CVE漏洞

OStack程序员社区-中国程序员成长平台 › 门户 › 漏洞›CVE漏洞

RSS

CVE-2022-31622

MariaDB Server before 10.7 is vulnerable to Denial of Service. In extra/mariabackup/ds_compress.cc, when an error occurs (pthread_create returns a nonzero value) while executing the method create_work ...……

作者：菜鸟教程小白 | 时间：2022-6-23 09:38 | 阅读：6 | 回复：0
CVE-2022-31623

MariaDB Server before 10.7 is vulnerable to Denial of Service. In extra/mariabackup/ds_compress.cc, when an error occurs (i.e., going to the err label) while executing the method create_worker_threads ...……

作者：菜鸟教程小白 | 时间：2022-6-23 09:38 | 阅读：6 | 回复：0
CVE-2022-31624

MariaDB Server before 10.7 is vulnerable to Denial of Service. While executing the plugin/server_audit/server_audit.c method log_statement_ex, the held lock lock_bigbuffer is not released correctly, w ...……

作者：菜鸟教程小白 | 时间：2022-6-23 09:38 | 阅读：6 | 回复：0
CVE-2022-29256

sharp is an application for Node.js image processing. Prior to version 0.30.5, there is a possible vulnerability in logic that is run only at `npm install` time when installing versions of `sharp` pri ...……

作者：菜鸟教程小白 | 时间：2022-6-23 09:38 | 阅读：6 | 回复：0
CVE-2022-31650

In SoX 14.4.2, there is a floating-point exception in lsx_aiffstartwrite in aiff.c in libsox.a.……

作者：菜鸟教程小白 | 时间：2022-6-23 09:38 | 阅读：6 | 回复：0
CVE-2022-31651

In SoX 14.4.2, there is an assertion failure in rate_init in rate.c in libsox.a.……

作者：菜鸟教程小白 | 时间：2022-6-23 09:38 | 阅读：6 | 回复：0
CVE-2021-42692

There is a stack-overflow vulnerability in tinytoml v0.4 that can cause a crash or DoS.……

作者：菜鸟教程小白 | 时间：2022-6-23 09:38 | 阅读：6 | 回复：0
CVE-2021-42859

** DISPUTED ** A memory leak issue was discovered in Mini-XML v3.2 that could cause a denial of service. NOTE: testing reports are inconsistent, with some testers seeing the issue in both the 3.2 rele ...……

作者：菜鸟教程小白 | 时间：2022-6-23 09:38 | 阅读：6 | 回复：0
CVE-2021-42860

** DISPUTED ** A stack buffer overflow exists in Mini-XML v3.2. When inputting an unformed XML string to the mxmlLoadString API, it will cause a stack-buffer-overflow in mxml_string_getc:2611. NOTE: i ...……

作者：菜鸟教程小白 | 时间：2022-6-23 09:38 | 阅读：6 | 回复：0
CVE-2021-40317

Piwigo 11.5.0 is affected by a SQL injection vulnerability via admin.php and the id parameter.……

作者：菜鸟教程小白 | 时间：2022-6-23 09:38 | 阅读：7 | 回复：0
CVE-2022-29720

74cmsSE v3.5.1 was discovered to contain an arbitrary file read vulnerability via the component \index\controller\Download.php.……

作者：菜鸟教程小白 | 时间：2022-6-23 09:38 | 阅读：9 | 回复：0
CVE-2022-29721

74cmsSE v3.5.1 was discovered to contain a SQL injection vulnerability via the keyword parameter at /home/jobfairol/resumelist.……

作者：菜鸟教程小白 | 时间：2022-6-23 09:38 | 阅读：11 | 回复：0
CVE-2021-34360

A cross-site request forgery (CSRF) vulnerability has been reported to affect QNAP device running Proxy Server. If exploited, this vulnerability allows remote attackers to inject malicious code. We ha ...……

