CVE漏洞

OStack程序员社区-中国程序员成长平台 › 门户 › 漏洞›CVE漏洞

RSS

CVE-2021-44339

David Brackeen ok-file-formats 203defd is vulnerable to Buffer Overflow. When the function of the ok-file-formats project is used, a heap-buffer-overflow occurred in function ok_png_transform_scanline ...……

作者：菜鸟教程小白 | 时间：2022-6-23 08:32 | 阅读：62 | 回复：0
CVE-2021-44340

David Brackeen ok-file-formats dev version is vulnerable to Buffer Overflow. When the function of the ok-file-formats project is used, a heap-buffer-overflow occurred in function ok_jpg_generate_huffm ...……

作者：菜鸟教程小白 | 时间：2022-6-23 08:32 | 阅读：68 | 回复：0
CVE-2022-24711

CodeIgniter4 is the 4.x branch of CodeIgniter, a PHP full-stack web framework. Prior to version 4.1.9, an improper input validation vulnerability allows attackers to execute CLI routes via HTTP reques ...……

作者：菜鸟教程小白 | 时间：2022-6-23 08:32 | 阅读：53 | 回复：0
CVE-2022-24712

CodeIgniter4 is the 4.x branch of CodeIgniter, a PHP full-stack web framework. A vulnerability in versions prior to 4.1.9 might allow remote attackers to bypass the CodeIgniter4 Cross-Site Request For ...……

作者：菜鸟教程小白 | 时间：2022-6-23 08:32 | 阅读：124 | 回复：0
CVE-2022-26155

An issue was discovered in the web application in Cherwell Service Management (CSM) 10.2.3. XSS can occur via a payload in the SAMLResponse parameter of the HTTP request body.……

作者：菜鸟教程小白 | 时间：2022-6-23 08:32 | 阅读：68 | 回复：0
CVE-2022-26156

An issue was discovered in the web application in Cherwell Service Management (CSM) 10.2.3. Injection of a malicious payload within the RelayState= parameter of the HTTP request body results in the hi ...……

作者：菜鸟教程小白 | 时间：2022-6-23 08:32 | 阅读：96 | 回复：0
CVE-2022-26157

An issue was discovered in the web application in Cherwell Service Management (CSM) 10.2.3. The ASP.NET_Sessionid cookie is not protected by the Secure flag. This makes it prone to interception by an ...……

作者：菜鸟教程小白 | 时间：2022-6-23 08:32 | 阅读：84 | 回复：0
CVE-2022-26158

An issue was discovered in the web application in Cherwell Service Management (CSM) 10.2.3. It accepts and reflects arbitrary domains supplied via a client-controlled Host header. Injection of a malic ...……

作者：菜鸟教程小白 | 时间：2022-6-23 08:32 | 阅读：118 | 回复：0
CVE-2021-44331

ARM astcenc 3.2.0 is vulnerable to Buffer Overflow in function encode_ise().……

作者：菜鸟教程小白 | 时间：2022-6-23 08:32 | 阅读：82 | 回复：0
CVE-2021-44342

David Brackeen ok-file-formats 203defd is vulnerable to Buffer Overflow via function ok_png_transform_scanline() in /ok_png.c:494.……

作者：菜鸟教程小白 | 时间：2022-6-23 08:32 | 阅读：85 | 回复：0
CVE-2020-22844

A buffer overflow in Mikrotik RouterOS 6.47 allows unauthenticated attackers to cause a denial of service (DOS) via crafted SMB requests.……

作者：菜鸟教程小白 | 时间：2022-6-23 08:32 | 阅读：76 | 回复：0
CVE-2020-22845

A buffer overflow in Mikrotik RouterOS 6.47 allows unauthenticated attackers to cause a denial of service (DOS) via crafted FTP requests.……

作者：菜鸟教程小白 | 时间：2022-6-23 08:32 | 阅读：71 | 回复：0
CVE-2022-25013

Ice Hrm 30.0.0.OS was discovered to contain multiple reflected cross-site scripting (XSS) vulnerabilities via the key and fm parameters in the component login.php.……

作者：菜鸟教程小白 | 时间：2022-6-23 08:32 | 阅读：69 | 回复：0
CVE-2022-25014

Ice Hrm 30.0.0.OS was discovered to contain a reflected cross-site scripting (XSS) vulnerability via the m parameter in the Dashboard of the current user. This vulnerability allows attackers to compro ...……

作者：菜鸟教程小白 | 时间：2022-6-23 08:32 | 阅读：80 | 回复：0
CVE-2022-25015

A stored cross-site scripting (XSS) vulnerability in Ice Hrm 30.0.0.OS allows attackers to steal cookies via a crafted payload inserted into the First Name field.……

作者：菜鸟教程小白 | 时间：2022-6-23 08:32 | 阅读：77 | 回复：0
CVE-2022-25023

Audio File commit 004065d was discovered to contain a heap-buffer overflow in the function fouBytesToInt():AudioFile.h.……

