漏洞 - 第957页-OGeek|极客世界-中国程序员成长平台

OGeek|极客世界-中国程序员成长平台 › 门户 ›漏洞

漏洞

RSS

下级分类:

CVE漏洞

CVE-2020-28596

A stack-based buffer overflow vulnerability exists in the Objparser::objparse() functionality of Prusa Research PrusaSlicer 2.2.0 and Master (commit 4b040b856). A specially crafted obj file can lead t ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:41 | 阅读：27 | 回复：0
CVE漏洞

CVE-2020-28595

An out-of-bounds write vulnerability exists in the Obj.cpp load_obj() functionality of Prusa Research PrusaSlicer 2.2.0 and Master (commit 4b040b856). A specially crafted obj file can lead to code exe ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:41 | 阅读：29 | 回复：0
CVE漏洞

CVE-2020-27250

In SoftMaker Software GmbH SoftMaker Office PlanMaker 2021 (Revision 1014), a specially crafted document can cause the document parser to copy data from a particular record type into a static-sized bu ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:41 | 阅读：23 | 回复：0
CVE漏洞

CVE-2020-24842

PNPSCADA 2.200816204020 allows cross-site scripting (XSS), which can execute arbitrary JavaScript in the victim's browser.……

作者：菜鸟教程小白 | 时间：2022-2-5 09:41 | 阅读：36 | 回复：0
CVE漏洞

CVE-2020-13585

An out-of-bounds write vulnerability exists in the PSD Header processing functionality of Accusoft ImageGear 19.8. A specially crafted malformed file can lead to code execution. An attacker can provid ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:41 | 阅读：28 | 回复：0
CVE漏洞

CVE-2020-13583

A denial-of-service vulnerability exists in the HTTP Server functionality of Micrium uC-HTTP 3.01.00. A specially crafted HTTP request can lead to denial of service. An attacker can send an HTTP reque ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:41 | 阅读：18 | 回复：0
CVE漏洞

CVE-2020-13581

In SoftMaker Software GmbH SoftMaker Office PlanMaker 2021 (Revision 1014), a specially crafted document can cause the document parser to copy data from a particular record type into a buffer that is ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:41 | 阅读：39 | 回复：0
CVE漏洞

CVE-2020-13572

A heap overflow vulnerability exists in the way the GIF parser decodes LZW compressed streams in Accusoft ImageGear 19.8. A specially crafted malformed file can trigger a heap overflow, which can resu ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:41 | 阅读：32 | 回复：0
CVE漏洞

CVE-2020-13571

An out-of-bounds write vulnerability exists in the SGI RLE decompression functionality of Accusoft ImageGear 19.8. A specially crafted malformed file can lead to code execution. An attacker can provid ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:41 | 阅读：28 | 回复：0
CVE漏洞

CVE-2020-13561

An out-of-bounds write vulnerability exists in the TIFF parser of Accusoft ImageGear 19.8. A specially crafted malformed file can lead to code execution. An attacker can provide a malicious file to tr ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:41 | 阅读：49 | 回复：0
CVE漏洞

CVE-2020-8355

An internal product security audit of Lenovo XClarity Administrator (LXCA) prior to version 3.1.0 discovered the Windows OS credentials provided by the LXCA user to perform driver updates of managed s ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:41 | 阅读：37 | 回复：0
CVE漏洞

CVE-2021-21296

Fleet is an open source osquery manager. In Fleet before version 3.7.0 a malicious actor with a valid node key can send a badly formatted request that causes the Fleet server to exit, resulting in den ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:41 | 阅读：33 | 回复：0
CVE漏洞

CVE-2020-16120

Overlayfs did not properly perform permission checking when copying up files in an overlayfs and could be exploited from within a user namespace, if, for example, unprivileged user namespaces were all ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:41 | 阅读：23 | 回复：0
CVE漏洞

