CVE漏洞

OStack程序员社区-中国程序员成长平台 › 门户 › 漏洞›CVE漏洞

RSS

CVE-2022-0674

The Kunze Law WordPress plugin before 2.1 does not escape its 'E-Mail Error From Address' settings, allowing high privilege users such as admin to perform Cross-Site Scripting attacks even whe ...……

作者：菜鸟教程小白 | 时间：2022-6-23 10:52 | 阅读：56 | 回复：0
CVE-2022-0684

The WP Home Page Menu WordPress plugin before 3.1 does not sanitise and escape its settings, allowing high privilege users such as admin to perform Cross-Site Scripting attacks even when the unfiltere ...……

作者：菜鸟教程小白 | 时间：2022-6-23 10:52 | 阅读：73 | 回复：0
CVE-2022-0700

The Simple Tracking WordPress plugin before 1.7 does not sanitise and escape its settings, allowing high privilege users such as admin to perform Cross-Site Scripting attacks even when the unfiltered_ ...……

作者：菜鸟教程小白 | 时间：2022-6-23 10:52 | 阅读：83 | 回复：0
CVE-2022-0701

The SEO 301 Meta WordPress plugin through 1.9.1 does not escape its Request and Destination settings, allowing high privilege users such as admin to perform Cross-Site Scripting attacks even when the ...……

作者：菜鸟教程小白 | 时间：2022-6-23 10:52 | 阅读：85 | 回复：0
CVE-2022-0702

The Petfinder Listings WordPress plugin through 1.0.18 does not escape its settings, allowing high privilege users such as admin to perform Cross-Site Scripting attacks even when the unfiltered_html c ...……

作者：菜鸟教程小白 | 时间：2022-6-23 10:52 | 阅读：105 | 回复：0
CVE-2022-0703

The GD Mylist WordPress plugin through 1.1.1 does not sanitise and escape some of its settings, allowing high privilege users such as admin to perform Cross-Site Scripting attacks even when the unfilt ...……

作者：菜鸟教程小白 | 时间：2022-6-23 10:52 | 阅读：87 | 回复：0
CVE-2022-0960

Stored XSS viva .properties file upload in GitHub repository star7th/showdoc prior to 2.10.4.……

作者：菜鸟教程小白 | 时间：2022-6-23 10:52 | 阅读：60 | 回复：0
CVE-2022-22734

The Simple Quotation WordPress plugin through 1.3.2 does not have CSRF check when creating or editing a quote and does not sanitise and escape Quotes. As a result, attacker could make a logged in admi ...……

作者：菜鸟教程小白 | 时间：2022-6-23 10:52 | 阅读：95 | 回复：0
CVE-2022-22735

The Simple Quotation WordPress plugin through 1.3.2 does not have authorisation (and CSRF) checks in various of its AJAX actions and is lacking escaping of user data when using it in SQL statements, a ...……

作者：菜鸟教程小白 | 时间：2022-6-23 10:52 | 阅读：91 | 回复：0
CVE-2022-24577

GPAC 1.0.1 is affected by a NULL pointer dereference in gf_utf8_wcslen. (gf_utf8_wcslen is a renamed Unicode utf8_wcslen function.)……

作者：菜鸟教程小白 | 时间：2022-6-23 10:52 | 阅读：97 | 回复：0
CVE-2022-0962

Stored XSS viva .webma file upload in GitHub repository star7th/showdoc prior to 2.10.4.……

作者：菜鸟教程小白 | 时间：2022-6-23 10:52 | 阅读：96 | 回复：0
CVE-2021-38971

IBM Data Virtualization on Cloud Pak for Data 1.3.0, 1.4.1, 1.5.0, 1.7.1 and 1.7.3 could allow an authorized user to bypass data masking rules and obtain sensitve information. IBM X-Force ID: 212620.……

作者：菜鸟教程小白 | 时间：2022-6-23 10:52 | 阅读：117 | 回复：0
CVE-2021-39051

IBM Spectrum Copy Data Management 2.2.0.0 through 2.2.14.3 is vulnerable to server-side request forgery, caused by improper input of application server registration function. A remote attacker could e ...……

