CVE漏洞

OStack程序员社区-中国程序员成长平台 › 门户 › 漏洞›CVE漏洞

RSS

CVE-2022-23013

On BIG-IP DNS GTM version 16.x before 16.1.0, 15.1.x before 15.1.4, 14.1.x before 14.1.4.4, and all versions of 13.1.x, 12.1.x, and 11.6.x, a DOM-based cross-site scripting (XSS) vulnerability exists ...……

作者：菜鸟教程小白 | 时间：2022-6-23 07:51 | 阅读：23 | 回复：0
CVE-2022-23014

On versions 16.1.x before 16.1.2 and 15.1.x before 15.1.4.1, when BIG-IP APM portal access is configured on a virtual server, undisclosed requests can cause the Traffic Management Microkernel (TMM) to ...……

作者：菜鸟教程小白 | 时间：2022-6-23 07:51 | 阅读：20 | 回复：0
CVE-2022-23015

On BIG-IP versions 16.x before 16.1.0, 15.1.x before 15.1.4.1, and 14.1.2.6-14.1.4.4, when a Client SSL profile is configured on a virtual server with Client Certificate Authentication set to request/ ...……

作者：菜鸟教程小白 | 时间：2022-6-23 07:51 | 阅读：15 | 回复：0
CVE-2022-23016

On versions 16.1.x before 16.1.2 and 15.1.x before 15.1.4.1, when BIG-IP SSL Forward Proxy with TLS 1.3 is configured on a virtual server, undisclosed requests can cause the Traffic Management Microke ...……

作者：菜鸟教程小白 | 时间：2022-6-23 07:51 | 阅读：20 | 回复：0
CVE-2022-23017

On BIG-IP version 16.x before 16.1.0, 15.1.x before 15.1.4.1, 14.1.x before 14.1.4.5, and all versions of 13.1.x, when a virtual server is configured with a DNS profile with the Rapid Response Mode se ...……

作者：菜鸟教程小白 | 时间：2022-6-23 07:51 | 阅读：20 | 回复：0
CVE-2022-23018

On BIG-IP AFM version 16.1.x before 16.1.2, 15.1.x before 15.1.4.1, 14.1.x before 14.1.4.5, and 13.1.x beginning in 13.1.3.4, when a virtual server is configured with both HTTP protocol security and H ...……

作者：菜鸟教程小白 | 时间：2022-6-23 07:51 | 阅读：16 | 回复：0
CVE-2022-23019

On BIG-IP version 16.1.x before 16.1.2, 15.1.x before 15.1.4.1, 14.1.x before 14.1.4.4, and all versions of 13.1.x and 12.1.x, when a message routing type virtual server is configured with both Diamet ...……

作者：菜鸟教程小白 | 时间：2022-6-23 07:51 | 阅读：19 | 回复：0
CVE-2022-23020

On BIG-IP version 16.1.x before 16.1.2, when the 'Respond on Error' setting is enabled on the Request Logging profile and configured on a virtual server, undisclosed requests can cause the Tra ...……

作者：菜鸟教程小白 | 时间：2022-6-23 07:51 | 阅读：19 | 回复：0
CVE-2022-23021

On BIG-IP version 16.1.x before 16.1.2, when any of the following configurations are configured on a virtual server, undisclosed requests can cause the Traffic Management Microkernel (TMM) to terminat ...……

作者：菜鸟教程小白 | 时间：2022-6-23 07:51 | 阅读：19 | 回复：0
CVE-2022-23022

On BIG-IP version 16.1.x before 16.1.2, when an HTTP profile is configured on a virtual server, undisclosed requests can cause the Traffic Management Microkernel (TMM) to terminate. Note: Software ver ...……

作者：菜鸟教程小白 | 时间：2022-6-23 07:51 | 阅读：22 | 回复：0
CVE-2022-23023

On BIG-IP version 16.1.x before 16.1.2.1, 15.1.x before 15.1.5, 14.1.x before 14.1.4.5, and all versions of 13.1.x and 12.1.x, and BIG-IQ all versions of 8.x and 7.x, undisclosed requests by an authen ...……

作者：菜鸟教程小白 | 时间：2022-6-23 07:51 | 阅读：23 | 回复：0
CVE-2022-23024

On BIG-IP AFM version 16.x before 16.1.0, 15.1.x before 15.1.4.1, 14.1.x before 14.1.4.2, and all versions of 13.1.x, when the IPsec application layer gateway (ALG) logging profile is configured on an ...……

