CVE漏洞

OStack程序员社区-中国程序员成长平台 › 门户 › 漏洞›CVE漏洞

RSS

CVE-2022-28481

CSV-Safe gem 3.0.0 doesn't filter out special characters which could trigger CSV Injection.……

作者：菜鸟教程小白 | 时间：2022-6-23 09:32 | 阅读：77 | 回复：0
CVE-2022-21144

This affects all versions of package libxmljs. When invoking the libxmljs.parseXml function with a non-buffer argument the V8 code will attempt invoking the .toString method of the argument. If the ar ...……

作者：菜鸟教程小白 | 时间：2022-6-23 09:32 | 阅读：70 | 回复：0
CVE-2022-21149

The package s-cart/s-cart before 6.9; the package s-cart/core before 6.9 are vulnerable to Cross-site Scripting (XSS) which can lead to cookie stealing of any victim that visits the affected URL so th ...……

作者：菜鸟教程小白 | 时间：2022-6-23 09:32 | 阅读：52 | 回复：0
CVE-2022-21167

All versions of package masuit.tools.core are vulnerable to Arbitrary Code Execution via the ReceiveVarDataT function in the SocketClient.cs component. The socket client in the package can pass in the ...……

作者：菜鸟教程小白 | 时间：2022-6-23 09:32 | 阅读：55 | 回复：0
CVE-2022-21189

The package dexie before 3.2.2, from 4.0.0-alpha.1 and before 4.0.0-alpha.3 are vulnerable to Prototype Pollution in the Dexie.setByKeyPath(obj, keyPath, value) function which does not properly check ...……

作者：菜鸟教程小白 | 时间：2022-6-23 09:32 | 阅读：53 | 回复：0
CVE-2022-21227

The package sqlite3 before 5.0.3 are vulnerable to Denial of Service (DoS) which will invoke the toString function of the passed parameter. If passed an invalid Function object it will throw and crash ...……

作者：菜鸟教程小白 | 时间：2022-6-23 09:32 | 阅读：47 | 回复：0
CVE-2022-21230

This affects all versions of package org.nanohttpd:nanohttpd. Whenever an HTTP Session is parsing the body of an HTTP request, the body of the request is written to a RandomAccessFile when the it is l ...……

作者：菜鸟教程小白 | 时间：2022-6-23 09:32 | 阅读：43 | 回复：0
CVE-2022-22143

The package convict before 6.2.2 are vulnerable to Prototype Pollution via the convict function due to missing validation of parentKey. **Note:** This vulnerability derives from an incomplete fix of a ...……

作者：菜鸟教程小白 | 时间：2022-6-23 09:32 | 阅读：45 | 回复：0
CVE-2022-23923

All versions of package jailed are vulnerable to Sandbox Bypass via an exported alert() method which can access the main application. Exported methods are stored in the application.remote object.……

作者：菜鸟教程小白 | 时间：2022-6-23 09:32 | 阅读：39 | 回复：0
CVE-2022-24437

The package git-pull-or-clone before 2.0.2 are vulnerable to Command Injection due to the use of the --upload-pack feature of git which is also supported for git clone. The source includes the use of ...……

作者：菜鸟教程小白 | 时间：2022-6-23 09:32 | 阅读：49 | 回复：0
CVE-2022-25349

All versions of package materialize-css are vulnerable to Cross-site Scripting (XSS) due to improper escape of user input (such as lt;not-a-tag /gt;) that is being parsed as HTML/JavaScript, and inser ...……

作者：菜鸟教程小白 | 时间：2022-6-23 09:32 | 阅读：55 | 回复：0
CVE-2022-25645

All versions of package dset are vulnerable to Prototype Pollution via 'dset/merge' mode, as the dset function checks for prototype pollution by validating if the top-level path contains __pro ...……

作者：菜鸟教程小白 | 时间：2022-6-23 09:32 | 阅读：69 | 回复：0
CVE-2022-25647

The package com.google.code.gson:gson before 2.8.9 are vulnerable to Deserialization of Untrusted Data via the writeReplace() method in internal classes, which may lead to DoS attacks.……