作者：菜鸟教程小白 | 时间：2022-6-23 10:52 | 阅读：211 | 回复：0
CVE-2021-39055

IBM Spectrum Copy Data Management 2.2.0.0 through 2.2.14.3 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the int ...……

作者：菜鸟教程小白 | 时间：2022-6-23 10:52 | 阅读：107 | 回复：0
CVE-2022-22344

IBM Spectrum Copy Data Management 2.2.0.0 through 2.2.14.3 is vulnerable to HTTP header injection, caused by improper validation of input by the HOST headers. This could allow an attacker to conduct v ...……

作者：菜鸟教程小白 | 时间：2022-6-23 10:52 | 阅读：72 | 回复：0
CVE-2022-22346

IBM Spectrum Protect Operations Center 8.1.0.000 through 8.1.13.xxx is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted ...……

作者：菜鸟教程小白 | 时间：2022-6-23 10:52 | 阅读：61 | 回复：0
CVE-2022-22348

IBM Spectrum Protect Operations Center 8.1.0.000 through 8.1.13.xxx is vulnerable to reverse tabnabbing where it could allow a page linked to from within Operations Center to rewrite it. An administra ...……

作者：菜鸟教程小白 | 时间：2022-6-23 10:52 | 阅读：53 | 回复：0
CVE-2022-22353

IBM Big SQL on IBM Cloud Pak for Data 7.1.0, 7.1.1, 7.2.0, and 7.2.3 could allow an authenticated user with appropriate permissions to obtain sensitive information by bypassing data masking rules usin ...……

作者：菜鸟教程小白 | 时间：2022-6-23 10:52 | 阅读：50 | 回复：0
CVE-2022-22354

IBM Spectrum Protect Plus 10.1.0.0 through 10.1.9.2 and IBM Spectrum Copy Data Management 2.2.0.0 through 2.2.14.3 do not limit the length of a connection which could allow for a Slowloris HTTP denial ...……

作者：菜鸟教程小白 | 时间：2022-6-23 10:52 | 阅读：51 | 回复：0
CVE-2022-21187

The package libvcs before 0.11.1 are vulnerable to Command Injection via argument injection. When calling the update_repo function (when using hg), the url parameter is passed to the hg clone command. ...……

作者：菜鸟教程小白 | 时间：2022-6-23 10:52 | 阅读：56 | 回复：0
CVE-2022-26320

The Rambus SafeZone Basic Crypto Module before 10.4.0, as used in certain Fujifilm (formerly Fuji Xerox) devices before 2022-03-01, Canon imagePROGRAF and imageRUNNER devices through 2022-03-14, and p ...……

作者：菜鸟教程小白 | 时间：2022-6-23 10:52 | 阅读：51 | 回复：0
CVE-2022-26351

** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2022-26320. Reason: This candidate is a reservation duplicate of CVE-2022-26320. Notes: All CVE users should reference CVE-2022-26320 ins ...……

作者：菜鸟教程小白 | 时间：2022-6-23 10:52 | 阅读：61 | 回复：0
CVE-2022-20001

fish is a command line shell. fish version 3.1.0 through version 3.3.1 is vulnerable to arbitrary code execution. git repositories can contain per-repository configuration that change the behavior of ...……

作者：菜鸟教程小白 | 时间：2022-6-23 10:52 | 阅读：100 | 回复：0
CVE-2022-24578

GPAC 1.0.1 is affected by a heap-based buffer overflow in SFS_AddString () at bifs/script_dec.c.……

作者：菜鸟教程小白 | 时间：2022-6-23 10:52 | 阅读：61 | 回复：0
CVE-2022-24733

Sylius is an open source eCommerce platform. Prior to versions 1.9.10, 1.10.11, and 1.11.2, it is possible for a page controlled by an attacker to load the website within an iframe. This will enable a ...……

作者：菜鸟教程小白 | 时间：2022-6-23 10:52 | 阅读：59 | 回复：0
CVE-2022-24742

Sylius is an open source eCommerce platform. Prior to versions 1.9.10, 1.10.11, and 1.11.2, any other user can view the data if browser tab remains unclosed after log out. The issue is fixed in versio ...……

作者：菜鸟教程小白 | 时间：2022-6-23 10:52 | 阅读：64 | 回复：0
CVE-2022-0943

Heap-based Buffer Overflow occurs in vim in GitHub repository vim/vim prior to 8.2.4563.……

