CVE漏洞

OStack程序员社区-中国程序员成长平台 › 门户 › 漏洞›CVE漏洞

RSS

CVE-2022-29072

** DISPUTED ** 7-Zip through 21.07 on Windows allows privilege escalation and command execution when a file with the .7z extension is dragged to the HelpContents area. This is caused by misconfigurati ...……

作者：菜鸟教程小白 | 时间：2022-6-23 10:15 | 阅读：68 | 回复：0
CVE-2022-29281

Notable before 1.9.0-beta.8 doesn't effectively prevent the opening of executable files when clicking on a link. There is improper validation of the file URI scheme. A hyperlink to an SMB share co ...……

作者：菜鸟教程小白 | 时间：2022-6-23 10:15 | 阅读：109 | 回复：0
CVE-2022-1365

Exposure of Private Personal Information to an Unauthorized Actor in GitHub repository lquixada/cross-fetch prior to 3.1.5.……

作者：菜鸟教程小白 | 时间：2022-6-23 10:15 | 阅读：83 | 回复：0
CVE-2022-29020

ForestBlog through 2022-02-16 allows admin/profile/save userAvatar XSS during addition of a user avatar.……

作者：菜鸟教程小白 | 时间：2022-6-23 10:15 | 阅读：168 | 回复：0
CVE-2022-29287

Kentico CMS before 13.0.66 has an Insecure Direct Object Reference vulnerability. It allows an attacker with user management rights (default is Administrator) to export the user options of any user, e ...……

作者：菜鸟教程小白 | 时间：2022-6-23 10:15 | 阅读：85 | 回复：0
CVE-2022-1380

Stored Cross Site Scripting vulnerability in Item name parameter in GitHub repository snipe/snipe-it prior to v5.4.3. The vulnerability is capable of stolen the user Cookie.……

作者：菜鸟教程小白 | 时间：2022-6-23 10:15 | 阅读：69 | 回复：0
CVE-2022-26653

Zoho ManageEngine Remote Access Plus before 10.1.2137.15 allows guest users to view domain details (such as the username and GUID of an administrator).……

作者：菜鸟教程小白 | 时间：2022-6-23 10:15 | 阅读：55 | 回复：0
CVE-2022-26777

Zoho ManageEngine Remote Access Plus before 10.1.2137.15 allows guest users to view license details.……

作者：菜鸟教程小白 | 时间：2022-6-23 10:15 | 阅读：41 | 回复：0
CVE-2022-28966

Wasm3 0.5.0 has a heap-based buffer overflow in NewCodePage in m3_code.c (called indirectly from Compile_BranchTable in m3_compile.c).……

作者：菜鸟教程小白 | 时间：2022-6-23 10:15 | 阅读：46 | 回复：0
CVE-2022-1381

global heap buffer overflow in skip_range in GitHub repository vim/vim prior to 8.2.4763. This vulnerability is capable of crashing software, Bypass Protection Mechanism, Modify Memory, and possible r ...……

作者：菜鸟教程小白 | 时间：2022-6-23 10:15 | 阅读：42 | 回复：0
CVE-2022-1382

NULL Pointer Dereference in GitHub repository radareorg/radare2 prior to 5.6.8. This vulnerability is capable of making the radare2 crash, thus affecting the availability of the system.……

作者：菜鸟教程小白 | 时间：2022-6-23 10:15 | 阅读：39 | 回复：0
CVE-2022-1383

Heap-based Buffer Overflow in GitHub repository radareorg/radare2 prior to 5.6.8. The bug causes the program reads data past the end of the intented buffer. Typically, this can allow attackers to read ...……

作者：菜鸟教程小白 | 时间：2022-6-23 10:15 | 阅读：37 | 回复：0
CVE-2022-27908

Zoho ManageEngine OpManager before 125588 (and before 125603) is vulnerable to authenticated SQL Injection in the Inventory Reports module.……

作者：菜鸟教程小白 | 时间：2022-6-23 10:15 | 阅读：37 | 回复：0
CVE-2022-28810

Zoho ManageEngine ADSelfService Plus before build 6122 allows a remote authenticated administrator to execute arbitrary operating OS commands as SYSTEM via the policy custom script feature. Due to the ...……

