CVE漏洞

OStack程序员社区-中国程序员成长平台 › 门户 › 漏洞›CVE漏洞

RSS

CVE-2021-34993

This vulnerability allows remote attackers to bypass authentication on affected installations of Commvault CommCell 11.22.22. Authentication is not required to exploit this vulnerability. The specific ...……

作者：菜鸟教程小白 | 时间：2022-6-22 22:04 | 阅读：46 | 回复：0
CVE-2021-34994

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Commvault CommCell 11.22.22. Although authentication is required to exploit this vulnerability, the ex ...……

作者：菜鸟教程小白 | 时间：2022-6-22 22:04 | 阅读：52 | 回复：0
CVE-2021-34995

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Commvault CommCell 11.22.22. Although authentication is required to exploit this vulnerability, the ex ...……

作者：菜鸟教程小白 | 时间：2022-6-22 22:04 | 阅读：51 | 回复：0
CVE-2021-34996

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Commvault CommCell 11.22.22. Although authentication is required to exploit this vulnerability, the ex ...……

作者：菜鸟教程小白 | 时间：2022-6-22 22:04 | 阅读：58 | 回复：0
CVE-2021-34997

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Commvault CommCell 11.22.22. Although authentication is required to exploit this vulnerability, the ex ...……

作者：菜鸟教程小白 | 时间：2022-6-22 22:04 | 阅读：81 | 回复：0
CVE-2021-34998

This vulnerability allows local attackers to escalate privileges on affected installations of Panda Security Free Antivirus 20.2.0.0. An attacker must first obtain the ability to execute low-privilege ...……

作者：菜鸟教程小白 | 时间：2022-6-22 22:04 | 阅读：77 | 回复：0
CVE-2022-0178

snipe-it is vulnerable to Improper Access Control……

作者：菜鸟教程小白 | 时间：2022-6-22 22:04 | 阅读：58 | 回复：0
CVE-2021-45760

GPAC v1.1.0 was discovered to contain an invalid memory address dereference via the function gf_list_last(). This vulnerability allows attackers to cause a Denial of Service (DoS).……

作者：菜鸟教程小白 | 时间：2022-6-22 22:04 | 阅读：67 | 回复：0
CVE-2021-38677

A cross-site scripting (XSS) vulnerability has been reported to affect QNAP device running QcalAgent. If exploited, this vulnerability allows remote attackers to inject malicious code. We have already ...……

作者：菜鸟教程小白 | 时间：2022-6-22 22:04 | 阅读：48 | 回复：0
CVE-2021-38678

An open redirect vulnerability has been reported to affect QNAP device running QcalAgent. If exploited, this vulnerability allows attackers to redirect users to an untrusted page that contains malware ...……

作者：菜鸟教程小白 | 时间：2022-6-22 22:04 | 阅读：30 | 回复：0
CVE-2021-38682

A stack buffer overflow vulnerability has been reported to affect QNAP device running QVR Elite, QVR Pro, QVR Guard. If exploited, this vulnerability allows attackers to execute arbitrary code. We hav ...……

作者：菜鸟教程小白 | 时间：2022-6-22 22:04 | 阅读：31 | 回复：0
CVE-2021-38689

A stack buffer overflow vulnerability has been reported to affect QNAP device running QVR Elite, QVR Pro, QVR Guard. If exploited, this vulnerability allows attackers to execute arbitrary code. We hav ...……

作者：菜鸟教程小白 | 时间：2022-6-22 22:04 | 阅读：31 | 回复：0
CVE-2021-38690

A stack buffer overflow vulnerability has been reported to affect QNAP device running QVR Elite, QVR Pro, QVR Guard. If exploited, this vulnerability allows attackers to execute arbitrary code. We hav ...……

作者：菜鸟教程小白 | 时间：2022-6-22 22:04 | 阅读：31 | 回复：0
CVE-2021-38691

A stack buffer overflow vulnerability has been reported to affect QNAP device running QVR Elite, QVR Pro, QVR Guard. If exploited, this vulnerability allows attackers to execute arbitrary code. We hav ...……

