• 设为首页
  • 点击收藏
  • 手机版
    手机扫一扫访问
    迪恩网络手机版
  • 关注官方公众号
    微信扫一扫关注
    公众号

CVE漏洞

RSS
  • CVE-2022-1096
    CVE-2022-1096
    Type confusion in V8 in Google Chrome prior to 99.0.4844.84 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:18 | 阅读:765 | 回复:0
  • CVE-2022-1125
    CVE-2022-1125
    Use after free in Portals in Google Chrome prior to 100.0.4896.60 allowed a remote attacker who convinced a user to engage in specific user interaction to potentially exploit heap corruption via user ...……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:18 | 阅读:667 | 回复:0
  • CVE-2022-1127
    CVE-2022-1127
    Use after free in QR Code Generator in Google Chrome prior to 100.0.4896.60 allowed a remote attacker who convinced a user to engage in specific user interaction to potentially exploit heap corruption ...……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:18 | 阅读:638 | 回复:0
  • CVE-2022-1128
    CVE-2022-1128
    Inappropriate implementation in Web Share API in Google Chrome on Windows prior to 100.0.4896.60 allowed an attacker on the local network segment to leak cross-origin data via a crafted HTML page.……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:18 | 阅读:693 | 回复:0
  • CVE-2022-1129
    CVE-2022-1129
    Inappropriate implementation in Full Screen Mode in Google Chrome on Android prior to 100.0.4896.60 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page.……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:18 | 阅读:640 | 回复:0
  • CVE-2022-1130
    CVE-2022-1130
    Insufficient validation of trust input in WebOTP in Google Chrome on Android prior to 100.0.4896.60 allowed a remote attacker to send arbitrary intents from any app via a malicious app.……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:18 | 阅读:1189 | 回复:0
  • CVE-2022-1131
    CVE-2022-1131
    Use after free in Cast UI in Google Chrome prior to 100.0.4896.60 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:18 | 阅读:1051 | 回复:0
  • CVE-2022-1132
    CVE-2022-1132
    Inappropriate implementation in Virtual Keyboard in Google Chrome on Chrome OS prior to 100.0.4896.60 allowed a local attacker to bypass navigation restrictions via physical access to the device.……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:18 | 阅读:769 | 回复:0
  • CVE-2022-1133
    CVE-2022-1133
    Use after free in WebRTC Perf in Google Chrome prior to 100.0.4896.60 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:18 | 阅读:1155 | 回复:0
  • CVE-2022-1134
    CVE-2022-1134
    Type confusion in V8 in Google Chrome prior to 100.0.4896.60 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:18 | 阅读:917 | 回复:0
  • CVE-2022-1135
    CVE-2022-1135
    Use after free in Shopping Cart in Google Chrome prior to 100.0.4896.60 allowed a remote attacker to potentially exploit heap corruption via standard feature user interaction.……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:18 | 阅读:671 | 回复:0
  • CVE-2022-1136
    CVE-2022-1136
    Use after free in Tab Strip in Google Chrome prior to 100.0.4896.60 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via specific set of ...……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:18 | 阅读:703 | 回复:0
  • CVE-2022-1137
    CVE-2022-1137
    Inappropriate implementation in Extensions in Google Chrome prior to 100.0.4896.60 allowed an attacker who convinced a user to install a malicious extension to leak potentially sensitive information v ...……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:18 | 阅读:1896 | 回复:0
  • CVE-2022-1138
    CVE-2022-1138
    Inappropriate implementation in Web Cursor in Google Chrome prior to 100.0.4896.60 allowed a remote attacker who had compromised the renderer process to obscure the contents of the Omnibox (URL bar) v ...……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:18 | 阅读:765 | 回复:0
  • CVE-2022-1139
    CVE-2022-1139
    Inappropriate implementation in Background Fetch API in Google Chrome prior to 100.0.4896.60 allowed a remote attacker to leak cross-origin data via a crafted HTML page.……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:18 | 阅读:723 | 回复:0
  • CVE-2022-1141
    CVE-2022-1141
    Use after free in File Manager in Google Chrome prior to 100.0.4896.60 allowed a remote attacker who convinced a user to engage in specific user interaction to potentially exploit heap corruption via ...……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:18 | 阅读:1543 | 回复:0
  • CVE-2022-1142
    CVE-2022-1142
    Heap buffer overflow in WebUI in Google Chrome prior to 100.0.4896.60 allowed a remote attacker who convinced a user to engage in specific user interaction to potentially exploit heap corruption via s ...……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:18 | 阅读:986 | 回复:0
  • CVE-2022-1143
    CVE-2022-1143
    Heap buffer overflow in WebUI in Google Chrome prior to 100.0.4896.60 allowed a remote attacker who convinced a user to engage in specific user interaction to potentially exploit heap corruption via s ...……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:18 | 阅读:682 | 回复:0
  • CVE-2022-1144
    CVE-2022-1144
    Use after free in WebUI in Google Chrome prior to 100.0.4896.60 allowed a remote attacker who convinced a user to engage in specific user interaction to potentially exploit heap corruption via specifi ...……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:18 | 阅读:865 | 回复:0
  • CVE-2022-1145
    CVE-2022-1145
    Use after free in Extensions in Google Chrome prior to 100.0.4896.60 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via specific user ...……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:18 | 阅读:765 | 回复:0
  • CVE-2022-1146
    CVE-2022-1146
    Inappropriate implementation in Resource Timing in Google Chrome prior to 100.0.4896.60 allowed a remote attacker to leak cross-origin data via a crafted HTML page.……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:18 | 阅读:1158 | 回复:0
