE-2021-29009
    A cross-site scripting (XSS) issue in SEO Panel 4.8.0 allows remote attackers to inject JavaScript via archive.php in the type parameter.……
    作者:菜鸟教程小白 | 时间:2022-2-5 09:54 | 阅读:19 | 回复:0
  • CVE-2021-29008
    CVE漏洞
    CVE-2021-29008
    A cross-site scripting (XSS) issue in SEO Panel 4.8.0 allows remote attackers to inject JavaScript via webmaster-tools.php in the to_time parameter.……
    作者:菜鸟教程小白 | 时间:2022-2-5 09:54 | 阅读:14 | 回复:0
  • CVE-2021-27454
    CVE漏洞
    CVE-2021-27454
    The software performs an operation at a privilege level higher than the minimum level required, which creates new weaknesses or amplifies the consequences of other weaknesses on the Reason DR60 (all f ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 09:54 | 阅读:12 | 回复:0
  • CVE-2021-27452
    CVE漏洞
    CVE-2021-27452
    The software contains a hard-coded password that could allow an attacker to take control of the merging unit using these hard-coded credentials on the MU320E (all firmware versions prior to v04A00.1).……
    作者:菜鸟教程小白 | 时间:2022-2-5 09:54 | 阅读:22 | 回复:0
  • CVE-2021-27450
    CVE漏洞
    CVE-2021-27450
    SSH server configuration file does not implement some best practices. This could lead to a weakening of the SSH protocol strength, which could lead to additional misconfiguration or be leveraged as pa ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 09:54 | 阅读:12 | 回复:0
  • CVE-2021-27448
    CVE漏洞
    CVE-2021-27448
    A miscommunication in the file system allows adversaries with access to the MU320E to escalate privileges on the MU320E (all firmware versions prior to v04A00.1).……
    作者:菜鸟教程小白 | 时间:2022-2-5 09:54 | 阅读:16 | 回复:0
  • CVE-2021-27440
    CVE漏洞
    CVE-2021-27440
    The software contains a hard-coded password it uses for its own inbound authentication or for outbound communication to external components on the Reason DR60 (all firmware versions prior to 02A04.1).……
    作者:菜鸟教程小白 | 时间:2022-2-5 09:54 | 阅读:23 | 回复:0
  • CVE-2021-27438
    CVE漏洞
    CVE-2021-27438
    The software contains a hard-coded password it uses for its own inbound authentication or for outbound communication to external components on the Reason DR60 (all firmware versions prior to 02A04.1).……
    作者:菜鸟教程小白 | 时间:2022-2-5 09:54 | 阅读:17 | 回复:0
  • CVE-2021-22889
    CVE漏洞
    CVE-2021-22889
    Revive Adserver before v5.2.0 is vulnerable to a reflected XSS vulnerability in the `statsBreakdown` parameter of stats.php (and possibly other scripts) due to single quotes not being escaped. An atta ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 09:54 | 阅读:18 | 回复:0
  • CVE-2021-22888
    CVE漏洞
    CVE-2021-22888
    Revive Adserver before v5.2.0 is vulnerable to a reflected XSS vulnerability in the `status` parameter of campaign-zone-zones.php. An attacker could trick a user with access to the user interface of a ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 09:54 | 阅读:29 | 回复:0
  • CVE-2020-10584
    CVE漏洞
    CVE-2020-10584
    A directory traversal on the /admin/search_by.php script of Invigo Automatic Device Management (ADM) through 5.0 allows remote attackers to read arbitrary server files accessible to the user running t ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 09:54 | 阅读:22 | 回复:0
  • CVE-2020-10583
    CVE漏洞
    CVE-2020-10583
    The /admin/admapi.php script of Invigo Automatic Device Management (ADM) through 5.0 allows remote authenticated attackers to execute arbitrary OS commands on the server as the user running the applic ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 09:54 | 阅读:24 | 回复:0
  • CVE-2020-10582
    CVE漏洞
    CVE-2020-10582
    A SQL injection on the /admin/display_errors.php script of Invigo Automatic Device Management (ADM) through 5.0 allows remote attackers to execute arbitrary SQL requests (including data reading and mo ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 09:54 | 阅读:21 | 回复:0
  • CVE-2020-10581
    CVE漏洞
    CVE-2020-10581