作者：菜鸟教程小白 | 时间：2022-6-23 09:32 | 阅读：52 | 回复：0
CVE-2022-25767

All versions of package com.bstek.ureport:ureport2-console are vulnerable to Remote Code Execution by connecting to a malicious database server, causing arbitrary file read and deserialization of loca ...……

作者：菜鸟教程小白 | 时间：2022-6-23 09:32 | 阅读：48 | 回复：0
CVE-2022-25842

All versions of package com.alibaba.oneagent:one-java-agent-plugin are vulnerable to Arbitrary File Write via Archive Extraction (Zip Slip) using a specially crafted archive that holds directory trave ...……

作者：菜鸟教程小白 | 时间：2022-6-23 09:32 | 阅读：47 | 回复：0
CVE-2022-25850

The package github.com/hoppscotch/proxyscotch before 1.0.0 are vulnerable to Server-side Request Forgery (SSRF) when interceptor mode is set to proxy. It occurs when an HTTP request is made by a backe ...……

作者：菜鸟教程小白 | 时间：2022-6-23 09:32 | 阅读：33 | 回复：0
CVE-2022-26068

This affects the package pistacheio/pistache before 0.0.3.20220425. It is possible to traverse directories to fetch arbitrary files from the server.……

作者：菜鸟教程小白 | 时间：2022-6-23 09:32 | 阅读：39 | 回复：0
CVE-2022-25301

All versions of package jsgui-lang-essentials are vulnerable to Prototype Pollution due to allowing all Object attributes to be altered, including their magical attributes such as proto, constructor a ...……

作者：菜鸟教程小白 | 时间：2022-6-23 09:32 | 阅读：42 | 回复：0
CVE-2021-31673

A Dom-based Cross-site scripting (XSS) vulnerability at registration account in Cyclos 4 PRO.14.7 and before allows remote attackers to inject arbitrary web script or HTML via the groupId parameter.……

作者：菜鸟教程小白 | 时间：2022-6-23 09:32 | 阅读：39 | 回复：0
CVE-2021-31674

Cyclos 4 PRO 4.14.7 and before does not validate user input at error inform, which allows remote unauthenticated attacker to execute javascript code via undefine enum constant.……

作者：菜鸟教程小白 | 时间：2022-6-23 09:32 | 阅读：36 | 回复：0
CVE-2021-40822

GeoServer through 2.18.5 and 2.19.x through 2.19.2 allows SSRF via the option for setting a proxy host.……

作者：菜鸟教程小白 | 时间：2022-6-23 09:32 | 阅读：37 | 回复：0
CVE-2022-28451

nopCommerce 4.50.1 is vulnerable to Directory Traversal via the backup file in the Maintenance feature.……

作者：菜鸟教程小白 | 时间：2022-6-23 09:32 | 阅读：30 | 回复：0
CVE-2022-29849

In Progress OpenEdge before 11.7.14 and 12.x before 12.2.9, certain SUID binaries within the OpenEdge application were susceptible to privilege escalation. If exploited, a local attacker could elevate ...……

作者：菜鸟教程小白 | 时间：2022-6-23 09:32 | 阅读：26 | 回复：0
CVE-2022-29968

An issue was discovered in the Linux kernel through 5.17.5. io_rw_init_file in fs/io_uring.c lacks initialization of kiocb-private.……

作者：菜鸟教程小白 | 时间：2022-6-23 09:32 | 阅读：28 | 回复：0
CVE-2022-29969

The RSS extension before 2022-04-29 for MediaWiki allows XSS via an rss element (if the feed is in $wgRSSUrlWhitelist and $wgRSSAllowLinkTag is true).……

作者：菜鸟教程小白 | 时间：2022-6-23 09:32 | 阅读：29 | 回复：0
CVE-2022-29970

Sinatra before 2.2.0 does not validate that the expanded path matches public_dir when serving static files.……

作者：菜鸟教程小白 | 时间：2022-6-23 09:32 | 阅读：24 | 回复：0
CVE-2021-36778

A Exposure of Sensitive Information to an Unauthorized Actor vulnerability in SUSE Rancher allows administrators of third-party repositories to gather credentials that are sent to their servers. This ...……