作者：菜鸟教程小白 | 时间：2022-6-22 22:04 | 阅读：28 | 回复：0
CVE-2021-38692

A stack buffer overflow vulnerability has been reported to affect QNAP device running QVR Elite, QVR Pro, QVR Guard. If exploited, this vulnerability allows attackers to execute arbitrary code. We hav ...……

作者：菜鸟教程小白 | 时间：2022-6-22 22:04 | 阅读：28 | 回复：0
CVE-2021-46255

eyouCMS V1.5.5-UTF8-SP3_1 suffers from Arbitrary file deletion due to insufficient filtering of the parameter filename.……

作者：菜鸟教程小白 | 时间：2022-6-22 22:04 | 阅读：26 | 回复：0
CVE-2022-20635

Multiple vulnerabilities in the web-based management interface of Cisco Security Manager could allow an unauthenticated, remote attacker to conduct cross-site scripting attacks against a user of the i ...……

作者：菜鸟教程小白 | 时间：2022-6-22 22:04 | 阅读：35 | 回复：0
CVE-2022-20636

Multiple vulnerabilities in the web-based management interface of Cisco Security Manager could allow an unauthenticated, remote attacker to conduct cross-site scripting attacks against a user of the i ...……

作者：菜鸟教程小白 | 时间：2022-6-22 22:04 | 阅读：58 | 回复：0
CVE-2022-20637

Multiple vulnerabilities in the web-based management interface of Cisco Security Manager could allow an unauthenticated, remote attacker to conduct cross-site scripting attacks against a user of the i ...……

作者：菜鸟教程小白 | 时间：2022-6-22 22:04 | 阅读：37 | 回复：0
CVE-2022-20638

Multiple vulnerabilities in the web-based management interface of Cisco Security Manager could allow an unauthenticated, remote attacker to conduct cross-site scripting attacks against a user of the i ...……

作者：菜鸟教程小白 | 时间：2022-6-22 22:04 | 阅读：31 | 回复：0
CVE-2022-20639

Multiple vulnerabilities in the web-based management interface of Cisco Security Manager could allow an unauthenticated, remote attacker to conduct cross-site scripting attacks against a user of the i ...……

作者：菜鸟教程小白 | 时间：2022-6-22 22:04 | 阅读：29 | 回复：0
CVE-2022-20640

Multiple vulnerabilities in the web-based management interface of Cisco Security Manager could allow an unauthenticated, remote attacker to conduct cross-site scripting attacks against a user of the i ...……

作者：菜鸟教程小白 | 时间：2022-6-22 22:04 | 阅读：33 | 回复：0
CVE-2022-20641

Multiple vulnerabilities in the web-based management interface of Cisco Security Manager could allow an unauthenticated, remote attacker to conduct cross-site scripting attacks against a user of the i ...……

作者：菜鸟教程小白 | 时间：2022-6-22 22:04 | 阅读：35 | 回复：0
CVE-2022-20642

Multiple vulnerabilities in the web-based management interface of Cisco Security Manager could allow an unauthenticated, remote attacker to conduct cross-site scripting attacks against a user of the i ...……

作者：菜鸟教程小白 | 时间：2022-6-22 22:04 | 阅读：38 | 回复：0
CVE-2022-20643

Multiple vulnerabilities in the web-based management interface of Cisco Security Manager could allow an unauthenticated, remote attacker to conduct cross-site scripting attacks against a user of the i ...……

作者：菜鸟教程小白 | 时间：2022-6-22 22:04 | 阅读：34 | 回复：0
CVE-2022-20644

Multiple vulnerabilities in the web-based management interface of Cisco Security Manager could allow an unauthenticated, remote attacker to conduct cross-site scripting attacks against a user of the i ...……

作者：菜鸟教程小白 | 时间：2022-6-22 22:04 | 阅读：38 | 回复：0
CVE-2022-20645

Multiple vulnerabilities in the web-based management interface of Cisco Security Manager could allow an unauthenticated, remote attacker to conduct cross-site scripting attacks against a user of the i ...……

