CVE漏洞

OStack程序员社区-中国程序员成长平台 › 门户 › 漏洞›CVE漏洞

RSS

CVE-2021-41166

The Nextcloud Android app is the Android client for Nextcloud, a self-hosted productivity platform. An issue in versions prior to 3.17.1 may lead to sensitive information disclosure. An unauthorized a ...……

作者：菜鸟教程小白 | 时间：2022-6-23 07:51 | 阅读：37 | 回复：0
CVE-2022-21722

PJSIP is a free and open source multimedia communication library written in C language implementing standard based protocols such as SIP, SDP, RTP, STUN, TURN, and ICE. In version 2.11.1 and prior, th ...……

作者：菜鸟教程小白 | 时间：2022-6-23 07:51 | 阅读：40 | 回复：0
CVE-2022-21723

PJSIP is a free and open source multimedia communication library written in C language implementing standard based protocols such as SIP, SDP, RTP, STUN, TURN, and ICE. In versions 2.11.1 and prior, p ...……

作者：菜鸟教程小白 | 时间：2022-6-23 07:51 | 阅读：53 | 回复：0
CVE-2022-0370

Cross-site Scripting (XSS) - Stored in Packagist remdex/livehelperchat prior to 3.93v.……

作者：菜鸟教程小白 | 时间：2022-6-23 07:51 | 阅读：63 | 回复：0
CVE-2022-0387

Cross-site Scripting (XSS) - Stored in Packagist remdex/livehelperchat prior to 3.93v.……

作者：菜鸟教程小白 | 时间：2022-6-23 07:51 | 阅读：49 | 回复：0
CVE-2022-22828

An insecure direct object reference for the file-download URL in Synametrics SynaMan before 5.0 allows a remote attacker to access unshared files via a modified base64-encoded filename string.……

作者：菜鸟教程小白 | 时间：2022-6-23 07:51 | 阅读：76 | 回复：0
CVE-2022-0372

Cross-site Scripting (XSS) - Stored in Packagist bytefury/crater prior to 6.0.2.……

作者：菜鸟教程小白 | 时间：2022-6-23 07:51 | 阅读：63 | 回复：0
CVE-2021-44121

** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none.……

作者：菜鸟教程小白 | 时间：2022-6-23 07:51 | 阅读：112 | 回复：0
CVE-2021-44792

Single Connect does not perform an authorization check when using the log-monitor module. A remote attacker could exploit this vulnerability to access the logging interface. The exploitation of this v ...……

作者：菜鸟教程小白 | 时间：2022-6-23 07:51 | 阅读：260 | 回复：0
CVE-2021-44793

Single Connect does not perform an authorization check when using the sc-reports-ui module. A remote attacker could exploit this vulnerability to access the device configuration page and export the da ...……

作者：菜鸟教程小白 | 时间：2022-6-23 07:51 | 阅读：125 | 回复：0
CVE-2021-44794

Single Connect does not perform an authorization check when using the sc-diagnostic-ui module. A remote attacker could exploit this vulnerability to access the device information page. The exploitatio ...……

作者：菜鸟教程小白 | 时间：2022-6-23 07:51 | 阅读：91 | 回复：0
CVE-2021-44795

Single Connect does not perform an authorization check when using the sc-assigned-credential-ui module. A remote attacker could exploit this vulnerability to modify users permissions. The exploitation ...……

作者：菜鸟教程小白 | 时间：2022-6-23 07:51 | 阅读：72 | 回复：0
CVE-2022-23181

The fix for bug CVE-2020-9484 introduced a time of check, time of use vulnerability into Apache Tomcat 10.1.0-M1 to 10.1.0-M8, 10.0.0-M5 to 10.0.14, 9.0.35 to 9.0.56 and 8.5.55 to 8.5.73 that allowed ...……

作者：菜鸟教程小白 | 时间：2022-6-23 07:51 | 阅读：78 | 回复：0
CVE-2021-28096

An issue was discovered in Stormshield SNS before 4.2.3 (when the proxy is used). An attacker can saturate the proxy connection table. This would result in the proxy denying any new connections.……