作者：菜鸟教程小白 | 时间：2022-6-23 07:51 | 阅读：21 | 回复：0
CVE-2022-23025

On BIG-IP version 16.1.x before 16.1.1, 15.1.x before 15.1.4, 14.1.x before 14.1.4.4, and all versions of 13.1.x, when a SIP ALG profile is configured on a virtual server, undisclosed requests can cau ...……

作者：菜鸟教程小白 | 时间：2022-6-23 07:51 | 阅读：23 | 回复：0
CVE-2022-23026

On BIG-IP ASM Advanced WAF version 16.1.x before 16.1.2, 15.1.x before 15.1.4.1, 14.1.x before 14.1.4.5, and all versions of 13.1.x and 12.1.x, an authenticated user with low privileges, such as a gu ...……

作者：菜鸟教程小白 | 时间：2022-6-23 07:51 | 阅读：21 | 回复：0
CVE-2022-23027

On BIG-IP versions 15.1.x before 15.1.4, 14.1.x before 14.1.4.4, 13.1.x beginning in 13.1.3.6, 12.1.5.3-12.1.6, and 11.6.5.2, when a FastL4 profile and an HTTP, FIX, and/or hash persistence profile ar ...……

作者：菜鸟教程小白 | 时间：2022-6-23 07:51 | 阅读：21 | 回复：0
CVE-2022-23028

On BIG-IP AFM version 16.x before 16.1.0, 15.1.x before 15.1.5, 14.1.x before 14.1.4.5, and all versions of 13.1.x, when global AFM SYN cookie protection (TCP Half Open flood vector) is activated in t ...……

作者：菜鸟教程小白 | 时间：2022-6-23 07:51 | 阅读：20 | 回复：0
CVE-2022-23029

On BIG-IP version 16.x before 16.1.0, 15.1.x before 15.1.4.1, 14.1.x before 14.1.4.4, and all versions of 13.1.x, 12.1.x, and 11.6.x, when a FastL4 profile is configured on a virtual server, undisclos ...……

作者：菜鸟教程小白 | 时间：2022-6-23 07:51 | 阅读：17 | 回复：0
CVE-2022-23030

On version 16.1.x before 16.1.2, 15.1.x before 15.1.4.1, 14.1.x before 14.1.4.5, and all versions of 13.1.x, when the BIG-IP Virtual Edition (VE) uses the ixlv driver (which is used in SR-IOV mode and ...……

作者：菜鸟教程小白 | 时间：2022-6-23 07:51 | 阅读：19 | 回复：0
CVE-2022-23031

On BIG-IP FPS, ASM, and Advanced WAF versions 16.1.x before 16.1.1, 15.1.x before 15.1.4, and 14.1.x before 14.1.4.4, an XML External Entity (XXE) vulnerability exists in an undisclosed page of the F5 ...……

作者：菜鸟教程小白 | 时间：2022-6-23 07:51 | 阅读：19 | 回复：0
CVE-2022-23032

In all versions before 7.2.1.4, when proxy settings are configured in the network access resource of a BIG-IP APM system, connecting BIG-IP Edge Client on Mac and Windows is vulnerable to a DNS rebind ...……

作者：菜鸟教程小白 | 时间：2022-6-23 07:51 | 阅读：18 | 回复：0
CVE-2021-43799

Zulip is an open-source team collaboration tool. Zulip Server installs RabbitMQ for internal message passing. In versions of Zulip Server prior to 4.9, the initial installation (until first reboot, or ...……

作者：菜鸟教程小白 | 时间：2022-6-23 07:51 | 阅读：19 | 回复：0
CVE-2022-23258

Microsoft Edge for Android Spoofing Vulnerability.……

作者：菜鸟教程小白 | 时间：2022-6-23 07:51 | 阅读：18 | 回复：0
CVE-2021-36289

Dell VNX2 OE for File versions 8.1.21.266 and earlier, contain a sensitive information disclosure vulnerability. A local malicious user may exploit this vulnerability to read sensitive information and ...……

作者：菜鸟教程小白 | 时间：2022-6-23 07:51 | 阅读：15 | 回复：0
CVE-2021-36294

Dell VNX2 OE for File versions 8.1.21.266 and earlier, contain an authentication bypass vulnerability. A remote unauthenticated attacker may exploit this vulnerability by forging a cookie to login as ...……

作者：菜鸟教程小白 | 时间：2022-6-23 07:51 | 阅读：18 | 回复：0
CVE-2021-36295

Dell VNX2 OE for File versions 8.1.21.266 and earlier, contain an authenticated remote code execution vulnerability. A remote malicious user with privileges may exploit this vulnerability to execute c ...……