CVE-2020-13578

A denial-of-service vulnerability exists in the WS-Security plugin functionality of Genivia gSOAP 2.8.107. A specially crafted SOAP request can lead to denial of service. An attacker can send an HTTP ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:41 | 阅读：35 | 回复：0
CVE漏洞

CVE-2020-13577

A denial-of-service vulnerability exists in the WS-Security plugin functionality of Genivia gSOAP 2.8.107. A specially crafted SOAP request can lead to denial of service. An attacker can send an HTTP ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:41 | 阅读：36 | 回复：0
CVE漏洞

CVE-2020-13576

A code execution vulnerability exists in the WS-Addressing plugin functionality of Genivia gSOAP 2.8.107. A specially crafted SOAP request can lead to remote code execution. An attacker can send an HT ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:41 | 阅读：36 | 回复：0
CVE漏洞

CVE-2020-13575

A denial-of-service vulnerability exists in the WS-Addressing plugin functionality of Genivia gSOAP 2.8.107. A specially crafted SOAP request can lead to denial of service. An attacker can send an HTT ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:41 | 阅读：24 | 回复：0
CVE漏洞

CVE-2020-13574

A denial-of-service vulnerability exists in the WS-Security plugin functionality of Genivia gSOAP 2.8.107. A specially crafted SOAP request can lead to denial of service. An attacker can send an HTTP ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:41 | 阅读：24 | 回复：0
CVE漏洞

CVE-2020-13565

An open redirect vulnerability exists in the return_page redirection functionality of phpGACL 3.3.7, OpenEMR 5.0.2 and OpenEMR development version 6.0.0 (commit babec93f600ff1394f91ccd512bcad85832eb6c ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:41 | 阅读：27 | 回复：0
CVE漏洞

CVE-2020-13548

In Foxit Reader 10.1.0.37527, a specially crafted PDF document can trigger reuse of previously free memory which can lead to arbitrary code execution. An attacker needs to trick the user to open the m ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:41 | 阅读：38 | 回复：0
CVE漏洞

CVE-2021-27179

An issue was discovered on FiberHome HG6245D devices through RP2613. It is possible to crash the telnet daemon by sending a certain 0a 65 6e 61 62 6c 65 0a 02 0a 1a 0a string.……

作者：菜鸟教程小白 | 时间：2022-2-5 09:41 | 阅读：21 | 回复：0
CVE漏洞

CVE-2021-27178

An issue was discovered on FiberHome HG6245D devices through RP2613. Some passwords are stored in cleartext in nvram.……

作者：菜鸟教程小白 | 时间：2022-2-5 09:41 | 阅读：19 | 回复：0
CVE漏洞

CVE-2021-27177

An issue was discovered on FiberHome HG6245D devices through RP2613. It is possible to bypass authentication by sending the decoded value of the GgpoZWxwCmxpc3QKd2hvCg== string to the telnet server.……

作者：菜鸟教程小白 | 时间：2022-2-5 09:41 | 阅读：54 | 回复：0
CVE漏洞

CVE-2021-27176

An issue was discovered on FiberHome HG6245D devices through RP2613. wifictl_5g.cfg has cleartext passwords and 0644 permissions.……

作者：菜鸟教程小白 | 时间：2022-2-5 09:41 | 阅读：28 | 回复：0
CVE漏洞

CVE-2021-27175

An issue was discovered on FiberHome HG6245D devices through RP2613. wifictl_2g.cfg has cleartext passwords and 0644 permissions.……

作者：菜鸟教程小白 | 时间：2022-2-5 09:41 | 阅读：24 | 回复：0
CVE漏洞

CVE-2021-27174

An issue was discovered on FiberHome HG6245D devices through RP2613. wifi_custom.cfg has cleartext passwords and 0644 permissions.……

作者：菜鸟教程小白 | 时间：2022-2-5 09:41 | 阅读：39 | 回复：0
CVE漏洞

CVE-2021-27173

An issue was discovered on FiberHome HG6245D devices through RP2613. There is a telnet?enable=0key=calculated(BR0_MAC) backdoor API, without authentication, provided by the HTTP server. This will remo ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:41 | 阅读：29 | 回复：0
CVE漏洞

