CVE漏洞

OStack程序员社区-中国程序员成长平台 › 门户 › 漏洞›CVE漏洞

RSS

CVE-2022-0279

The AnyComment WordPress plugin before 0.2.18 is affected by a race condition when liking/disliking a comment/reply, which could allow any authenticated user to quickly raise their rating or lower the ...……

作者：菜鸟教程小白 | 时间：2022-6-23 08:31 | 阅读：10 | 回复：0
CVE-2022-0288

The Ad Inserter WordPress plugin before 2.7.10, Ad Inserter Pro WordPress plugin before 2.7.10 do not sanitise and escape the html_element_selection parameter before outputting it back in the page, le ...……

作者：菜鸟教程小白 | 时间：2022-6-23 08:31 | 阅读：10 | 回复：0
CVE-2022-0313

The Float menu WordPress plugin before 4.3.1 does not have CSRF check in place when deleting menu, which could allow attackers to make a logged in admin delete them via a CSRF attack……

作者：菜鸟教程小白 | 时间：2022-6-23 08:31 | 阅读：10 | 回复：0
CVE-2021-45008

** DISPUTED ** Plesk CMS 18.0.37 is affected by an insecure permissions vulnerability that allows privilege Escalation from user to admin rights. OTE: the vendor states that this is only a site-specif ...……

作者：菜鸟教程小白 | 时间：2022-6-23 08:31 | 阅读：9 | 回复：0
CVE-2022-24553

An issue was found in Zfaka = 1.4.5. The verification of the background file upload function check is not strict, resulting in remote command execution.……

作者：菜鸟教程小白 | 时间：2022-6-23 08:31 | 阅读：11 | 回复：0
CVE-2022-0692

Open Redirect on Rudloff/alltube in Packagist rudloff/alltube prior to 3.0.1.……

作者：菜鸟教程小白 | 时间：2022-6-23 08:31 | 阅读：11 | 回复：0
CVE-2021-44142

The Samba vfs_fruit module uses extended file attributes (EA, xattr) to provide ...enhanced compatibility with Apple SMB clients and interoperability with a Netatalk 3 AFP fileserver. Samba versions p ...……

作者：菜鸟教程小白 | 时间：2022-6-23 08:31 | 阅读：10 | 回复：0
CVE-2021-26256

Unauthenticated Stored Cross-Site Scripting (XSS) vulnerability discovered in Survey Maker WordPress plugin (versions = 2.0.6).……

作者：菜鸟教程小白 | 时间：2022-6-23 08:31 | 阅读：11 | 回复：0
CVE-2021-27753

Sametime Android PathTraversal Vulnerability……

作者：菜鸟教程小白 | 时间：2022-6-23 08:31 | 阅读：12 | 回复：0
CVE-2021-27755

Sametime Android potential path traversal vulnerability when using File class……

作者：菜鸟教程小白 | 时间：2022-6-23 08:31 | 阅读：15 | 回复：0
CVE-2021-27796

A vulnerability in Brocade Fabric OS versions before Brocade Fabric OS v8.0.1b, v7.4.1d could allow an authenticated attacker within the restricted shell environment (rbash) as either the “user” or ...……

作者：菜鸟教程小白 | 时间：2022-6-23 08:31 | 阅读：17 | 回复：0
CVE-2021-27797

Brocade Fabric OS before Brocade Fabric OS v8.2.1c, v8.1.2h, and all versions of Brocade Fabric OS v8.0.x and v7.x contain documented hard-coded credentials, which could allow attackers to gain access ...……

作者：菜鸟教程小白 | 时间：2022-6-23 08:31 | 阅读：18 | 回复：0
CVE-2021-44141

All versions of Samba prior to 4.15.5 are vulnerable to a malicious client using a server symlink to determine if a file or directory exists in an area of the server file system not exported under the ...……

作者：菜鸟教程小白 | 时间：2022-6-23 08:31 | 阅读：24 | 回复：0
CVE-2021-44568

Two heap-overflow vulnerabilities exist in openSUSE/libsolv libsolv through 13 Dec 2020 in the decisionmap variable via the resolve_dependencies function at src/solver.c (line 1940 line 1995), which ...……

作者：菜鸟教程小白 | 时间：2022-6-23 08:31 | 阅读：47 | 回复：0
CVE-2022-0564

A vulnerability in Qlik Sense Enterprise on Windows could allow an remote attacker to enumerate domain user accounts. An attacker could exploit this vulnerability by sending authentication requests to ...……

作者：菜鸟教程小白 | 时间：2022-6-23 08:31 | 阅读：46 | 回复：0
CVE-2022-0708

Mattermost 6.3.0 and earlier fails to protect email addresses of the creator of the team via one of the APIs, which allows authenticated team members to access this information resulting in sensitive ...……

作者：菜鸟教程小白 | 时间：2022-6-23 08:31 | 阅读：32 | 回复：0
CVE-2022-22308

IBM Planning Analytics 2.0 is vulnerable to a Remote File Include (RFI) attack. User input could be passed into file include commands and the web application could be tricked into including remote fil ...……

作者：菜鸟教程小白 | 时间：2022-6-23 08:31 | 阅读：49 | 回复：0
CVE-2022-23983

Cross-Site Request Forgery (CSRF) vulnerability leading to plugin Settings Update discovered in WP Content Copy Protection No Right Click WordPress plugin (versions = 3.4.4).……

作者：菜鸟教程小白 | 时间：2022-6-23 08:31 | 阅读：40 | 回复：0
CVE-2022-23984

Sensitive information disclosure discovered in wpDiscuz WordPress plugin (versions = 7.3.11).……

作者：菜鸟教程小白 | 时间：2022-6-23 08:31 | 阅读：39 | 回复：0
CVE-2022-24295

Okta Advanced Server Access Client for Windows prior to version 1.57.0 was found to be vulnerable to command injection via a specially crafted URL.……