  • CVE-2018-25045
    CVE-2018-25045
    Django REST framework (aka django-rest-framework) before 3.9.1 allows XSS because the default DRF Browsable API view templates disable autoescaping.……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:18 | 阅读:755 | 回复:0
  • CVE-2022-36414
    CVE-2022-36414
    There is an elevation of privilege breakout vulnerability in the Windows EXE installer in Scooter Beyond Compare 4.2.0 through 4.4.2 before 4.4.3. Affected versions allow a logged-in user to run appli ...……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:18 | 阅读:982 | 回复:0
  • CVE-2022-36415
    CVE-2022-36415
    A DLL hijacking vulnerability exists in the uninstaller in Scooter Beyond Compare 1.8a through 4.4.2 before 4.4.3 when installed via the EXE installer. The uninstaller attempts to load DLLs out of a W ...……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:18 | 阅读:953 | 回复:0
  • CVE-2016-15004
    CVE-2016-15004
    A vulnerability was found in InfiniteWP Client Plugin 1.5.1.3/1.6.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality. The manipulation leads to injection. ...……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:18 | 阅读:1269 | 回复:0
  • CVE-2022-24294
    CVE-2022-24294
    A regular expression used in Apache MXNet (incubating) is vulnerable to a potential denial-of-service by excessive resource consumption. The bug could be exploited when loading a model in Apache MXNet ...……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:18 | 阅读:756 | 回复:0
  • CVE-2021-46829
    CVE-2021-46829
    GNOME GdkPixbuf (aka GDK-PixBuf) before 2.42.8 allows a heap-based buffer overflow when compositing or clearing frames in GIF files, as demonstrated by io-gif-animation.c composite_frame. This overflo ...……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:18 | 阅读:1211 | 回复:0
  • CVE-2017-20144
    CVE-2017-20144
    A vulnerability has been found in Anvsoft PDFMate PDF Converter Pro 1.7.5.0 and classified as critical. The manipulation leads to memory corruption. The attack can be launched remotely. The exploit ha ...……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:18 | 阅读:792 | 回复:0
  • CVE-2017-20145
    CVE-2017-20145
    A vulnerability was found in Tecrail Responsive Filemanger up to 9.10.x and classified as critical. The manipulation leads to path traversal. The attack may be launched remotely. The exploit has been ...……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:18 | 阅读:944 | 回复:0
  • CVE-2022-36444
    CVE-2022-36444
    An issue was discovered in Atos Unify OpenScape SBC 9 and 10 before 10R2.2.1, Atos Unify OpenScape Branch 9 and 10 before version 10R2.1.1, and Atos Unify OpenScape BCF 10 before 10R9.12.1. A remote c ...……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:18 | 阅读:1096 | 回复:0
  • CVE-2022-36446
    CVE-2022-36446
    software/apt-lib.pl in Webmin before 1.997 lacks HTML escaping for a UI command.……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:18 | 阅读:644 | 回复:0
  • CVE-2022-36450
    CVE-2022-36450
    Obsidian 0.14.x and 0.15.x before 0.15.5 allows obsidian://hook-get-address remote code execution because window.open is used without checking the URL.……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:18 | 阅读:615 | 回复:0
  • CVE-2022-29709
    CVE-2022-29709
    CommuniLink Internet Limited CLink Office v2.0 was discovered to contain multiple SQL injection vulnerabilities via the username and password parameters.……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:18 | 阅读:550 | 回复:0
  • CVE-2022-0594
    CVE-2022-0594
    The Professional Social Sharing Buttons, Icons Related Posts WordPress plugin before 9.7.6 does not have proper authorisation check in one of the AJAX action, available to unauthenticated (in v 9.7. ...……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:18 | 阅读:593 | 回复:0
  • CVE-2022-0899
    CVE-2022-0899
    The Header Footer Code Manager WordPress plugin before 1.1.24 does not escape generated URLs before outputting them back in attributes in an admin page, leading to a Reflected Cross-Site Scripting.……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:18 | 阅读:1152 | 回复:0
  • CVE-2022-1539
    CVE-2022-1539
    The Exports and Reports WordPress plugin before 0.9.2 does not sanitize and validate data when generating the CSV to export, which could lead to a CSV injection, by the use of Microsoft Excel DDE func ...……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:18 | 阅读:1051 | 回复:0
  • CVE-2022-1551
    CVE-2022-1551
    The SP Project Document Manager WordPress plugin through 4.57 uses an easily guessable path to store user files, bad actors could use that to access other users' sensitive files.……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:18 | 阅读:1060 | 回复:0
  • CVE-2022-2071
    CVE-2022-2071
    The Name Directory WordPress plugin before 1.25.4 does not have CSRF check when importing names, and is also lacking sanitisation as well as escaping in some of the imported data, which could allow at ...……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:18 | 阅读:862 | 回复:0
  • CVE-2022-2072
    CVE-2022-2072
    The Name Directory WordPress plugin before 1.25.3 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting. Furthermore, as the paylo ...……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:18 | 阅读:2526 | 回复:0
  • CVE-2022-2115
    CVE-2022-2115
    The Popup Anything WordPress plugin before 2.1.7 does not sanitise and escape a parameter before outputting it back in a frontend page, leading to a Reflected Cross-Site Scripting……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:18 | 阅读:1079 | 回复:0

关注我们

极客给你想要的成长

关注极客中国获取最新资讯

热门推荐
专题导读
阅读排行榜

扫描微信二维码

查看手机版网站

随时了解更新最新资讯

139-2527-9053

在线客服(服务时间 9:00~18:00)

在线QQ客服
地址:深圳市南山区西丽大学城创智工业园
电邮:jeky_zhao#qq.com
移动电话:139-2527-9053

Powered by 互联科技 X3.4© 2001-2213 极客世界.|Sitemap