作者：菜鸟教程小白 | 时间：2022-6-23 10:15 | 阅读：39 | 回复：0
CVE-2022-26631

Automatic Question Paper Generator v1.0 contains a Time-Based Blind SQL injection vulnerability via the id GET parameter.……

作者：菜鸟教程小白 | 时间：2022-6-23 10:15 | 阅读：43 | 回复：0
CVE-2022-26665

An Insecure Direct Object Reference issue exists in the Tyler Odyssey Portal platform before 17.1.20. This may allow an external party to access sensitive case records.……

作者：菜鸟教程小白 | 时间：2022-6-23 10:15 | 阅读：37 | 回复：0
CVE-2021-46122

Tp-Link TL-WR840N (EU) v6.20 Firmware (0.9.1 4.17 v0001.0 Build 201124 Rel.64328n) is vulnerable to Buffer Overflow via the Password reset feature.……

作者：菜鸟教程小白 | 时间：2022-6-23 10:15 | 阅读：31 | 回复：0
CVE-2011-1762

A flaw exists in Wordpress related to the 'wp-admin/press-this.php 'script improperly checking user permissions when publishing posts. This may allow a user with 'Contributor-level' pr ...……

作者：菜鸟教程小白 | 时间：2022-6-23 10:15 | 阅读：27 | 回复：0
CVE-2011-4917

In the Linux kernel through 3.1 there is an information disclosure issue via /proc/stat.……

作者：菜鸟教程小白 | 时间：2022-6-23 10:15 | 阅读：37 | 回复：0
CVE-2020-13495

An exploitable vulnerability exists in the way Pixar OpenUSD 20.05 handles file offsets in binary USD files. A specially crafted malformed file can trigger an arbitrary out-of-bounds memory access tha ...……

作者：菜鸟教程小白 | 时间：2022-6-23 10:15 | 阅读：28 | 回复：0
CVE-2020-13567

Multiple SQL injection vulnerabilities exist in phpGACL 3.3.7. A specially crafted HTTP request can lead to a SQL injection. An attacker can send an HTTP request to trigger this vulnerability.……

作者：菜鸟教程小白 | 时间：2022-6-23 10:15 | 阅读：30 | 回复：0
CVE-2020-13590

Multiple exploitable SQL injection vulnerabilities exist in the 'entities/fields' page of the Rukovoditel Project Management App 2.7.2. A specially crafted HTTP request can lead to SQL injecti ...……

作者：菜鸟教程小白 | 时间：2022-6-23 10:15 | 阅读：46 | 回复：0
CVE-2020-25163

A remote attacker with write access to PI ProcessBook files could inject code that is imported into OSIsoft PI Vision 2020 versions prior to 3.5.0. Unauthorized information disclosure, modification, o ...……

作者：菜鸟教程小白 | 时间：2022-6-23 10:15 | 阅读：37 | 回复：0
CVE-2020-25167

OSIsoft PI Vision 2020 versions prior to 3.5.0 could disclose information to a user with insufficient privileges for an AF attribute.……

作者：菜鸟教程小白 | 时间：2022-6-23 10:15 | 阅读：36 | 回复：0
CVE-2020-28602

Multiple code execution vulnerabilities exists in the Nef polygon-parsing functionality of CGAL libcgal CGAL-5.1.1. A specially crafted malformed file can lead to an out-of-bounds read and type confus ...……

作者：菜鸟教程小白 | 时间：2022-6-23 10:15 | 阅读：33 | 回复：0
CVE-2020-28603

Multiple code execution vulnerabilities exists in the Nef polygon-parsing functionality of CGAL libcgal CGAL-5.1.1. A specially crafted malformed file can lead to an out-of-bounds read and type confus ...……

作者：菜鸟教程小白 | 时间：2022-6-23 10:15 | 阅读：31 | 回复：0
CVE-2020-28604

Multiple code execution vulnerabilities exists in the Nef polygon-parsing functionality of CGAL libcgal CGAL-5.1.1. A specially crafted malformed file can lead to an out-of-bounds read and type confus ...……

作者：菜鸟教程小白 | 时间：2022-6-23 10:15 | 阅读：35 | 回复：0
CVE-2020-28605

Multiple code execution vulnerabilities exists in the Nef polygon-parsing functionality of CGAL libcgal CGAL-5.1.1. A specially crafted malformed file can lead to an out-of-bounds read and type confus ...……