作者：菜鸟教程小白 | 时间：2022-6-23 07:51 | 阅读：56 | 回复：0
CVE-2022-0348

Cross-site Scripting (XSS) - Stored in Packagist pimcore/pimcore prior to 10.2.……

作者：菜鸟教程小白 | 时间：2022-6-23 07:51 | 阅读：42 | 回复：0
CVE-2021-46065

A Cross-site scripting (XSS) vulnerability in Secondary Email Field in Zoho ManageEngine ServiceDesk Plus 11.3 Build 11306 allows an attackers to inject arbitrary JavaScript code.……

作者：菜鸟教程小白 | 时间：2022-6-23 07:51 | 阅读：73 | 回复：0
CVE-2021-46088

Zabbix 4.0 LTS, 4.2, 4.4, and 5.0 LTS is vulnerable to Remote Code Execution (RCE). Any user with the Zabbix Admin role is able to run custom shell script on the application server in the context of t ...……

作者：菜鸟教程小白 | 时间：2022-6-23 07:51 | 阅读：32 | 回复：0
CVE-2021-46097

Dolphinphp v1.5.0 contains a remote code execution vulnerability in /application/common.php#action_log……

作者：菜鸟教程小白 | 时间：2022-6-23 07:51 | 阅读：30 | 回复：0
CVE-2021-46102

From version 0.2.14 to 0.2.16 for Solana rBPF, function relocate in the file src/elf.rs has an integer overflow bug because the sym.st_value is read directly from ELF file without checking. If the sym ...……

作者：菜鸟教程小白 | 时间：2022-6-23 07:51 | 阅读：25 | 回复：0
CVE-2021-46377

There is a front-end sql injection vulnerability in cszcms 1.2.9 via cszcms/controllers/Member.php#viewUser……

作者：菜鸟教程小白 | 时间：2022-6-23 07:51 | 阅读：27 | 回复：0
CVE-2021-46427

An SQL Injection vulnerability exists in Sourcecodester Simple Chatbot Application 1.0 via the message parameter in Master.php.……

作者：菜鸟教程小白 | 时间：2022-6-23 07:51 | 阅读：24 | 回复：0
CVE-2021-46428

A Remote Code Execution (RCE) vulnerability exists in Sourcecodester Simple Chatbot Application 1.0 ( and previous versions via the bot_avatar parameter in SystemSettings.php.……

作者：菜鸟教程小白 | 时间：2022-6-23 07:51 | 阅读：23 | 回复：0
CVE-2021-46484

Jsish v3.5.0 was discovered to contain a heap-use-after-free via Jsi_IncrRefCount in src/jsiValue.c. This vulnerability can lead to a Denial of Service (DoS).……

作者：菜鸟教程小白 | 时间：2022-6-23 07:51 | 阅读：21 | 回复：0
CVE-2021-46485

Jsish v3.5.0 was discovered to contain a SEGV vulnerability via Jsi_ValueIsNumber at src/jsiValue.c. This vulnerability can lead to a Denial of Service (DoS).……

作者：菜鸟教程小白 | 时间：2022-6-23 07:51 | 阅读：17 | 回复：0
CVE-2021-46486

Jsish v3.5.0 was discovered to contain a SEGV vulnerability via jsi_ArraySpliceCmd at src/jsiArray.c. This vulnerability can lead to a Denial of Service (DoS).……

作者：菜鸟教程小白 | 时间：2022-6-23 07:51 | 阅读：17 | 回复：0
CVE-2021-46487

Jsish v3.5.0 was discovered to contain a SEGV vulnerability via /lib/x86_64-linux-gnu/libc.so.6+0x18e506. This vulnerability can lead to a Denial of Service (DoS).……

作者：菜鸟教程小白 | 时间：2022-6-23 07:51 | 阅读：16 | 回复：0
CVE-2021-46488

Jsish v3.5.0 was discovered to contain a SEGV vulnerability via jsi_ArrayConcatCmd at src/jsiArray.c. This vulnerability can lead to a Denial of Service (DoS).……

作者：菜鸟教程小白 | 时间：2022-6-23 07:51 | 阅读：18 | 回复：0
CVE-2021-46489

Jsish v3.5.0 was discovered to contain a heap-use-after-free via Jsi_DecrRefCount in src/jsiValue.c. This vulnerability can lead to a Denial of Service (DoS).……