作者：菜鸟教程小白 | 时间：2022-6-23 08:32 | 阅读：65 | 回复：0
CVE-2022-26181

Dropbox Lepton v1.2.1-185-g2a08b77 was discovered to contain a heap-buffer-overflow in the function aligned_dealloc():src/lepton/bitops.cc:108.……

作者：菜鸟教程小白 | 时间：2022-6-23 08:32 | 阅读：56 | 回复：0
CVE-2022-26315

qrcp through 0.8.4, in receive mode, allows ../ Directory Traversal via the file name specified by the uploader.……

作者：菜鸟教程小白 | 时间：2022-6-23 08:32 | 阅读：79 | 回复：0
CVE-2021-41111

Rundeck is an open source automation service with a web console, command line tools and a WebAPI. Prior to versions 3.4.5 and 3.3.15, an authenticated user with authorization to read webhooks in one p ...……

作者：菜鸟教程小白 | 时间：2022-6-23 08:32 | 阅读：76 | 回复：0
CVE-2021-41112

Rundeck is an open source automation service with a web console, command line tools and a WebAPI. In versions prior to 3.4.5, authenticated users could craft a request to modify or delete System or Pr ...……

作者：菜鸟教程小白 | 时间：2022-6-23 08:32 | 阅读：72 | 回复：0
CVE-2021-45414

A Remote Code Execution (RCE) vulnerability exists in DataRobot through 2021-10-28 because it allows submission of a Docker environment or Java driver.……

作者：菜鸟教程小白 | 时间：2022-6-23 08:32 | 阅读：74 | 回复：0
CVE-2021-27008

** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2021. Notes: none.……

作者：菜鸟教程小白 | 时间：2022-6-23 08:32 | 阅读：65 | 回复：0
CVE-2021-27009

** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2021. Notes: none.……

作者：菜鸟教程小白 | 时间：2022-6-23 08:32 | 阅读：64 | 回复：0
CVE-2021-27010

** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2021. Notes: none.……

作者：菜鸟教程小白 | 时间：2022-6-23 08:32 | 阅读：66 | 回复：0
CVE-2021-27011

** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2021. Notes: none.……

作者：菜鸟教程小白 | 时间：2022-6-23 08:32 | 阅读：63 | 回复：0
CVE-2021-27012

** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2021. Notes: none.……

作者：菜鸟教程小白 | 时间：2022-6-23 08:32 | 阅读：68 | 回复：0
CVE-2021-27013

** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2021. Notes: none.……

作者：菜鸟教程小白 | 时间：2022-6-23 08:32 | 阅读：65 | 回复：0
CVE-2021-27014

** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2021. Notes: none.……

作者：菜鸟教程小白 | 时间：2022-6-23 08:32 | 阅读：66 | 回复：0
CVE-2021-27015

** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2021. Notes: none.……

作者：菜鸟教程小白 | 时间：2022-6-23 08:32 | 阅读：56 | 回复：0
CVE-2021-27016

** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2021. Notes: none.……

作者：菜鸟教程小白 | 时间：2022-6-23 08:32 | 阅读：54 | 回复：0
CVE-2021-27000

** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2021. Notes: none.……

作者：菜鸟教程小白 | 时间：2022-6-23 08:32 | 阅读：63 | 回复：0
CVE-2021-36810

** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2021. Notes: none.……

作者：菜鸟教程小白 | 时间：2022-6-23 08:32 | 阅读：63 | 回复：0
CVE-2021-36811

** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2021. Notes: none.……

作者：菜鸟教程小白 | 时间：2022-6-23 08:32 | 阅读：87 | 回复：0
CVE-2021-36812

** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2021. Notes: none.……

作者：菜鸟教程小白 | 时间：2022-6-23 08:32 | 阅读：72 | 回复：0
CVE-2021-36813

** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2021. Notes: none.……

作者：菜鸟教程小白 | 时间：2022-6-23 08:32 | 阅读：76 | 回复：0
CVE-2021-36814

** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2021. Notes: none.……

作者：菜鸟教程小白 | 时间：2022-6-23 08:32 | 阅读：118 | 回复：0
CVE-2021-36815

** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2021. Notes: none.……

作者：菜鸟教程小白 | 时间：2022-6-23 08:32 | 阅读：123 | 回复：0
CVE-2021-36816

** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2021. Notes: none.……

作者：菜鸟教程小白 | 时间：2022-6-23 08:32 | 阅读：124 | 回复：0
CVE-2021-36817

** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2021. Notes: none.……

作者：菜鸟教程小白 | 时间：2022-6-23 08:32 | 阅读：114 | 回复：0
CVE-2021-36818

** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2021. Notes: none.……

作者：菜鸟教程小白 | 时间：2022-6-23 08:32 | 阅读：102 | 回复：0