CVE漏洞

OStack程序员社区-中国程序员成长平台 › 门户 › 漏洞›CVE漏洞

RSS

CVE-2022-22716

Microsoft Excel Information Disclosure Vulnerability.……

作者：菜鸟教程小白 | 时间：2022-6-23 08:28 | 阅读：15 | 回复：0
CVE-2022-22717

Windows Print Spooler Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-21997, CVE-2022-21999, CVE-2022-22718.……

作者：菜鸟教程小白 | 时间：2022-6-23 08:28 | 阅读：16 | 回复：0
CVE-2022-22718

Windows Print Spooler Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-21997, CVE-2022-21999, CVE-2022-22717.……

作者：菜鸟教程小白 | 时间：2022-6-23 08:28 | 阅读：16 | 回复：0
CVE-2022-23252

Microsoft Office Information Disclosure Vulnerability.……

作者：菜鸟教程小白 | 时间：2022-6-23 08:28 | 阅读：15 | 回复：0
CVE-2022-23254

Microsoft Power BI Information Disclosure Vulnerability.……

作者：菜鸟教程小白 | 时间：2022-6-23 08:28 | 阅读：16 | 回复：0
CVE-2022-23255

Microsoft OneDrive for Android Security Feature Bypass Vulnerability.……

作者：菜鸟教程小白 | 时间：2022-6-23 08:28 | 阅读：11 | 回复：0
CVE-2022-23256

Azure Data Explorer Spoofing Vulnerability.……

作者：菜鸟教程小白 | 时间：2022-6-23 08:28 | 阅读：10 | 回复：0
CVE-2022-23269

Microsoft Dynamics GP Spoofing Vulnerability.……

作者：菜鸟教程小白 | 时间：2022-6-23 08:28 | 阅读：8 | 回复：0
CVE-2022-23271

Microsoft Dynamics GP Elevation Of Privilege Vulnerability. This CVE ID is unique from CVE-2022-23272, CVE-2022-23273.……

作者：菜鸟教程小白 | 时间：2022-6-23 08:28 | 阅读：9 | 回复：0
CVE-2022-23272

Microsoft Dynamics GP Elevation Of Privilege Vulnerability. This CVE ID is unique from CVE-2022-23271, CVE-2022-23273.……

作者：菜鸟教程小白 | 时间：2022-6-23 08:28 | 阅读：8 | 回复：0
CVE-2022-23273

Microsoft Dynamics GP Elevation Of Privilege Vulnerability. This CVE ID is unique from CVE-2022-23271, CVE-2022-23272.……

作者：菜鸟教程小白 | 时间：2022-6-23 08:28 | 阅读：8 | 回复：0
CVE-2022-23274

Microsoft Dynamics GP Remote Code Execution Vulnerability.……

作者：菜鸟教程小白 | 时间：2022-6-23 08:28 | 阅读：9 | 回复：0
CVE-2022-23276

SQL Server for Linux Containers Elevation of Privilege Vulnerability.……

作者：菜鸟教程小白 | 时间：2022-6-23 08:28 | 阅读：9 | 回复：0
CVE-2022-23280

Microsoft Outlook for Mac Security Feature Bypass Vulnerability.……

作者：菜鸟教程小白 | 时间：2022-6-23 08:28 | 阅读：9 | 回复：0
CVE-2021-45330

An issue exsits in Gitea through 1.15.7, which could let a malicious user gain privileges due to client side cookies not being deleted and the session remains valid on the server side for reuse.……

作者：菜鸟教程小白 | 时间：2022-6-23 08:28 | 阅读：9 | 回复：0
CVE-2021-45331

An Authentication Bypass vulnerability exists in Gitea before 1.5.0, which could let a malicious user gain privileges. If captured, the TOTP code for the 2FA can be submitted correctly more than once.……

作者：菜鸟教程小白 | 时间：2022-6-23 08:28 | 阅读：9 | 回复：0
CVE-2021-36302

All Dell EMC Integrated System for Microsoft Azure Stack Hub versions contain a privilege escalation vulnerability. A remote malicious user with standard level JEA credentials may potentially exploit ...……

作者：菜鸟教程小白 | 时间：2022-6-23 08:28 | 阅读：9 | 回复：0
CVE-2021-41442

An HTTP smuggling attack in the web application of D-Link DIR-X1860 before v1.10WWB09_Beta allows a remote unauthenticated attacker to DoS the web application via sending a specific HTTP packet.……

作者：菜鸟教程小白 | 时间：2022-6-23 08:28 | 阅读：10 | 回复：0
CVE-2021-45286

Directory Traversal vulnerability exists in ZZCMS 2021 via the skin parameter in 1) index.php, 2) bottom.php, and 3) top_index.php.……

作者：菜鸟教程小白 | 时间：2022-6-23 08:28 | 阅读：9 | 回复：0
CVE-2022-21660

Gin-vue-admin is a backstage management system based on vue and gin. In versions prior to 2.4.7 low privilege users are able to modify higher privilege users. Authentication is missing on the `setUser ...……

作者：菜鸟教程小白 | 时间：2022-6-23 08:28 | 阅读：9 | 回复：0
CVE-2022-22566

Select Dell Client Commercial and Consumer platforms contain a pre-boot direct memory access (DMA) vulnerability. An authenticated attacker with physical access to the system may potentially exploit t ...……