CVE-2021-27172

An issue was discovered on FiberHome HG6245D devices through RP2613. A hardcoded GEPON password for root is defined inside /etc/init.d/system-config.sh.……

作者：菜鸟教程小白 | 时间：2022-2-5 09:41 | 阅读：25 | 回复：0
CVE漏洞

CVE-2021-27171

An issue was discovered on FiberHome HG6245D devices through RP2613. It is possible to start a Linux telnetd as root on port 26/tcp by using the CLI interface commands of ddd and shell (or tshell).……

作者：菜鸟教程小白 | 时间：2022-2-5 09:41 | 阅读：35 | 回复：0
CVE漏洞

CVE-2021-27170

An issue was discovered on FiberHome HG6245D devices through RP2613. By default, there are no firewall rules for IPv6 connectivity, exposing the internal management interfaces to the Internet.……

作者：菜鸟教程小白 | 时间：2022-2-5 09:41 | 阅读：45 | 回复：0
CVE漏洞

CVE-2021-27169

An issue was discovered on FiberHome AN5506-04-FA devices with firmware RP2631. There is a gepon password for the gepon account.……

作者：菜鸟教程小白 | 时间：2022-2-5 09:41 | 阅读：25 | 回复：0
CVE漏洞

CVE-2021-27168

An issue was discovered on FiberHome HG6245D devices through RP2613. There is a 6GFJdY4aAuUKJjdtSn7d password for the rdsadmin account.……

作者：菜鸟教程小白 | 时间：2022-2-5 09:41 | 阅读：32 | 回复：0
CVE漏洞

CVE-2021-27167

An issue was discovered on FiberHome HG6245D devices through RP2613. There is a password of four hexadecimal characters for the admin account. These characters are generated in init_3bb_password in li ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:41 | 阅读：35 | 回复：0
CVE漏洞

CVE-2021-27166

An issue was discovered on FiberHome HG6245D devices through RP2613. The password for the enable command is gpon.……

作者：菜鸟教程小白 | 时间：2022-2-5 09:41 | 阅读：34 | 回复：0
CVE漏洞

CVE-2021-27165

An issue was discovered on FiberHome HG6245D devices through RP2613. The telnet daemon on port 23/tcp can be abused with the gpon/gpon credentials.……

作者：菜鸟教程小白 | 时间：2022-2-5 09:41 | 阅读：33 | 回复：0
CVE漏洞

CVE-2021-27164

An issue was discovered on FiberHome HG6245D devices through RP2613. The web daemon contains the hardcoded admin / aisadmin credentials for an ISP.……

作者：菜鸟教程小白 | 时间：2022-2-5 09:41 | 阅读：39 | 回复：0
CVE漏洞

CVE-2021-27163

An issue was discovered on FiberHome HG6245D devices through RP2613. The web daemon contains the hardcoded admin / tele1234 credentials for an ISP.……

作者：菜鸟教程小白 | 时间：2022-2-5 09:41 | 阅读：24 | 回复：0
CVE漏洞

CVE-2021-27162

An issue was discovered on FiberHome HG6245D devices through RP2613. The web daemon contains the hardcoded user / tattoo@home credentials for an ISP.……

作者：菜鸟教程小白 | 时间：2022-2-5 09:41 | 阅读：40 | 回复：0
CVE漏洞

CVE-2021-23928

OX App Suite through 7.10.3 allows XSS via the ajax/apps/manifests query string.……

作者：菜鸟教程小白 | 时间：2022-2-5 09:41 | 阅读：59 | 回复：0
CVE漏洞

CVE-2021-23927

OX App Suite through 7.10.4 allows SSRF via a URL with an @ character in an appsuite/api/oauth/proxy PUT request.……

作者：菜鸟教程小白 | 时间：2022-2-5 09:41 | 阅读：56 | 回复：0