• 设为首页
  • 点击收藏
  • 手机版
    手机扫一扫访问
    迪恩网络手机版
  • 关注官方公众号
    微信扫一扫关注
    公众号
登陆 注册
OStack程序员社区-中国程序员成长平台 门户 漏洞CVE漏洞

CVE漏洞

RSS
  • CVE-2021-33827
    CVE-2021-33827
    The files_antivirus component before 1.0.0 for ownCloud allows OS Command Injection via the administration settings.……
    作者:菜鸟教程小白 | 时间:2022-6-22 22:06 | 阅读:5 | 回复:0
  • CVE-2021-33828
    CVE-2021-33828
    The files_antivirus component before 1.0.0 for ownCloud mishandles the protection mechanism by which malicious files (that have been uploaded to a public share) are supposed to be deleted upon detecti ...……
    作者:菜鸟教程小白 | 时间:2022-6-22 22:06 | 阅读:5 | 回复:0
  • CVE-2021-44537
    CVE-2021-44537
    ownCloud owncloud/client before 2.9.2 allows Resource Injection by a server into the desktop client via a URL, leading to remote code execution.……
    作者:菜鸟教程小白 | 时间:2022-6-22 22:06 | 阅读:5 | 回复:0
  • CVE-2022-0238
    CVE-2022-0238
    phoronix-test-suite is vulnerable to Cross-Site Request Forgery (CSRF)……
    作者:菜鸟教程小白 | 时间:2022-6-22 22:06 | 阅读:5 | 回复:0
  • CVE-2022-0235
    CVE-2022-0235
    node-fetch is vulnerable to Exposure of Sensitive Information to an Unauthorized Actor……
    作者:菜鸟教程小白 | 时间:2022-6-22 22:06 | 阅读:5 | 回复:0
  • CVE-2021-4170
    CVE-2021-4170
    calibre-web is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')……
    作者:菜鸟教程小白 | 时间:2022-6-22 22:06 | 阅读:5 | 回复:0
  • CVE-2022-23303
    CVE-2022-23303
    The implementations of SAE in hostapd before 2.10 and wpa_supplicant before 2.10 are vulnerable to side channel attacks as a result of cache access patterns. NOTE: this issue exists because of an inco ...……
    作者:菜鸟教程小白 | 时间:2022-6-22 22:06 | 阅读:5 | 回复:0
  • CVE-2022-23304
    CVE-2022-23304
    The implementations of EAP-pwd in hostapd before 2.10 and wpa_supplicant before 2.10 are vulnerable to side-channel attacks as a result of cache access patterns. NOTE: this issue exists because of an ...……
    作者:菜鸟教程小白 | 时间:2022-6-22 22:06 | 阅读:5 | 回复:0
  • CVE-2022-0239
    CVE-2022-0239
    corenlp is vulnerable to Improper Restriction of XML External Entity Reference……
    作者:菜鸟教程小白 | 时间:2022-6-22 22:06 | 阅读:5 | 回复:0
  • CVE-2021-4171
    CVE-2021-4171
    calibre-web is vulnerable to Business Logic Errors……
    作者:菜鸟教程小白 | 时间:2022-6-22 22:06 | 阅读:5 | 回复:0
  • CVE-2022-0131
    CVE-2022-0131
    Jimoty App for Android versions prior to 3.7.42 uses a hard-coded API key for an external service. By exploiting this vulnerability, API key for an external service may be obtained by analyzing data i ...……
    作者:菜鸟教程小白 | 时间:2022-6-22 22:06 | 阅读:5 | 回复:0
  • CVE-2022-0180
    CVE-2022-0180
    Cross-site request forgery (CSRF) vulnerability in Quiz And Survey Master versions prior to 7.3.7 allows a remote attacker to hijack the authentication of administrators and conduct arbitrary operatio ...……
    作者:菜鸟教程小白 | 时间:2022-6-22 22:06 | 阅读:5 | 回复:0
  • CVE-2022-0181
    CVE-2022-0181
    Reflected cross-site scripting vulnerability in Quiz And Survey Master versions prior to 7.3.7 allows a remote attacker to inject an arbitrary script via unspecified vectors.……
    作者:菜鸟教程小白 | 时间:2022-6-22 22:06 | 阅读:5 | 回复:0
  • CVE-2022-0182
    CVE-2022-0182