作者：菜鸟教程小白 | 时间：2022-6-23 10:15 | 阅读：31 | 回复：0
CVE-2020-28606

Multiple code execution vulnerabilities exists in the Nef polygon-parsing functionality of CGAL libcgal CGAL-5.1.1. A specially crafted malformed file can lead to an out-of-bounds read and type confus ...……

作者：菜鸟教程小白 | 时间：2022-6-23 10:15 | 阅读：36 | 回复：0
CVE-2020-28607

Multiple code execution vulnerabilities exists in the Nef polygon-parsing functionality of CGAL libcgal CGAL-5.1.1. A specially crafted malformed file can lead to an out-of-bounds read and type confus ...……

作者：菜鸟教程小白 | 时间：2022-6-23 10:15 | 阅读：36 | 回复：0
CVE-2020-28608

Multiple code execution vulnerabilities exists in the Nef polygon-parsing functionality of CGAL libcgal CGAL-5.1.1. A specially crafted malformed file can lead to an out-of-bounds read and type confus ...……

作者：菜鸟教程小白 | 时间：2022-6-23 10:15 | 阅读：41 | 回复：0
CVE-2020-28609

Multiple code execution vulnerabilities exists in the Nef polygon-parsing functionality of CGAL libcgal CGAL-5.1.1. A specially crafted malformed file can lead to an out-of-bounds read and type confus ...……

作者：菜鸟教程小白 | 时间：2022-6-23 10:15 | 阅读：67 | 回复：0
CVE-2020-28610

Multiple code execution vulnerabilities exists in the Nef polygon-parsing functionality of CGAL libcgal CGAL-5.1.1. A specially crafted malformed file can lead to an out-of-bounds read and type confus ...……

作者：菜鸟教程小白 | 时间：2022-6-23 10:15 | 阅读：62 | 回复：0
CVE-2020-28611

Multiple code execution vulnerabilities exists in the Nef polygon-parsing functionality of CGAL libcgal CGAL-5.1.1. A specially crafted malformed file can lead to an out-of-bounds read and type confus ...……

作者：菜鸟教程小白 | 时间：2022-6-23 10:15 | 阅读：82 | 回复：0
CVE-2020-28612

Multiple code execution vulnerabilities exists in the Nef polygon-parsing functionality of CGAL libcgal CGAL-5.1.1. A specially crafted malformed file can lead to an out-of-bounds read and type confus ...……

作者：菜鸟教程小白 | 时间：2022-6-23 10:15 | 阅读：61 | 回复：0
CVE-2020-28613

Multiple code execution vulnerabilities exists in the Nef polygon-parsing functionality of CGAL libcgal CGAL-5.1.1. A specially crafted malformed file can lead to an out-of-bounds read and type confus ...……

作者：菜鸟教程小白 | 时间：2022-6-23 10:15 | 阅读：78 | 回复：0
CVE-2020-28614

Multiple code execution vulnerabilities exists in the Nef polygon-parsing functionality of CGAL libcgal CGAL-5.1.1. A specially crafted malformed file can lead to an out-of-bounds read and type confus ...……

作者：菜鸟教程小白 | 时间：2022-6-23 10:15 | 阅读：68 | 回复：0
CVE-2020-28615

Multiple code execution vulnerabilities exists in the Nef polygon-parsing functionality of CGAL libcgal CGAL-5.1.1. A specially crafted malformed file can lead to an out-of-bounds read and type confus ...……

作者：菜鸟教程小白 | 时间：2022-6-23 10:15 | 阅读：94 | 回复：0
CVE-2020-28616

Multiple code execution vulnerabilities exists in the Nef polygon-parsing functionality of CGAL libcgal CGAL-5.1.1. A specially crafted malformed file can lead to an out-of-bounds read and type confus ...……

作者：菜鸟教程小白 | 时间：2022-6-23 10:15 | 阅读：209 | 回复：0
CVE-2020-28617

Multiple code execution vulnerabilities exists in the Nef polygon-parsing functionality of CGAL libcgal CGAL-5.1.1. A specially crafted malformed file can lead to an out-of-bounds read and type confus ...……

作者：菜鸟教程小白 | 时间：2022-6-23 10:15 | 阅读：103 | 回复：0