作者：菜鸟教程小白 | 时间：2022-6-23 07:51 | 阅读：17 | 回复：0
CVE-2021-46490

Jsish v3.5.0 was discovered to contain a SEGV vulnerability via NumberConstructor at src/jsiNumber.c. This vulnerability can lead to a Denial of Service (DoS).……

作者：菜鸟教程小白 | 时间：2022-6-23 07:51 | 阅读：15 | 回复：0
CVE-2021-46491

Jsish v3.5.0 was discovered to contain a SEGV vulnerability via Jsi_CommandPkgOpts at src/jsiCmds.c. This vulnerability can lead to a Denial of Service (DoS).……

作者：菜鸟教程小白 | 时间：2022-6-23 07:51 | 阅读：13 | 回复：0
CVE-2021-46492

Jsish v3.5.0 was discovered to contain a SEGV vulnerability via Jsi_FunctionInvoke at src/jsiFunc.c. This vulnerability can lead to a Denial of Service (DoS).……

作者：菜鸟教程小白 | 时间：2022-6-23 07:51 | 阅读：10 | 回复：0
CVE-2021-46494

Jsish v3.5.0 was discovered to contain a heap-use-after-free via jsi_ValueLookupBase in src/jsiValue.c. This vulnerability can lead to a Denial of Service (DoS).……

作者：菜鸟教程小白 | 时间：2022-6-23 07:51 | 阅读：9 | 回复：0
CVE-2021-46495

Jsish v3.5.0 was discovered to contain a heap-use-after-free via DeleteTreeValue in src/jsiObj.c. This vulnerability can lead to a Denial of Service (DoS).……

作者：菜鸟教程小白 | 时间：2022-6-23 07:51 | 阅读：9 | 回复：0
CVE-2021-46496

Jsish v3.5.0 was discovered to contain a heap-use-after-free via Jsi_ObjFree in src/jsiObj.c. This vulnerability can lead to a Denial of Service (DoS).……

作者：菜鸟教程小白 | 时间：2022-6-23 07:51 | 阅读：9 | 回复：0
CVE-2021-46497

Jsish v3.5.0 was discovered to contain a heap-use-after-free via jsi_UserObjDelete in src/jsiUserObj.c. This vulnerability can lead to a Denial of Service (DoS).……

作者：菜鸟教程小白 | 时间：2022-6-23 07:51 | 阅读：9 | 回复：0
CVE-2021-46498

Jsish v3.5.0 was discovered to contain a heap-use-after-free via jsi_wswebsocketObjFree in src/jsiWebSocket.c. This vulnerability can lead to a Denial of Service (DoS).……

作者：菜鸟教程小白 | 时间：2022-6-23 07:51 | 阅读：9 | 回复：0
CVE-2021-46499

Jsish v3.5.0 was discovered to contain a heap-use-after-free via jsi_ValueCopyMove in src/jsiValue.c. This vulnerability can lead to a Denial of Service (DoS).……

作者：菜鸟教程小白 | 时间：2022-6-23 07:51 | 阅读：9 | 回复：0
CVE-2021-46500

Jsish v3.5.0 was discovered to contain a heap-use-after-free via jsi_ArgTypeCheck in src/jsiFunc.c. This vulnerability can lead to a Denial of Service (DoS).……

作者：菜鸟教程小白 | 时间：2022-6-23 07:51 | 阅读：9 | 回复：0
CVE-2021-46501

Jsish v3.5.0 was discovered to contain a heap-use-after-free via SortSubCmd in src/jsiArray.c. This vulnerability can lead to a Denial of Service (DoS).……

作者：菜鸟教程小白 | 时间：2022-6-23 07:51 | 阅读：9 | 回复：0
CVE-2021-46502

Jsish v3.5.0 was discovered to contain a heap-use-after-free via /usr/lib/x86_64-linux-gnu/libasan.so.4+0x5166d. This vulnerability can lead to a Denial of Service (DoS).……

作者：菜鸟教程小白 | 时间：2022-6-23 07:51 | 阅读：9 | 回复：0