作者：菜鸟教程小白 | 时间：2022-6-22 22:04 | 阅读：42 | 回复：0
CVE-2022-20646

Multiple vulnerabilities in the web-based management interface of Cisco Security Manager could allow an unauthenticated, remote attacker to conduct cross-site scripting attacks against a user of the i ...……

作者：菜鸟教程小白 | 时间：2022-6-22 22:04 | 阅读：48 | 回复：0
CVE-2022-20647

Multiple vulnerabilities in the web-based management interface of Cisco Security Manager could allow an unauthenticated, remote attacker to conduct cross-site scripting attacks against a user of the i ...……

作者：菜鸟教程小白 | 时间：2022-6-22 22:04 | 阅读：60 | 回复：0
CVE-2022-20658

A vulnerability in the web-based management interface of Cisco Unified Contact Center Management Portal (Unified CCMP) and Cisco Unified Contact Center Domain Manager (Unified CCDM) could allow an aut ...……

作者：菜鸟教程小白 | 时间：2022-6-22 22:04 | 阅读：54 | 回复：0
CVE-2022-20660

A vulnerability in the information storage architecture of several Cisco IP Phone models could allow an unauthenticated, physical attacker to obtain confidential information from an affected device. T ...……

作者：菜鸟教程小白 | 时间：2022-6-22 22:04 | 阅读：90 | 回复：0
CVE-2022-22054

ASUS RT-AX56U’s login function contains a path traversal vulnerability due to its inadequate filtering for special characters in URL parameters, which allows an unauthenticated local area network att ...……

作者：菜鸟教程小白 | 时间：2022-6-22 22:04 | 阅读：216 | 回复：0
CVE-2022-22055

The Le-yan dental management system contains an SQL-injection vulnerability. An unauthenticated remote attacker can inject SQL commands into the input field of the login page to acquire administrator ...……

作者：菜鸟教程小白 | 时间：2022-6-22 22:04 | 阅读：94 | 回复：0
CVE-2022-22056

The Le-yan dental management system contains a hard-coded credentials vulnerability in the web page source code, which allows an unauthenticated remote attacker to acquire administrator’s privilege a ...……

作者：菜鸟教程小白 | 时间：2022-6-22 22:04 | 阅读：67 | 回复：0
CVE-2022-20698

A vulnerability in the OOXML parsing module in Clam AntiVirus (ClamAV) Software version 0.104.1 and LTS version 0.103.4 and prior versions could allow an unauthenticated, remote attacker to cause a de ...……

作者：菜鸟教程小白 | 时间：2022-6-22 22:04 | 阅读：54 | 回复：0
CVE-2022-23218

The deprecated compatibility function svcunix_create in the sunrpc module of the GNU C Library (aka glibc) through 2.34 copies its path argument on the stack without validating its length, which may r ...……

作者：菜鸟教程小白 | 时间：2022-6-22 22:04 | 阅读：42 | 回复：0
CVE-2022-23219

The deprecated compatibility function clnt_create in the sunrpc module of the GNU C Library (aka glibc) through 2.34 copies its hostname argument on the stack without validating its length, which may ...……

作者：菜鸟教程小白 | 时间：2022-6-22 22:04 | 阅读：37 | 回复：0
CVE-2022-23222

kernel/bpf/verifier.c in the Linux kernel through 5.15.14 allows local users to gain privileges because of the availability of pointer arithmetic via certain *_OR_NULL pointer types.……

作者：菜鸟教程小白 | 时间：2022-6-22 22:04 | 阅读：34 | 回复：0
CVE-2021-42551

Cross-site Scripting (XSS) vulnerability in the search functionality of AlCoda NetBiblio WebOPAC allows an unauthenticated user to craft a reflected Cross-Site Scripting attack. This issue affects: Al ...……

作者：菜鸟教程小白 | 时间：2022-6-22 22:04 | 阅读：37 | 回复：0
CVE-2021-36781

A Incorrect Default Permissions vulnerability in the parsec package of openSUSE Factory allows local attackers to imitate the service leading to DoS or clients talking to an imposter service. This iss ...……

作者：菜鸟教程小白 | 时间：2022-6-22 22:04 | 阅读：23 | 回复：0