作者：菜鸟教程小白 | 时间：2022-6-23 09:32 | 阅读：25 | 回复：0
CVE-2021-36784

A Improper Privilege Management vulnerability in SUSE Rancher allows users with the restricted-admin role to escalate to full admin. This issue affects: SUSE Rancher Rancher versions prior to 2.5.13; ...……

作者：菜鸟教程小白 | 时间：2022-6-23 09:32 | 阅读：27 | 回复：0
CVE-2021-46790

ntfsck in NTFS-3G through 2021.8.22 has a heap-based buffer overflow involving buffer+512*3-2. NOTE: the upstream position is that ntfsck is deprecated; however, it is shipped by some Linux distributi ...……

作者：菜鸟教程小白 | 时间：2022-6-23 09:32 | 阅读：26 | 回复：0
CVE-2021-4200

A Improper Privilege Management vulnerability in SUSE Rancher allows write access to the Catalog for any user when restricted-admin role is enabled. This issue affects: SUSE Rancher Rancher versions p ...……

作者：菜鸟教程小白 | 时间：2022-6-23 09:32 | 阅读：24 | 回复：0
CVE-2022-1300

Multiple Version of TRUMPF TruTops products expose a service function without necessary authentication. Execution of this function may result in unauthorized access to change of data or disruption of ...……

作者：菜鸟教程小白 | 时间：2022-6-23 09:32 | 阅读：26 | 回复：0
CVE-2022-23904

Rainworx Auctionworx 3.1R2 is vulnerable to a Cross-Site Request Forgery (CSRF) attack that allows an authenticated user to upgrade his account to admin and gain access to the auctionworx admin contr ...……

作者：菜鸟教程小白 | 时间：2022-6-23 09:32 | 阅读：19 | 回复：0
CVE-2022-29973

relan exFAT 1.3.0 allows local users to obtain sensitive information (data from deleted files in the filesystem) in certain situations involving offsets beyond ValidDataLength.……

作者：菜鸟教程小白 | 时间：2022-6-23 09:32 | 阅读：25 | 回复：0
CVE-2022-23064

In Snipe-IT, versions v3.0-alpha to v5.3.7 are vulnerable to Host Header Injection. By sending a specially crafted host header in the reset password request, it is possible to send password reset link ...……

作者：菜鸟教程小白 | 时间：2022-6-23 09:32 | 阅读：25 | 回复：0
CVE-2022-23065

In Vendure versions 0.1.0-alpha.2 to 1.5.1 are affected by Stored XSS vulnerability, where an attacker having catalog permission can upload a SVG file that contains malicious JavaScript into the “Ass ...……

作者：菜鸟教程小白 | 时间：2022-6-23 09:32 | 阅读：29 | 回复：0
CVE-2022-28571

D-link 882 DIR882A1_FW130B06 was discovered to contain a command injection vulnerability in`/usr/bin/cli.……

作者：菜鸟教程小白 | 时间：2022-6-23 09:32 | 阅读：25 | 回复：0
CVE-2022-28572

Tenda AX1806 v1.0.0.1 was discovered to contain a command injection vulnerability in `SetIPv6Status` function……

作者：菜鸟教程小白 | 时间：2022-6-23 09:32 | 阅读：25 | 回复：0
CVE-2022-27466

MCMS v5.2.27 was discovered to contain a SQL injection vulnerability in the orderBy parameter at /dict/list.do.……

作者：菜鸟教程小白 | 时间：2022-6-23 09:32 | 阅读：26 | 回复：0
CVE-2022-27982

RG-NBR-E Enterprise Gateway RG-NBR2100G-E was discovered to contain a remote code execution (RCE) vulnerability via the fileName parameter at /guest_auth/cfg/upLoadCfg.php.……

作者：菜鸟教程小白 | 时间：2022-6-23 09:32 | 阅读：24 | 回复：0
CVE-2022-27983

RG-NBR-E Enterprise Gateway RG-NBR2100G-E was discovered to contain an arbitrary file read vulnerability via the url parameter in check.php.……

作者：菜鸟教程小白 | 时间：2022-6-23 09:32 | 阅读：22 | 回复：0