作者：菜鸟教程小白 | 时间：2022-6-23 08:31 | 阅读：40 | 回复：0
CVE-2022-25599

Cross-Site Request Forgery (CSRF) vulnerability leading to event deletion was discovered in Spiffy Calendar WordPress plugin (versions = 4.9.0).……

作者：菜鸟教程小白 | 时间：2022-6-23 08:31 | 阅读：27 | 回复：0
CVE-2021-44569

** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2021-3200 Reason: This candidate is a duplicate of CVE-2021-3200. Notes: All CVE users should reference CVE-2021-3200 instead of this can ...……

作者：菜鸟教程小白 | 时间：2022-6-23 08:31 | 阅读：24 | 回复：0
CVE-2021-44570

** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2021-3200 Reason: This candidate is a duplicate of CVE-2021-3200. Notes: All CVE users should reference CVE-2021-3200 instead of this can ...……

作者：菜鸟教程小白 | 时间：2022-6-23 08:31 | 阅读：45 | 回复：0
CVE-2022-0563

A flaw was found in the util-linux chfn and chsh utilities when compiled with Readline support. The Readline library uses an INPUTRC environment variable to get a path to the library config file. When ...……

作者：菜鸟教程小白 | 时间：2022-6-23 08:31 | 阅读：42 | 回复：0
CVE-2021-44571

** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2021-3200 Reason: This candidate is a duplicate of CVE-2021-3200. Notes: All CVE users should reference CVE-2021-3200 instead of this can ...……

作者：菜鸟教程小白 | 时间：2022-6-23 08:31 | 阅读：48 | 回复：0
CVE-2021-44573

** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2021-3200 Reason: This candidate is a duplicate of CVE-2021-3200. Notes: All CVE users should reference CVE-2021-3200 instead of this can ...……

作者：菜鸟教程小白 | 时间：2022-6-23 08:31 | 阅读：61 | 回复：0
CVE-2021-44574

** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2021-3200 Reason: This candidate is a duplicate of CVE-2021-3200. Notes: All CVE users should reference CVE-2021-3200 instead of this can ...……

作者：菜鸟教程小白 | 时间：2022-6-23 08:31 | 阅读：50 | 回复：0
CVE-2021-44575

** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2021-3200 Reason: This candidate is a duplicate of CVE-2021-3200. Notes: All CVE users should reference CVE-2021-3200 instead of this can ...……

作者：菜鸟教程小白 | 时间：2022-6-23 08:31 | 阅读：27 | 回复：0
CVE-2021-44576

** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2021-3200 Reason: This candidate is a duplicate of CVE-2021-3200. Notes: All CVE users should reference CVE-2021-3200 instead of this can ...……

作者：菜鸟教程小白 | 时间：2022-6-23 08:31 | 阅读：29 | 回复：0
CVE-2021-44577

** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2021-3200 Reason: This candidate is a duplicate of CVE-2021-3200. Notes: All CVE users should reference CVE-2021-3200 instead of this can ...……

作者：菜鸟教程小白 | 时间：2022-6-23 08:31 | 阅读：29 | 回复：0
CVE-2022-0696

NULL Pointer Dereference in GitHub repository vim/vim prior to 8.2.4428.……

作者：菜鸟教程小白 | 时间：2022-6-23 08:31 | 阅读：25 | 回复：0
CVE-2021-4115

There is a flaw in polkit which can allow an unprivileged user to cause polkit to crash, due to process file descriptor exhaustion. The highest threat from this vulnerability is to availability. NOTE: ...……

作者：菜鸟教程小白 | 时间：2022-6-23 08:31 | 阅读：18 | 回复：0
CVE-2022-24564

Checkmk =2.0.0p19 contains a Cross Site Scripting (XSS) vulnerability. While creating or editing a user attribute, the Help Text is subject to HTML injection, which can be triggered for editing a user ...……

作者：菜鸟教程小白 | 时间：2022-6-23 08:31 | 阅读：20 | 回复：0
CVE-2022-0676

Heap-based Buffer Overflow in GitHub repository radareorg/radare2 prior to 5.6.4.……

作者：菜鸟教程小白 | 时间：2022-6-23 08:31 | 阅读：16 | 回复：0
CVE-2022-0665

Path Traversal in GitHub repository pimcore/pimcore prior to 10.3.2.……

作者：菜鸟教程小白 | 时间：2022-6-23 08:31 | 阅读：14 | 回复：0
CVE-2021-46162

A vulnerability has been identified in Simcenter Femap (All versions V2022.1.1). Affected application contains an out of bounds write past the end of an allocated structure while parsing specially cr ...……

作者：菜鸟教程小白 | 时间：2022-6-23 08:31 | 阅读：15 | 回复：0
CVE-2021-46699

A vulnerability has been identified in Simcenter Femap (All versions V2022.1.1). Affected application contains a stack based buffer overflow vulnerability while parsing specially crafted BDF files. T ...……

作者：菜鸟教程小白 | 时间：2022-6-23 08:31 | 阅读：15 | 回复：0
CVE-2022-0712

NULL Pointer Dereference in GitHub repository radareorg/radare2 prior to 5.6.4.……

作者：菜鸟教程小白 | 时间：2022-6-23 08:31 | 阅读：15 | 回复：0
CVE-2022-0713

Heap-based Buffer Overflow in GitHub repository radareorg/radare2 prior to 5.6.4.……

作者：菜鸟教程小白 | 时间：2022-6-23 08:31 | 阅读：15 | 回复：0
CVE-2022-0714

Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2.4436.……

作者：菜鸟教程小白 | 时间：2022-6-23 08:31 | 阅读：15 | 回复：0