CVE漏洞

OStack程序员社区-中国程序员成长平台 › 门户 › 漏洞›CVE漏洞

RSS

CVE-2022-24679

A security link following local privilege escalation vulnerability in Trend Micro Apex One, Trend Micro Apex One as a Service, Trend Micro Worry-Free Business Security 10.0 SP1 and Trend Micro Worry-F ...……

作者：菜鸟教程小白 | 时间：2022-6-23 08:31 | 阅读：14 | 回复：0
CVE-2022-24680

A security link following local privilege escalation vulnerability in Trend Micro Apex One, Trend Micro Apex One as a Service, Trend Micro Worry-Free Business Security 10.0 SP1 and Trend Micro Worry-F ...……

作者：菜鸟教程小白 | 时间：2022-6-23 08:31 | 阅读：14 | 回复：0
CVE-2022-25329

Trend Micro ServerProtect 6.0/5.8 Information Server uses a static credential to perform authentication when a specific command is typed in the console. An unauthenticated remote attacker with access ...……

作者：菜鸟教程小白 | 时间：2022-6-23 08:31 | 阅读：14 | 回复：0
CVE-2022-25330

Integer overflow conditions that exist in Trend Micro ServerProtect 6.0/5.8 Information Server could allow a remote attacker to crash the process or achieve remote code execution.……

作者：菜鸟教程小白 | 时间：2022-6-23 08:31 | 阅读：14 | 回复：0
CVE-2022-25331

Uncaught exceptions that can be generated in Trend Micro ServerProtection 6.0/5.8 Information Server could allow a remote attacker to crash the process.……

作者：菜鸟教程小白 | 时间：2022-6-23 08:31 | 阅读：13 | 回复：0
CVE-2021-43943

Affected versions of Atlassian Jira Service Management Server and Data Center allow attackers with administrator privileges to inject arbitrary HTML or JavaScript via a Cross-Site Scripting (XSS) vuln ...……

作者：菜鸟教程小白 | 时间：2022-6-23 08:31 | 阅读：14 | 回复：0
CVE-2022-0695

Denial of Service in GitHub repository radareorg/radare2 prior to 5.6.4.……

作者：菜鸟教程小白 | 时间：2022-6-23 08:31 | 阅读：13 | 回复：0
CVE-2019-25058

An issue was discovered in USBGuard before 1.1.0. On systems with the usbguard-dbus daemon running, an unprivileged user could make USBGuard allow all USB devices to be connected in the future.……

作者：菜鸟教程小白 | 时间：2022-6-23 08:31 | 阅读：16 | 回复：0
CVE-2020-27467

A Directory Traversal vulnerability exits in Processwire CMS before 2.7.1 via the download parameter to index.php.……

作者：菜鸟教程小白 | 时间：2022-6-23 08:31 | 阅读：17 | 回复：0
CVE-2021-25636

LibreOffice supports digital signatures of ODF documents and macros within documents, presenting visual aids that no alteration of the document occurred since the last signing and that the signature i ...……

作者：菜鸟教程小白 | 时间：2022-6-23 08:31 | 阅读：17 | 回复：0
CVE-2021-3867

** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2021. Notes: none.……

作者：菜鸟教程小白 | 时间：2022-6-23 08:31 | 阅读：13 | 回复：0
CVE-2021-3868

** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2021. Notes: none.……

作者：菜鸟教程小白 | 时间：2022-6-23 08:31 | 阅读：13 | 回复：0
CVE-2021-3870

** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2021. Notes: none.……

作者：菜鸟教程小白 | 时间：2022-6-23 08:31 | 阅读：13 | 回复：0
CVE-2021-3871

** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2021. Notes: none.……

作者：菜鸟教程小白 | 时间：2022-6-23 08:31 | 阅读：12 | 回复：0
CVE-2021-3873

** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2021. Notes: none.……

作者：菜鸟教程小白 | 时间：2022-6-23 08:31 | 阅读：19 | 回复：0
CVE-2021-3876

** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2021. Notes: none.……

作者：菜鸟教程小白 | 时间：2022-6-23 08:31 | 阅读：12 | 回复：0
CVE-2021-3877

** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2021. Notes: none.……

作者：菜鸟教程小白 | 时间：2022-6-23 08:31 | 阅读：12 | 回复：0
CVE-2021-3880

** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2021. Notes: none.……

作者：菜鸟教程小白 | 时间：2022-6-23 08:31 | 阅读：17 | 回复：0
CVE-2021-3883

** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2021. Notes: none.……

作者：菜鸟教程小白 | 时间：2022-6-23 08:31 | 阅读：22 | 回复：0
CVE-2021-3884

** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2021. Notes: none.……

作者：菜鸟教程小白 | 时间：2022-6-23 08:31 | 阅读：20 | 回复：0
CVE-2021-3886

** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2021. Notes: none.……

作者：菜鸟教程小白 | 时间：2022-6-23 08:31 | 阅读：22 | 回复：0
CVE-2021-3887

** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2021. Notes: none.……

作者：菜鸟教程小白 | 时间：2022-6-23 08:31 | 阅读：22 | 回复：0
CVE-2021-3893

** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2021. Notes: none.……

作者：菜鸟教程小白 | 时间：2022-6-23 08:31 | 阅读：24 | 回复：0
CVE-2021-3937

** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2021. Notes: none.……

作者：菜鸟教程小白 | 时间：2022-6-23 08:31 | 阅读：28 | 回复：0
CVE-2021-3940

** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2021. Notes: none.……

作者：菜鸟教程小白 | 时间：2022-6-23 08:31 | 阅读：33 | 回复：0
CVE-2021-43724

A Cross Site Scripting (XSS) vulnerability exits in Subrion CMS through 4.2.1 in the Create Page functionality of the admin Account via a SGV file.……