作者：菜鸟教程小白 | 时间：2022-6-23 09:38 | 阅读：13 | 回复：0
CVE-2021-4231

A vulnerability was found in Angular up to 11.0.4/11.1.0-next.2. It has been classified as problematic. Affected is the handling of comments. The manipulation leads to cross site scripting. It is poss ...……

作者：菜鸟教程小白 | 时间：2022-6-23 09:38 | 阅读：15 | 回复：0
CVE-2022-1664

Dpkg::Source::Archive in dpkg, the Debian package management system, before version 1.21.8, 1.20.10, 1.19.8, 1.18.26 is prone to a directory traversal vulnerability. When extracting untrusted source p ...……

作者：菜鸟教程小白 | 时间：2022-6-23 09:38 | 阅读：15 | 回复：0
CVE-2022-20809

Multiple vulnerabilities in the API and web-based management interfaces of Cisco Expressway Series and Cisco TelePresence Video Communication Server (VCS) could allow an authenticated, remote attacker ...……

作者：菜鸟教程小白 | 时间：2022-6-23 09:38 | 阅读：17 | 回复：0
CVE-2022-20821

A vulnerability in the health check RPM of Cisco IOS XR Software could allow an unauthenticated, remote attacker to access the Redis instance that is running within the NOSi container. This vulnerabil ...……

作者：菜鸟教程小白 | 时间：2022-6-23 09:38 | 阅读：19 | 回复：0
CVE-2022-29660

CSCMS Music Portal System v4.2 was discovered to contain a SQL injection vulnerability via the id parameter at /admin.php/pic/admin/pic/del.……

作者：菜鸟教程小白 | 时间：2022-6-23 09:38 | 阅读：21 | 回复：0
CVE-2022-29661

CSCMS Music Portal System v4.2 was discovered to contain a blind SQL injection vulnerability via the id parameter at /admin.php/pic/admin/type/save.……

作者：菜鸟教程小白 | 时间：2022-6-23 09:38 | 阅读：18 | 回复：0
CVE-2022-29662

CSCMS Music Portal System v4.2 was discovered to contain a SQL injection vulnerability via the id parameter at /admin.php/news/admin/news/save.……

作者：菜鸟教程小白 | 时间：2022-6-23 09:38 | 阅读：21 | 回复：0
CVE-2022-29663

CSCMS Music Portal System v4.2 was discovered to contain a SQL injection vulnerability via the id parameter at /admin.php/pic/admin/type/hy.……

作者：菜鸟教程小白 | 时间：2022-6-23 09:38 | 阅读：21 | 回复：0
CVE-2022-29664

CSCMS Music Portal System v4.2 was discovered to contain a SQL injection vulnerability via the id parameter at /admin.php/pic/admin/type/pl_save.……

作者：菜鸟教程小白 | 时间：2022-6-23 09:38 | 阅读：22 | 回复：0
CVE-2022-29665

CSCMS Music Portal System v4.2 was discovered to contain a SQL injection vulnerability via the id parameter at /admin.php/news/admin/topic/save.……

作者：菜鸟教程小白 | 时间：2022-6-23 09:38 | 阅读：25 | 回复：0
CVE-2022-29666

CSCMS Music Portal System v4.2 was discovered to contain a SQL injection vulnerability via the id parameter at /admin.php/pic/admin/lists/zhuan.……

作者：菜鸟教程小白 | 时间：2022-6-23 09:38 | 阅读：28 | 回复：0
CVE-2022-29667

CSCMS Music Portal System v4.2 was discovered to contain a SQL injection vulnerability via /admin.php/pic/admin/pic/hy. This vulnerability is exploited via restoring deleted photos.……

作者：菜鸟教程小白 | 时间：2022-6-23 09:38 | 阅读：40 | 回复：0
CVE-2022-29669

CSCMS Music Portal System v4.2 was discovered to contain a SQL injection vulnerability via the id parameter at /admin.php/news/admin/lists/zhuan.……