    Multiple session validity check issues in several administration functionalities of Invigo Automatic Device Management (ADM) through 5.0 allow remote attackers to read potentially sensitive data hoste ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 09:54 | 阅读:31 | 回复:0
  • CVE-2020-10580
    CVE漏洞
    CVE-2020-10580
    A command injection on the /admin/broadcast.php script of Invigo Automatic Device Management (ADM) through 5.0 allows remote authenticated attackers to execute arbitrary PHP code on the server as the ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 09:54 | 阅读:33 | 回复:0
  • CVE-2020-10579
    CVE漏洞
    CVE-2020-10579
    A directory traversal on the /admin/sysmon.php script of Invigo Automatic Device Management (ADM) through 5.0 allows remote attackers to list the content of arbitrary server directories accessible to ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 09:54 | 阅读:36 | 回复:0
  • CVE-2021-3467
    CVE漏洞
    CVE-2021-3467
    A NULL pointer dereference flaw was found in the way Jasper versions before 2.0.26 handled component references in CDEF box in the JP2 image format decoder. A specially crafted JP2 image file could ca ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 09:54 | 阅读:31 | 回复:0
  • CVE-2021-3466
    CVE漏洞
    CVE-2021-3466
    A flaw was found in libmicrohttpd. A missing bounds check in the post_process_urlencoded function leads to a buffer overflow, allowing a remote attacker to write arbitrary data in an application that ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 09:54 | 阅读:34 | 回复:0
  • CVE-2021-3446
    CVE漏洞
    CVE-2021-3446
    A flaw was found in libtpms in versions before 0.8.2. The commonly used integration of libtpms with OpenSSL contained a vulnerability related to the returned IV (initialization vector) when certain sy ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 09:54 | 阅读:21 | 回复:0
  • CVE-2021-3443
    CVE漏洞
    CVE-2021-3443
    A NULL pointer dereference flaw was found in the way Jasper versions before 2.0.27 handled component references in the JP2 image format decoder. A specially crafted JP2 image file could cause an appli ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 09:54 | 阅读:15 | 回复:0
  • CVE-2021-29096
    CVE漏洞
    CVE-2021-29096
    A use-after-free vulnerability when parsing a specially crafted file in Esri ArcReader, ArcGIS Desktop, ArcGIS Engine 10.8.1 (and earlier) and ArcGIS Pro 2.7 (and earlier) allows an unauthenticated at ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 09:54 | 阅读:25 | 回复:0
  • CVE-2021-27195
    CVE漏洞
    CVE-2021-27195
    Improper Authorization vulnerability in Netop Vision Pro up to and including to 9.7.1 allows an attacker to replay network traffic.……
    作者:菜鸟教程小白 | 时间:2022-2-5 09:54 | 阅读:42 | 回复:0
  • CVE-2021-27194
    CVE漏洞
    CVE-2021-27194
    Cleartext transmission of sensitive information in Netop Vision Pro up to and including 9.7.1 allows a remote unauthenticated attacker to gather credentials including Windows login usernames and passw ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 09:54 | 阅读:35 | 回复:0
  • CVE-2021-27193
    CVE漏洞
    CVE-2021-27193
    Incorrect default permissions vulnerability in the API of Netop Vision Pro up to and including 9.7.1 allows a remote unauthenticated attacker to read and write files on the remote machine with system ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 09:54 | 阅读:36 | 回复:0
  • CVE-2021-27192
    CVE漏洞
    CVE-2021-27192
    Local privilege escalation vulnerability in Windows clients of Netop Vision Pro up to and including 9.7.1 allows a local user to gain administrator privileges whilst using the clients.……
    作者:菜鸟教程小白 | 时间:2022-2-5 09:54 | 阅读:35 | 回复:0
  • CVE-2021-26597
    CVE漏洞
    CVE-2021-26597
    An issue was discovered in Nokia NetAct 18A. A remote user, authenticated to the NOKIA NetAct Web Page, can visit the Site Configuration Tool web site section and arbitrarily upload potentially danger ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 09:54 | 阅读:23 | 回复:0
  • CVE-2021-26596
    CVE漏洞
    CVE-2021-26596