作者：菜鸟教程小白 | 时间：2022-6-23 08:31 | 阅读：32 | 回复：0
CVE-2021-44550

An Incorrect Access Control vulnerability exists in CoreNLP 4.3.2 via the classifier in NERServlet.java (lines 158 and 159).……

作者：菜鸟教程小白 | 时间：2022-6-23 08:31 | 阅读：35 | 回复：0
CVE-2021-44565

A Cross Site Scripting (XSS) vulnerability exists in RosarioSIS before 7.6.1 via the xss_clean function in classes/Security.php, which allows remote malicious users to inject arbitrary JavaScript or H ...……

作者：菜鸟教程小白 | 时间：2022-6-23 08:31 | 阅读：45 | 回复：0
CVE-2021-44566

A Cross Site Scripting (XSS) vulnerability exists in RosarioSIS before 4.3 via the SanitizeMarkDown function in ProgramFunctions/MarkDownHTML.fnc.php.……

作者：菜鸟教程小白 | 时间：2022-6-23 08:31 | 阅读：49 | 回复：0
CVE-2021-44567

An unauthenticated SQL Injection vulnerability exists in RosarioSIS before 7.6.1 via the votes parameter in ProgramFunctions/PortalPollsNotes.fnc.php.……

作者：菜鸟教程小白 | 时间：2022-6-23 08:31 | 阅读：61 | 回复：0
CVE-2021-44607

A Cross Site Scripting (XSS) vulnerability exists in FUEL-CMS 1.5.1 in the Assets page via an SVG file.……

作者：菜鸟教程小白 | 时间：2022-6-23 08:31 | 阅读：99 | 回复：0
CVE-2021-44608

Multiple Cross Site Scripting (XSS) vulnerabilities exists in bloofoxCMS 0.5.2.1 - 0.5.1 via the (1) file parameter and (2) type parameter in an edit action in index.php.……

作者：菜鸟教程小白 | 时间：2022-6-23 08:31 | 阅读：257 | 回复：0
CVE-2021-44610

Multiple SQL Injection vulnerabilities exist in bloofoxCMS 0.5.2.1 - 0.5.1 via the (1) URLs, (2) lang_id, (3) tmpl_id, (4) mod_rewrite (5) eta_doctype. (6) meta_charset, (7) default_group, and (8) pag ...……

作者：菜鸟教程小白 | 时间：2022-6-23 08:31 | 阅读：95 | 回复：0
CVE-2021-44967

A Remote Code Execution (RCE) vulnerabilty exists in LimeSurvey 5.2.4 via the upload and install plugins function, which could let a remote malicious user upload an arbitrary PHP code file.……

作者：菜鸟教程小白 | 时间：2022-6-23 08:31 | 阅读：47 | 回复：0
CVE-2021-45746

A Directory Traversal vulnerability exists in WeBankPartners wecube-platform 3.2.1 via the file variable in PluginPackageController.java.……

作者：菜鸟教程小白 | 时间：2022-6-23 08:31 | 阅读：50 | 回复：0
CVE-2021-4029

A command injection vulnerability in the CGI program of the Zyxel ARMOR Z1/Z2 firmware could allow an attacker to execute arbitrary OS commands via a LAN interface.……

作者：菜鸟教程小白 | 时间：2022-6-23 08:31 | 阅读：39 | 回复：0
CVE-2021-4030

A cross-site request forgery vulnerability in the HTTP daemon of the Zyxel ARMOR Z1/Z2 firmware could allow an attacker to execute arbitrary commands if they coerce or trick a local user to visit a co ...……

作者：菜鸟教程小白 | 时间：2022-6-23 08:31 | 阅读：37 | 回复：0
CVE-2022-21142

Authentication bypass vulnerability in a-blog cms Ver.2.8.x series versions prior to Ver.2.8.74, Ver.2.9.x series versions prior to Ver.2.9.39, Ver.2.10.x series versions prior to Ver.2.10.43, and Ver ...……

作者：菜鸟教程小白 | 时间：2022-6-23 08:31 | 阅读：40 | 回复：0
CVE-2022-21179

Cross-site request forgery (CSRF) vulnerability in EC-CUBE plugin 'Mail Magazine Management Plugin' ver4.0.0 to 4.1.1 (for EC-CUBE 4 series) and ver1.0.0 to 1.0.4 (for EC-CUBE 3 series) allows ...……

作者：菜鸟教程小白 | 时间：2022-6-23 08:31 | 阅读：39 | 回复：0
CVE-2022-23043

Zenario CMS 9.2 allows an authenticated admin user to bypass the file upload restriction by creating a new 'File/MIME Types' using the '.phar' extension. Then an attacker can upload a ...……

作者：菜鸟教程小白 | 时间：2022-6-23 08:31 | 阅读：49 | 回复：0