• 设为首页
  • 点击收藏
  • 手机版
    手机扫一扫访问
    迪恩网络手机版
  • 关注官方公众号
    微信扫一扫关注
    公众号

CVE漏洞

RSS
  • CVE-2022-31201
    CVE-2022-31201
    SoftGuard Web (SGW) before 5.1.5 allows HTML injection.……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:16 | 阅读:542 | 回复:0
  • CVE-2022-31202
    CVE-2022-31202
    The export function in SoftGuard Web (SGW) before 5.1.5 allows directory traversal to read an arbitrary local file via export or man.tcl.……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:16 | 阅读:610 | 回复:0
  • CVE-2022-31208
    CVE-2022-31208
    An issue was discovered in Infiray IRAY-A8Z3 1.0.957. The webserver contains an endpoint that can execute arbitrary commands by manipulating the cmd_string URL parameter.……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:16 | 阅读:668 | 回复:0
  • CVE-2022-31209
    CVE-2022-31209
    An issue was discovered in Infiray IRAY-A8Z3 1.0.957. The firmware contains a potential buffer overflow by calling strcpy() without checking the string length beforehand.……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:16 | 阅读:582 | 回复:0
  • CVE-2022-31210
    CVE-2022-31210
    An issue was discovered in Infiray IRAY-A8Z3 1.0.957. The binary file /usr/local/sbin/webproject/set_param.cgi contains hardcoded credentials to the web application. Because these accounts cannot be d ...……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:16 | 阅读:624 | 回复:0
  • CVE-2022-31211
    CVE-2022-31211
    An issue was discovered in Infiray IRAY-A8Z3 1.0.957. There is a blank root password for TELNET by default.……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:16 | 阅读:700 | 回复:0
  • CVE-2022-31212
    CVE-2022-31212
    An issue was discovered in dbus-broker before 31. It depends on c-uitl/c-shquote to parse the DBus service's Exec line. c-shquote contains a stack-based buffer over-read if a malicious Exec line i ...……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:16 | 阅读:585 | 回复:0
  • CVE-2022-31213
    CVE-2022-31213
    An issue was discovered in dbus-broker before 31. Multiple NULL pointer dereferences can be found when supplying a malformed XML config file.……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:16 | 阅读:822 | 回复:0
  • CVE-2022-32985
    CVE-2022-32985
    libnx_apl.so on Nexans FTTO GigaSwitch before 6.02N and 7.x before 7.02 implements a Backdoor Account for SSH logins on port 50200 or 50201.……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:16 | 阅读:659 | 回复:0
  • CVE-2022-33903
    CVE-2022-33903
    Tor 0.4.7.x before 0.4.7.8 allows a denial of service via the wedging of RTT estimation.……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:16 | 阅读:562 | 回复:0
  • CVE-2020-16093
    CVE-2020-16093
    In LemonLDAP::NG (aka lemonldap-ng) through 2.0.8, validity of the X.509 certificate is not checked by default when connecting to remote LDAP backends, because the default configuration of the Net::LD ...……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:16 | 阅读:519 | 回复:0
  • CVE-2020-23561
    CVE-2020-23561
    IrfanView 4.54 allows a user-mode write access violation starting at FORMATS!ShowPlugInSaveOptions_W+0x0000000000005722.……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:16 | 阅读:499 | 回复:0
  • CVE-2020-23562
    CVE-2020-23562
    IrfanView 4.54 allows a user-mode write access violation starting at FORMATS!ShowPlugInSaveOptions_W+0x000000000000aefe.……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:16 | 阅读:933 | 回复:0
  • CVE-2020-23563
    CVE-2020-23563
    IrfanView 4.54 allows a user-mode write access violation starting at FORMATS!ShowPlugInSaveOptions_W+0x0000000000002cba.……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:16 | 阅读:560 | 回复:0
  • CVE-2021-40874
    CVE-2021-40874
    An issue was discovered in LemonLDAP::NG (aka lemonldap-ng) 2.0.13. When using the RESTServer plug-in to operate a REST password validation service (for another LemonLDAP::NG instance, for example) an ...……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:16 | 阅读:931 | 回复:0
  • CVE-2021-41419
    CVE-2021-41419
    QVIS NVR DVR before 2021-12-13 is vulnerable to Remote Code Execution via Java deserialization.……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:16 | 阅读:976 | 回复:0
  • CVE-2021-42923
    CVE-2021-42923
    ShowMyPC 3606 on Windows suffers from a DLL hijack vulnerability. If an attacker overwrites the file %temp%\ShowMyPC\-ShowMyPC3606\wodVPN.dll, it will run any malicious code contained in that file. Th ...……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:16 | 阅读:532 | 回复:0
  • CVE-2021-44954
    CVE-2021-44954
    In QVIS NVR DVR before 2021-12-13, an attacker can escalate privileges from a qvisdvr user to the root user by abusing a Sudo misconfiguration.……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:16 | 阅读:582 | 回复:0
  • CVE-2022-27434
    CVE-2022-27434
    UNIT4 TETA Mobile Edition (ME) before 29.5.HF17 was discovered to contain a SQL injection vulnerability via the ProfileName parameter in the errorReporting page.……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:16 | 阅读:1290 | 回复:0
  • CVE-2022-33891
    CVE-2022-33891
    The Apache Spark UI offers the possibility to enable ACLs via the configuration option spark.acls.enable. With an authentication filter, this checks whether a user has access permissions to view or mo ...……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:16 | 阅读:1379 | 回复:0
  • CVE-2016-15003
    CVE-2016-15003
    A vulnerability has been found in FileZilla Client 3.17.0.0 and classified as problematic. This vulnerability affects unknown code of the file C:\Program Files\FileZilla FTP Client\uninstall.exe of th ...……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:16 | 阅读:1015 | 回复:0