作者：菜鸟教程小白 | 时间：2022-6-23 08:28 | 阅读：9 | 回复：0
CVE-2022-22567

Select Dell Client Commercial and Consumer platforms are vulnerable to an insufficient verification of data authenticity vulnerability. An authenticated malicious user may exploit this vulnerability i ...……

作者：菜鸟教程小白 | 时间：2022-6-23 08:28 | 阅读：8 | 回复：0
CVE-2022-23615

XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. In affected versions any user with SCRIPT right can save a document with the right of the curre ...……

作者：菜鸟教程小白 | 时间：2022-6-23 08:28 | 阅读：9 | 回复：0
CVE-2022-23616

XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. In affected versions it's possible for an unprivileged user to perform a remote code execut ...……

作者：菜鸟教程小白 | 时间：2022-6-23 08:28 | 阅读：9 | 回复：0
CVE-2022-23617

XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. In affected versions any user with edit right can copy the content of a page it does not have a ...……

作者：菜鸟教程小白 | 时间：2022-6-23 08:28 | 阅读：8 | 回复：0
CVE-2022-23618

XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. In affected versions there is no protection against URL redirection to untrusted sites, in part ...……

作者：菜鸟教程小白 | 时间：2022-6-23 08:28 | 阅读：9 | 回复：0
CVE-2022-23619

XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. In affected versions it's possible to guess if a user has an account on the wiki by using t ...……

作者：菜鸟教程小白 | 时间：2022-6-23 08:28 | 阅读：8 | 回复：0
CVE-2022-23620

XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. In affected versions AbstractSxExportURLFactoryActionHandler#processSx does not escape anything ...……

作者：菜鸟教程小白 | 时间：2022-6-23 08:28 | 阅读：6 | 回复：0
CVE-2022-23621

XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. In affected versions any user with SCRIPT right can read any file located in the XWiki WAR (for ...……

作者：菜鸟教程小白 | 时间：2022-6-23 08:28 | 阅读：6 | 回复：0
CVE-2022-23622

XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. In affected versions there is a cross site scripting (XSS) vector in the `registerinline.vm` te ...……

作者：菜鸟教程小白 | 时间：2022-6-23 08:28 | 阅读：6 | 回复：0
CVE-2022-23628

OPA is an open source, general-purpose policy engine. Under certain conditions, pretty-printing an abstract syntax tree (AST) that contains synthetic nodes could change the logic of some statements by ...……

作者：菜鸟教程小白 | 时间：2022-6-23 08:28 | 阅读：5 | 回复：0
CVE-2022-23631

superjson is a program to allow JavaScript expressions to be serialized to a superset of JSON. In versions prior to 1.8.1 superjson allows input to run arbitrary code on any server using superjson inp ...……

作者：菜鸟教程小白 | 时间：2022-6-23 08:28 | 阅读：5 | 回复：0
CVE-2021-0060

Insufficient compartmentalization in HECI subsystem for the Intel(R) SPS before versions SPS_E5_04.01.04.516.0, SPS_E5_04.04.04.033.0, SPS_E5_04.04.03.281.0, SPS_E5_03.01.03.116.0, SPS_E3_05.01.04.309 ...……

作者：菜鸟教程小白 | 时间：2022-6-23 08:28 | 阅读：5 | 回复：0
CVE-2021-0066

Improper input validation in firmware for Intel(R) PROSet/Wireless Wi-Fi in multiple operating systems and Killer(TM) Wi-Fi in Windows 10 and 11 may allow an unauthenticated user to potentially enable ...……

作者：菜鸟教程小白 | 时间：2022-6-23 08:28 | 阅读：5 | 回复：0
CVE-2021-0072

Improper input validation in firmware for some Intel(R) PROSet/Wireless Wi-Fi in multiple operating systems and some Killer(TM) Wi-Fi in Windows 10 and 11 may allow a privileged user to potentially en ...……

作者：菜鸟教程小白 | 时间：2022-6-23 08:28 | 阅读：5 | 回复：0
CVE-2021-0076

Improper Validation of Specified Index, Position, or Offset in Input in firmware for some Intel(R) PROSet/Wireless Wi-Fi in multiple operating systems and some Killer(TM) Wi-Fi in Windows 10 and 11 ma ...……

作者：菜鸟教程小白 | 时间：2022-6-23 08:28 | 阅读：5 | 回复：0
CVE-2021-0091

Improper access control in the firmware for some Intel(R) Processors may allow an unauthenticated user to potentially enable an escalation of privilege via local access.……

作者：菜鸟教程小白 | 时间：2022-6-23 08:28 | 阅读：5 | 回复：0
CVE-2021-0092

Improper access control in the firmware for some Intel(R) Processors may allow a privileged user to potentially enable a denial of service via local access.……

作者：菜鸟教程小白 | 时间：2022-6-23 08:28 | 阅读：5 | 回复：0
CVE-2021-0093

Incorrect default permissions in the firmware for some Intel(R) Processors may allow a privileged user to potentially enable a denial of service via local access.……

作者：菜鸟教程小白 | 时间：2022-6-23 08:28 | 阅读：5 | 回复：0
CVE-2021-0099

Insufficient control flow management in the firmware for some Intel(R) Processors may allow an authenticated user to potentially enable an escalation of privilege via local access.……

作者：菜鸟教程小白 | 时间：2022-6-23 08:28 | 阅读：5 | 回复：0