作者：菜鸟教程小白 | 时间：2022-6-23 07:51 | 阅读：16 | 回复：0
CVE-2021-36296

Dell VNX2 OE for File versions 8.1.21.266 and earlier, contain an authenticated remote code execution vulnerability. A remote malicious user with privileges may exploit this vulnerability to execute c ...……

作者：菜鸟教程小白 | 时间：2022-6-23 07:51 | 阅读：19 | 回复：0
CVE-2021-36346

Dell iDRAC 8 prior to version 2.82.82.82 contain a denial of service vulnerability. An unauthenticated remote attacker could potentially exploit this vulnerability to deny access to the iDRAC webserve ...……

作者：菜鸟教程小白 | 时间：2022-6-23 07:51 | 阅读：22 | 回复：0
CVE-2021-36347

iDRAC9 versions prior to 5.00.20.00 and iDRAC8 versions prior to 2.82.82.82 contain a stack-based buffer overflow vulnerability. An authenticated remote attacker with high privileges could potentially ...……

作者：菜鸟教程小白 | 时间：2022-6-23 07:51 | 阅读：19 | 回复：0
CVE-2021-36348

iDRAC9 versions prior to 5.00.20.00 contain an input injection vulnerability. A remote authenticated malicious user with low privileges may potentially exploit this vulnerability to cause information ...……

作者：菜鸟教程小白 | 时间：2022-6-23 07:51 | 阅读：19 | 回复：0
CVE-2022-23959

In Varnish Cache before 6.6.2 and 7.x before 7.0.2, Varnish Cache 6.0 LTS before 6.0.10, and and Varnish Enterprise (Cache Plus) 4.1.x before 4.1.11r6 and 6.0.x before 6.0.9r4, request smuggling can o ...……

作者：菜鸟教程小白 | 时间：2022-6-23 07:51 | 阅读：25 | 回复：0
CVE-2021-46559

The firmware on Moxa TN-5900 devices through 3.1 has a weak algorithm that allows an attacker to defeat an inspection mechanism for integrity protection.……

作者：菜鸟教程小白 | 时间：2022-6-23 07:51 | 阅读：26 | 回复：0
CVE-2021-46560

The firmware on Moxa TN-5900 devices through 3.1 allows command injection that could lead to device damage.……

作者：菜鸟教程小白 | 时间：2022-6-23 07:51 | 阅读：29 | 回复：0
CVE-2022-0355

Exposure of Sensitive Information to an Unauthorized Actor in NPM simple-get prior to 4.0.1.……

作者：菜鸟教程小白 | 时间：2022-6-23 07:51 | 阅读：30 | 回复：0
CVE-2019-25056

In Bromite through 78.0.3904.130, there are adblock rules in the release APK; therefore, probing which resources are blocked and which aren't can identify the application version and defeat the Us ...……

作者：菜鸟教程小白 | 时间：2022-6-23 07:51 | 阅读：43 | 回复：0
CVE-2022-23968

Xerox VersaLink devices on specific versions of firmware before 2022-01-26 allow remote attackers to brick the device via a crafted TIFF file in an unauthenticated HTTP POST request. There is a perman ...……

作者：菜鸟教程小白 | 时间：2022-6-23 07:51 | 阅读：53 | 回复：0
CVE-2022-21944

A UNIX Symbolic Link (Symlink) Following vulnerability in the systemd service file for watchman of openSUSE Backports SLE-15-SP3, Factory allows local attackers to escalate to root. This issue affects ...……

作者：菜鸟教程小白 | 时间：2022-6-23 07:51 | 阅读：41 | 回复：0
CVE-2022-0374

Cross-site Scripting (XSS) - Stored in Packagist remdex/livehelperchat prior to 3.93v.……

作者：菜鸟教程小白 | 时间：2022-6-23 07:51 | 阅读：49 | 回复：0
CVE-2022-0375

Cross-site Scripting (XSS) - Stored in Packagist remdex/livehelperchat prior to 3.93v.……

作者：菜鸟教程小白 | 时间：2022-6-23 07:51 | 阅读：99 | 回复：0
CVE-2021-41766

Apache Karaf allows monitoring of applications and the Java runtime by using the Java Management Extensions (JMX). JMX is a Java RMI based technology that relies on Java serialized objects for client ...……

作者：菜鸟教程小白 | 时间：2022-6-23 07:51 | 阅读：69 | 回复：0
CVE-2022-0251

Cross-site Scripting (XSS) - Stored in GitHub repository pimcore/pimcore prior to 10.2.10.……

作者：菜鸟教程小白 | 时间：2022-6-23 07:51 | 阅读：54 | 回复：0