    Stored cross-site scripting vulnerability in Quiz And Survey Master versions prior to 7.3.7 allows a remote authenticated attacker to inject an arbitrary script via an website that uses Quiz And Surve ...……
    作者:菜鸟教程小白 | 时间:2022-6-22 22:06 | 阅读:5 | 回复:0
  • CVE-2022-0183
    CVE-2022-0183
    Missing encryption of sensitive data vulnerability in 'MIRUPASS' PW10 firmware all versions and 'MIRUPASS' PW20 firmware all versions allows an attacker who can physically access the d ...……
    作者:菜鸟教程小白 | 时间:2022-6-22 22:06 | 阅读:5 | 回复:0
  • CVE-2022-0184
    CVE-2022-0184
    Insufficiently protected credentials vulnerability in 'TEPRA' PRO SR5900P Ver.1.080 and earlier and 'TEPRA' PRO SR-R7900P Ver.1.030 and earlier allows an attacker on the adjacent netwo ...……
    作者:菜鸟教程小白 | 时间:2022-6-22 22:06 | 阅读:5 | 回复:0
  • CVE-2021-3853
    CVE-2021-3853
    chaskiq is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')……
    作者:菜鸟教程小白 | 时间:2022-6-22 22:06 | 阅读:5 | 回复:0
  • CVE-2021-3857
    CVE-2021-3857
    chaskiq is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')……
    作者:菜鸟教程小白 | 时间:2022-6-22 22:06 | 阅读:5 | 回复:0
  • CVE-2021-24838
    CVE-2021-24838
    The AnyComment WordPress plugin before 0.3.5 has an API endpoint which passes user input via the redirect parameter to the wp_redirect() function without being validated first, leading to an Open Redi ...……
    作者:菜鸟教程小白 | 时间:2022-6-22 22:06 | 阅读:5 | 回复:0
  • CVE-2021-24909
    CVE-2021-24909
    The ACF Photo Gallery Field WordPress plugin before 1.7.5 does not sanitise and escape the post parameter in the includes/acf_photo_gallery_metabox_edit.php file before outputing back in an attribute, ...……
    作者:菜鸟教程小白 | 时间:2022-6-22 22:06 | 阅读:5 | 回复:0
  • CVE-2021-25005
    CVE-2021-25005
    The SEUR Oficial WordPress plugin before 1.7.0 does not sanitize and escape some of its settings allowing high privilege users to perform Cross-Site Scripting attacks even when the unfiltered_html cap ...……
    作者:菜鸟教程小白 | 时间:2022-6-22 22:06 | 阅读:5 | 回复:0
  • CVE-2021-25024
    CVE-2021-25024
    The EventCalendar WordPress plugin before 1.1.51 does not escape some user input before outputting it back in attributes, leading to Reflected Cross-SIte Scripting issues……
    作者:菜鸟教程小白 | 时间:2022-6-22 22:06 | 阅读:5 | 回复:0
  • CVE-2021-25025
    CVE-2021-25025
    The EventCalendar WordPress plugin before 1.1.51 does not have proper authorisation and CSRF checks in the add_calendar_event AJAX actions, allowing users with a role as low as subscriber to create ev ...……
    作者:菜鸟教程小白 | 时间:2022-6-22 22:06 | 阅读:5 | 回复:0
  • CVE-2021-25036
    CVE-2021-25036
    The All in One SEO WordPress plugin before 4.1.5.3 is affected by a Privilege Escalation issue, which was discovered during an internal audit by the Jetpack Scan team, and may grant bad actors access ...……
    作者:菜鸟教程小白 | 时间:2022-6-22 22:06 | 阅读:5 | 回复:0
  • CVE-2021-25037
    CVE-2021-25037
    The All in One SEO WordPress plugin before 4.1.5.3 is affected by an authenticated SQL injection issue, which was discovered during an internal audit by the Jetpack Scan team, and could grant attacker ...……
    作者:菜鸟教程小白 | 时间:2022-6-22 22:06 | 阅读:5 | 回复:0
  • CVE-2021-25046
    CVE-2021-25046