作者：菜鸟教程小白 | 时间：2022-6-23 09:38 | 阅读：35 | 回复：0
CVE-2022-29670

CSCMS Music Portal System v4.2 was discovered to contain a SQL injection vulnerability via the id parameter at /admin.php/pic/admin/type/del.……

作者：菜鸟教程小白 | 时间：2022-6-23 09:38 | 阅读：36 | 回复：0
CVE-2022-29676

CSCMS Music Portal System v4.2 was discovered to contain a SQL injection vulnerability via the id parameter at /admin.php/pic/admin/lists/zhuan.……

作者：菜鸟教程小白 | 时间：2022-6-23 09:38 | 阅读：47 | 回复：0
CVE-2022-29680

CSCMS Music Portal System v4.2 was discovered to contain a blind SQL injection vulnerability via the id parameter at /admin.php/user/zu_del.……

作者：菜鸟教程小白 | 时间：2022-6-23 09:38 | 阅读：53 | 回复：0
CVE-2022-29681

CSCMS Music Portal System v4.2 was discovered to contain a blind SQL injection vulnerability via the id parameter at /admin.php/Links/del.……

作者：菜鸟教程小白 | 时间：2022-6-23 09:38 | 阅读：81 | 回复：0
CVE-2022-29682

CSCMS Music Portal System v4.2 was discovered to contain a blind SQL injection vulnerability via the id parameter at /admin.php/vod/admin/topic/del.……

作者：菜鸟教程小白 | 时间：2022-6-23 09:38 | 阅读：134 | 回复：0
CVE-2022-29683

CSCMS Music Portal System v4.2 was discovered to contain a blind SQL injection vulnerability via the id parameter at /admin.php/Label/page_del.……

作者：菜鸟教程小白 | 时间：2022-6-23 09:38 | 阅读：78 | 回复：0
CVE-2022-29684

CSCMS Music Portal System v4.2 was discovered to contain a blind SQL injection vulnerability via the id parameter at /admin.php/Label/js_del.……

作者：菜鸟教程小白 | 时间：2022-6-23 09:38 | 阅读：60 | 回复：0
CVE-2022-29685

CSCMS Music Portal System v4.2 was discovered to contain a blind SQL injection vulnerability via the id parameter at /admin.php/User/level_sort.……

作者：菜鸟教程小白 | 时间：2022-6-23 09:38 | 阅读：56 | 回复：0
CVE-2022-29686

CSCMS Music Portal System v4.2 was discovered to contain a blind SQL injection vulnerability via the id parameter at /admin.php/singer/admin/lists/zhuan.……

作者：菜鸟教程小白 | 时间：2022-6-23 09:38 | 阅读：44 | 回复：0
CVE-2022-29687

CSCMS Music Portal System v4.2 was discovered to contain a blind SQL injection vulnerability via the id parameter at /admin.php/user/level_del.……

作者：菜鸟教程小白 | 时间：2022-6-23 09:38 | 阅读：33 | 回复：0
CVE-2022-29688

CSCMS Music Portal System v4.2 was discovered to contain a blind SQL injection vulnerability via the id parameter at /admin.php/singer/admin/singer/hy.……

作者：菜鸟教程小白 | 时间：2022-6-23 09:38 | 阅读：29 | 回复：0
CVE-2022-29689

CSCMS Music Portal System v4.2 was discovered to contain a blind SQL injection vulnerability via the id parameter at /admin.php/singer/admin/singer/del.……

作者：菜鸟教程小白 | 时间：2022-6-23 09:38 | 阅读：22 | 回复：0
CVE-2022-1886

Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2.……

作者：菜鸟教程小白 | 时间：2022-6-23 09:38 | 阅读：22 | 回复：0
CVE-2022-24414

Dell EMC CloudLink 7.1.3 and all earlier versions, Auth Token is exposed in GET requests. These request parameters can get logged in reverse proxies and server logs. Attackers may potentially use thes ...……

作者：菜鸟教程小白 | 时间：2022-6-23 09:38 | 阅读：18 | 回复：0