  • CVE-2022-36127
    CVE-2022-36127
    A vulnerability in Apache SkyWalking NodeJS Agent prior to 0.5.1. The vulnerability will cause NodeJS services that has this agent installed to be unavailable if the OAP is unhealthy and NodeJS agent ...……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:16 | 阅读:666 | 回复:0
  • CVE-2022-24688
    CVE-2022-24688
    An issue was discovered in DSK DSKNet 2.16.136.0 and 2.17.136.5. The Touch settings allow unrestricted file upload (and consequently Remote Code Execution) via PDF upload with PHP content and a .php e ...……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:16 | 阅读:771 | 回复:0
  • CVE-2022-24689
    CVE-2022-24689
    An issue was discovered in DSK DSKNet 2.16.136.0 and 2.17.136.5. It mishandles access control. This allows a remote attacker to access account information pages (including personal data) without being ...……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:16 | 阅读:554 | 回复:0
  • CVE-2022-24690
    CVE-2022-24690
    An issue was discovered in DSK DSKNet 2.16.136.0 and 2.17.136.5. A PresAbs.php SQL Injection vulnerability allows unauthenticated users to taint database data and extract sensitive information via cra ...……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:16 | 阅读:757 | 回复:0
  • CVE-2022-24691
    CVE-2022-24691
    An issue was discovered in DSK DSKNet 2.16.136.0 and 2.17.136.5. A SQL Injection vulnerability allows authenticated users to taint database data and extract sensitive information via crafted HTTP requ ...……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:16 | 阅读:1105 | 回复:0
  • CVE-2022-24692
    CVE-2022-24692
    An issue was discovered in DSK DSKNet 2.16.136.0 and 2.17.136.5. The new menu option within the general Parameters page is vulnerable to stored XSS. The attacker can create a menu option, make it visi ...……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:16 | 阅读:548 | 回复:0
  • CVE-2022-30620
    CVE-2022-30620
    On Cellinx Camera with guest enabled, attacker with web access can elevate privileges to administrative: 1 to 0 privileges by changing the following cookie values from is_admin, showConfig. Administra ...……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:16 | 阅读:521 | 回复:0
  • CVE-2022-30621
    CVE-2022-30621
    Allows a remote user to read files on the camera's OS GetFileContent.cgi. Reading arbitrary files on the camera's OS as root user.……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:16 | 阅读:1700 | 回复:0
  • CVE-2022-30623
    CVE-2022-30623
    The server checks the user's cookie in a non-standard way, and a value is entered in the cookie value name of the status and its value is set to true to bypass the identification with the system u ...……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:16 | 阅读:613 | 回复:0
  • CVE-2022-30624
    CVE-2022-30624
    Browsing the admin.html page allows the user to reset the admin password. Also appears in the JS code for the password.……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:16 | 阅读:636 | 回复:0
  • CVE-2022-30625
    CVE-2022-30625
    Directory listing is a web server function that displays the directory contents when there is no index file in a specific website directory. A directory listing provides an attacker with the complete ...……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:16 | 阅读:539 | 回复:0
  • CVE-2022-30626
    CVE-2022-30626
    Browsing the path: http://ip/wifi_ap_pata_get.cmd, will show in the name of the existing access point on the component, and a password in clear text.……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:16 | 阅读:1069 | 回复:0
  • CVE-2022-30627
    CVE-2022-30627
    This vulnerability affects all of the company's products that also include the FW versions: update_i90_cv2.021_b20210104, update_i50_v1.0.55_b20200509, update_x6_v2.1.2_b202001127, update_b5_v2.0. ...……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:16 | 阅读:566 | 回复:0
  • CVE-2022-32450
    CVE-2022-32450
    AnyDesk 7.0.9 allows a local user to gain SYSTEM privileges via a symbolic link because the user can write to their own %APPDATA% folder (used for ad.trace and chat) but the product runs as SYSTEM whe ...……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:16 | 阅读:743 | 回复:0
  • CVE-2022-35404
    CVE-2022-35404
    ManageEngine Password Manager Pro 12100 and prior and OPManager 126100 and prior are vulnerable to unauthorized file and directory creation on a server machine.……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:16 | 阅读:1531 | 回复:0
  • CVE-2021-33655
    CVE-2021-33655
    When sending malicous data to kernel by ioctl cmd FBIOPUT_VSCREENINFO,kernel will write memory out of bounds.……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:16 | 阅读:596 | 回复:0
  • CVE-2021-33656
    CVE-2021-33656
    When setting font with malicous data by ioctl cmd PIO_FONT,kernel will write memory out of bounds.……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:16 | 阅读:600 | 回复:0
  • CVE-2022-23142
    CVE-2022-23142
    ZXEN CG200 has a DoS vulnerability. An attacker could construct and send a large number of HTTP GET requests in a short time, which can make the product management websites not accessible.……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:16 | 阅读:538 | 回复:0
  • CVE-2022-2400
    CVE-2022-2400
    External Control of File Name or Path in GitHub repository dompdf/dompdf prior to 2.0.0.……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:16 | 阅读:827 | 回复:0

关注我们

极客给你想要的成长

关注极客中国获取最新资讯

热门推荐
专题导读
阅读排行榜

扫描微信二维码

查看手机版网站

随时了解更新最新资讯

139-2527-9053

在线客服(服务时间 9:00~18:00)

在线QQ客服
地址:深圳市南山区西丽大学城创智工业园
电邮:jeky_zhao#qq.com
移动电话:139-2527-9053

Powered by 互联科技 X3.4© 2001-2213 极客世界.|Sitemap