    The Modern Events Calendar Lite WordPress plugin before 6.2.0 alloed any logged-in user, even a subscriber user, may add a category whose parameters are incorrectly escaped in the admin panel, leading ...……
    作者:菜鸟教程小白 | 时间:2022-6-22 22:06 | 阅读:5 | 回复:0
  • CVE-2021-25061
    CVE-2021-25061
    The WP Booking System WordPress plugin before 2.0.15 was affected by a reflected xss in wp-booking-system on the wpbs-calendars admin page.……
    作者:菜鸟教程小白 | 时间:2022-6-22 22:06 | 阅读:5 | 回复:0
  • CVE-2021-25065
    CVE-2021-25065
    The Smash Balloon Social Post Feed WordPress plugin before 4.1.1 was affected by a reflected XSS in custom-facebook-feed in cff-top admin page.……
    作者:菜鸟教程小白 | 时间:2022-6-22 22:06 | 阅读:5 | 回复:0
  • CVE-2021-25067
    CVE-2021-25067
    The Landing Page Builder WordPress plugin before 1.4.9.6 was affected by a reflected XSS in page-builder-add on the ulpb_post admin page.……
    作者:菜鸟教程小白 | 时间:2022-6-22 22:06 | 阅读:5 | 回复:0
  • CVE-2021-4164
    CVE-2021-4164
    calibre-web is vulnerable to Cross-Site Request Forgery (CSRF)……
    作者:菜鸟教程小白 | 时间:2022-6-22 22:06 | 阅读:5 | 回复:0
  • CVE-2021-3862
    CVE-2021-3862
    icecoder is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')……
    作者:菜鸟教程小白 | 时间:2022-6-22 22:06 | 阅读:5 | 回复:0
  • CVE-2022-0240
    CVE-2022-0240
    mruby is vulnerable to NULL Pointer Dereference……
    作者:菜鸟教程小白 | 时间:2022-6-22 22:06 | 阅读:5 | 回复:0
  • CVE-2022-0253
    CVE-2022-0253
    livehelperchat is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')……
    作者:菜鸟教程小白 | 时间:2022-6-22 22:06 | 阅读:5 | 回复:0
  • CVE-2022-0256
    CVE-2022-0256
    pimcore is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')……
    作者:菜鸟教程小白 | 时间:2022-6-22 22:06 | 阅读:5 | 回复:0
  • CVE-2022-0257
    CVE-2022-0257
    pimcore is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')……
    作者:菜鸟教程小白 | 时间:2022-6-22 22:06 | 阅读:5 | 回复:0
  • CVE-2022-0258
    CVE-2022-0258
    pimcore is vulnerable to Improper Neutralization of Special Elements used in an SQL Command……
    作者:菜鸟教程小白 | 时间:2022-6-22 22:06 | 阅读:5 | 回复:0
  • CVE-2021-33040
    CVE-2021-33040
    managers/views/iframe.js in FuturePress EPub.js before 0.3.89 allows XSS.……
    作者:菜鸟教程小白 | 时间:2022-6-22 22:06 | 阅读:5 | 回复:0
  • CVE-2021-38965
    CVE-2021-38965
    IBM FileNet Content Manager 5.5.4, 5.5.6, and 5.5.7 could allow a remote authenticated attacker to execute arbitrary commands on the system by sending a specially crafted request. IBM X-Force ID: 2123 ...……
    作者:菜鸟教程小白 | 时间:2022-6-22 22:06 | 阅读:5 | 回复:0
  • CVE-2022-0242
    CVE-2022-0242
    Unrestricted Upload of File with Dangerous Type in GitHub repository crater-invoice/crater prior to 6.0.……
    作者:菜鸟教程小白 | 时间:2022-6-22 22:06 | 阅读:5 | 回复:0
  • CVE-2021-42357
    CVE-2021-42357
    When using Apache Knox SSO prior to 1.6.1, a request could be crafted to redirect a user to a malicious page due to improper URL parsing. A request that included a specially crafted request parameter ...……
    作者:菜鸟教程小白 | 时间:2022-6-22 22:06 | 阅读:5 | 回复:0

关注我们

极客给你想要的成长

关注极客中国获取最新资讯

加入Q群 官方微博
热门推荐
More+
专题导读
More+
热门话题
More+
阅读排行榜

扫描微信二维码

查看手机版网站

随时了解更新最新资讯

139-2527-9053

在线客服(服务时间 9:00~18:00)

在线QQ客服
地址:深圳市南山区西丽大学城创智工业园
电邮:jeky_zhao#qq.com
移动电话:139-2527-9053

Powered by 互联科技 X3.4© 2001-2213 极客世界.|Sitemap