作者：菜鸟教程小白 | 时间：2022-6-23 10:52 | 阅读：64 | 回复：0
CVE-2022-24743

Sylius is an open source eCommerce platform. Prior to versions 1.10.11 and 1.11.2, the reset password token was not set to null after the password was changed. The same token could be used several tim ...……

作者：菜鸟教程小白 | 时间：2022-6-23 10:52 | 阅读：107 | 回复：0
CVE-2022-24749

Sylius is an open source eCommerce platform. In versions prior to 1.9.10, 1.10.11, and 1.11.2, it is possible to upload an SVG file containing cross-site scripting (XSS) code in the admin panel. In or ...……

作者：菜鸟教程小白 | 时间：2022-6-23 10:52 | 阅读：139 | 回复：0
CVE-2021-42387

Heap out-of-bounds read in Clickhouse's LZ4 compression codec when parsing a malicious query. As part of the LZ4::decompressImpl() loop, a 16-bit unsigned user-supplied value ('offset') is ...……

作者：菜鸟教程小白 | 时间：2022-6-23 10:52 | 阅读：278 | 回复：0
CVE-2021-42388

Heap out-of-bounds read in Clickhouse's LZ4 compression codec when parsing a malicious query. As part of the LZ4::decompressImpl() loop, a 16-bit unsigned user-supplied value ('offset') is ...……

作者：菜鸟教程小白 | 时间：2022-6-23 10:52 | 阅读：139 | 回复：0
CVE-2021-42389

Divide-by-zero in Clickhouse's Delta compression codec when parsing a malicious query. The first byte of the compressed buffer is used in a modulo operation without being checked for 0.……

作者：菜鸟教程小白 | 时间：2022-6-23 10:52 | 阅读：67 | 回复：0
CVE-2021-42390

Divide-by-zero in Clickhouse's DeltaDouble compression codec when parsing a malicious query. The first byte of the compressed buffer is used in a modulo operation without being checked for 0.……

作者：菜鸟教程小白 | 时间：2022-6-23 10:52 | 阅读：64 | 回复：0
CVE-2021-42391

Divide-by-zero in Clickhouse's Gorilla compression codec when parsing a malicious query. The first byte of the compressed buffer is used in a modulo operation without being checked for 0.……

作者：菜鸟教程小白 | 时间：2022-6-23 10:52 | 阅读：76 | 回复：0
CVE-2021-43304

Heap buffer overflow in Clickhouse's LZ4 compression codec when parsing a malicious query. There is no verification that the copy operations in the LZ4::decompressImpl loop and especially the arbi ...……

作者：菜鸟教程小白 | 时间：2022-6-23 10:52 | 阅读：69 | 回复：0
CVE-2021-43305

Heap buffer overflow in Clickhouse's LZ4 compression codec when parsing a malicious query. There is no verification that the copy operations in the LZ4::decompressImpl loop and especially the arbi ...……

作者：菜鸟教程小白 | 时间：2022-6-23 10:52 | 阅读：64 | 回复：0
CVE-2022-24740

Volto is a ReactJS-based frontend for the Plone Content Management System. Between versions 14.0.0-alpha.5 and 15.0.0-alpha.0, a user could have their authentication cookie replaced with an authentica ...……

作者：菜鸟教程小白 | 时间：2022-6-23 10:52 | 阅读：65 | 回复：0
CVE-2022-24762

sysend.js is a library that allows a user to send messages between pages that are open in the same browser. Users that use cross-origin communication may have their communications intercepted. Impact ...……

作者：菜鸟教程小白 | 时间：2022-6-23 10:52 | 阅读：56 | 回复：0
CVE-2022-0944

Template injection in connection test endpoint leads to RCE in GitHub repository sqlpad/sqlpad prior to 6.10.1.……

作者：菜鸟教程小白 | 时间：2022-6-23 10:52 | 阅读：65 | 回复：0
CVE-2022-0945

Stored XSS viva axd and cshtml file upload in star7th/showdoc in GitHub repository star7th/showdoc prior to v2.10.4.……

作者：菜鸟教程小白 | 时间：2022-6-23 10:52 | 阅读：87 | 回复：0