    An issue was discovered in Nokia NetAct 18A. A malicious user can change a filename of an uploaded file to include JavaScript code, which is then stored and executed by a victim's web browser. The ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 09:54 | 阅读:27 | 回复:0
  • CVE-2021-20217
    CVE漏洞
    CVE-2021-20217
    A flaw was found in Privoxy in versions before 3.0.31. An assertion failure triggered by a crafted CGI request may lead to denial of service. The highest threat from this vulnerability is to system av ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 09:54 | 阅读:17 | 回复:0
  • CVE-2021-20216
    CVE漏洞
    CVE-2021-20216
    A flaw was found in Privoxy in versions before 3.0.31. A memory leak that occurs when decompression fails unexpectedly may lead to a denial of service. The highest threat from this vulnerability is to ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 09:54 | 阅读:21 | 回复:0
  • CVE-2021-20215
    CVE漏洞
    CVE-2021-20215
    A flaw was found in Privoxy in versions before 3.0.29. Memory leaks in the show-status CGI handler when memory allocations fail can lead to a system crash.……
    作者:菜鸟教程小白 | 时间:2022-2-5 09:54 | 阅读:13 | 回复:0
  • CVE-2021-20214
    CVE漏洞
    CVE-2021-20214
    A flaw was found in Privoxy in versions before 3.0.29. Memory leaks in the client-tags CGI handler when client tags are configured and memory allocations fail can lead to a system crash.……
    作者:菜鸟教程小白 | 时间:2022-2-5 09:54 | 阅读:17 | 回复:0
  • CVE-2021-20213
    CVE漏洞
    CVE-2021-20213
    A flaw was found in Privoxy in versions before 3.0.29. Dereference of a NULL-pointer that could result in a crash if accept-intercepted-requests was enabled, Privoxy failed to get the request destinat ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 09:54 | 阅读:19 | 回复:0
  • CVE-2021-20212
    CVE漏洞
    CVE-2021-20212
    A flaw was found in Privoxy in versions before 3.0.29. Memory leak if multiple filters are executed and the last one is skipped due to a pcre error leading to a system crash.……
    作者:菜鸟教程小白 | 时间:2022-2-5 09:54 | 阅读:23 | 回复:0
  • CVE-2021-20211
    CVE漏洞
    CVE-2021-20211
    A flaw was found in Privoxy in versions before 3.0.29. Memory leak when client tags are active can cause a system crash.……
    作者:菜鸟教程小白 | 时间:2022-2-5 09:54 | 阅读:16 | 回复:0
  • CVE-2021-20210
    CVE漏洞
    CVE-2021-20210
    A flaw was found in Privoxy in versions before 3.0.29. Memory leak in the show-status CGI handler when no filter files are configured can lead to a system crash.……
    作者:菜鸟教程小白 | 时间:2022-2-5 09:54 | 阅读:24 | 回复:0
  • CVE-2020-35502
    CVE漏洞
    CVE-2020-35502
    A flaw was found in Privoxy in versions before 3.0.29. Memory leaks when a response is buffered and the buffer limit is reached or Privoxy is running out of memory can lead to a system crash.……
    作者:菜鸟教程小白 | 时间:2022-2-5 09:54 | 阅读:33 | 回复:0
  • CVE-2021-25368
    CVE漏洞
    CVE-2021-25368
    Hijacking vulnerability in Samsung Cloud prior to version 4.7.0.3 allows attackers to intercept when the provider is executed.……
    作者:菜鸟教程小白 | 时间:2022-2-5 09:54 | 阅读:40 | 回复:0
  • CVE-2021-25367
    CVE漏洞
    CVE-2021-25367
    Path Traversal vulnerability in Samsung Notes prior to version 4.2.00.22 allows attackers to access local files without permission.……
    作者:菜鸟教程小白 | 时间:2022-2-5 09:54 | 阅读:25 | 回复:0
  • CVE-2021-25366
    CVE漏洞
    CVE-2021-25366
    Improper access control in Samsung Internet prior to version 13.2.1.70 allows physically proximate attackers to bypass the secret mode's authentication.……
    作者:菜鸟教程小白 | 时间:2022-2-5 09:54 | 阅读:26 | 回复:0
  • CVE-2021-25355
    CVE漏洞
    CVE-2021-25355
    Using unsafe PendingIntent in Samsung Notes prior to version 4.2.00.22 allows local attackers unauthorized action without permission via hijacking the PendingIntent.……
    作者:菜鸟教程小白 | 时间:2022-2-5 09:54 | 阅读:26 | 回复:0

关注我们

极客给你想要的成长

关注极客中国获取最新资讯

加入Q群 官方微博
热门推荐
More+
专题导读
More+
热门话题
More+
阅读排行榜

扫描微信二维码

查看手机版网站

随时了解更新最新资讯

139-2527-9053

在线客服(服务时间 9:00~18:00)

在线QQ客服
地址:深圳市南山区西丽大学城创智工业园
电邮:jeky_zhao#qq.com
移动电话:139-2527-9053

Powered by 互联科技 X3.4© 2001-2213 极客世界.|Sitemap