• 设为首页
  • 点击收藏
  • 手机版
    手机扫一扫访问
    迪恩网络手机版
  • 关注官方公众号
    微信扫一扫关注
    公众号

CVE漏洞

RSS
  • CVE-2021-28711
    CVE-2021-28711
    Rogue backends can cause DoS of guests via high frequency events T Xen offers the ability to run PV backends in regular unprivileged guests, typically referred to as driver domains. Running PV backend ...……
    作者:菜鸟教程小白 | 时间:2022-6-22 21:59 | 阅读:14 | 回复:0
  • CVE-2021-28712
    CVE-2021-28712
    Rogue backends can cause DoS of guests via high frequency events T Xen offers the ability to run PV backends in regular unprivileged guests, typically referred to as driver domains. Running PV backend ...……
    作者:菜鸟教程小白 | 时间:2022-6-22 21:59 | 阅读:14 | 回复:0
  • CVE-2021-28713
    CVE-2021-28713
    Rogue backends can cause DoS of guests via high frequency events T Xen offers the ability to run PV backends in regular unprivileged guests, typically referred to as driver domains. Running PV backend ...……
    作者:菜鸟教程小白 | 时间:2022-6-22 21:59 | 阅读:13 | 回复:0
  • CVE-2021-38918
    CVE-2021-38918
    IBM PowerVM Hypervisor FW860, FW940, FW950, and FW1010, through a specific sequence of VM management operations could lead to a violation of the isolation between peer VMs. IBM X-Force ID: 210019.……
    作者:菜鸟教程小白 | 时间:2022-6-22 21:59 | 阅读:13 | 回复:0
  • CVE-2021-43779
    CVE-2021-43779
    GLPI is an open source IT Asset Management, issue tracking system and service desk system. The GLPI addressing plugin in versions 2.9.1 suffers from authenticated Remote Code Execution vulnerability, ...……
    作者:菜鸟教程小白 | 时间:2022-6-22 21:59 | 阅读:14 | 回复:0
  • CVE-2021-43816
    CVE-2021-43816
    containerd is an open source container runtime. On installations using SELinux, such as EL8 (CentOS, RHEL), Fedora, or SUSE MicroOS, with containerd since v1.5.0-beta.0 as the backing container runtim ...……
    作者:菜鸟教程小白 | 时间:2022-6-22 21:59 | 阅读:13 | 回复:0
  • CVE-2022-21642
    CVE-2022-21642
    Discourse is an open source platform for community discussion. In affected versions when composing a message from topic the composer user suggestions reveals whisper participants. The issue has been p ...……
    作者:菜鸟教程小白 | 时间:2022-6-22 21:59 | 阅读:13 | 回复:0
  • CVE-2021-45830
    CVE-2021-45830
    A heap-based buffer overflow vulnerability exists in HDF5 1.13.1-1 via H5F_addr_decode_len in /hdf5/src/H5Fint.c, which could cause a Denial of Service.……
    作者:菜鸟教程小白 | 时间:2022-6-22 21:59 | 阅读:14 | 回复:0
  • CVE-2021-45831
    CVE-2021-45831
    A Null Pointer Dereference vulnerability exitgs in GPAC 1.0.1 in MP4Box via __strlen_avx2, which causes a Denial of Service.……
    作者:菜鸟教程小白 | 时间:2022-6-22 21:59 | 阅读:16 | 回复:0
  • CVE-2022-21651
    CVE-2022-21651
    Shopware is an open source e-commerce software platform. An open redirect vulnerability has been discovered. Users may be arbitrary redirected due to incomplete URL handling in the shopware router. Th ...……
    作者:菜鸟教程小白 | 时间:2022-6-22 21:59 | 阅读:17 | 回复:0
  • CVE-2022-21652
    CVE-2022-21652
    Shopware is an open source e-commerce software platform. In affected versions shopware would not invalidate a user session in the event of a password change. With version 5.7.7 the session validation ...……
    作者:菜鸟教程小白 | 时间:2022-6-22 21:59 | 阅读:18 | 回复:0
  • CVE-2021-45832
    CVE-2021-45832
    A Stack-based Buffer Overflow Vulnerability exists in HDF5 1.13.1-1 at at hdf5/src/H5Eint.c, which causes a Denial of Service (context-dependent).……
    作者:菜鸟教程小白 | 时间:2022-6-22 21:59 | 阅读:26 | 回复:0
  • CVE-2021-45833
    CVE-2021-45833
    A Stack-based Buffer Overflow Vulnerability exists in HDF5 1.13.1-1 via the H5D__create_chunk_file_map_hyper function in /hdf5/src/H5Dchunk.c, which causes a Denial of Service (context-dependent).……
    作者:菜鸟教程小白 | 时间:2022-6-22 21:59 | 阅读:17 | 回复:0
  • CVE-2022-21653
    CVE-2022-21653
    Jawn is an open source JSON parser. Extenders of the `org.typelevel.jawn.SimpleFacade` and `org.typelevel.jawn.MutableFacade` who don't override `objectContext()` are vulnerable to a hash collisio ...……
    作者:菜鸟教程小白 | 时间:2022-6-22 21:59 | 阅读:16 | 回复:0
  • CVE-2020-5956
    CVE-2020-5956
    An issue was discovered in SdLegacySmm in Insyde InsydeH2O with kernel 5.1 before 05.15.11, 5.2 before 05.25.11, 5.3 before 05.34.11, and 5.4 before 05.42.11. The software SMI handler allows untrusted ...……
    作者:菜鸟教程小白 | 时间:2022-6-22 21:59 | 阅读:22 | 回复:0
  • CVE-2021-45969
    CVE-2021-45969
    An issue was discovered in AhciBusDxe in Insyde InsydeH2O with kernel 5.1 before 05.16.25, 5.2 before 05.26.25, 5.3 before 05.35.25, 5.4 before 05.43.25, and 5.5 before 05.51.25. A vulnerability exist ...……
    作者:菜鸟教程小白 | 时间:2022-6-22 21:59 | 阅读:22 | 回复:0
  • CVE-2021-45970
    CVE-2021-45970
    An issue was discovered in IdeBusDxe in Insyde InsydeH2O with kernel 5.1 before 05.16.25, 5.2 before 05.26.25, 5.3 before 05.35.25, 5.4 before 05.43.25, and 5.5 before 05.51.25. A vulnerability exists ...……
    作者:菜鸟教程小白 | 时间:2022-6-22 21:59 | 阅读:23 | 回复:0
  • CVE-2021-46038
    CVE-2021-46038
    A Pointer Dereference vulnerability exists in GPAC 1.0.1 in unlink_chunk.isra, which causes a Denial of Service (context-dependent).……
    作者:菜鸟教程小白 | 时间:2022-6-22 21:59 | 阅读:24 | 回复:0
  • CVE-2020-23986
    CVE-2020-23986
    Github Read Me Stats commit 3c7220e4f7144f6cb068fd433c774f6db47ccb95 was discovered to contain a reflected cross-site scripting (XSS) vulnerability via the function renderError.……
    作者:菜鸟教程小白 | 时间:2022-6-22 21:59 | 阅读:23 | 回复:0
  • CVE-2020-27428
    CVE-2020-27428
    A DOM-based cross-site scripting (XSS) vulnerability in Scratch-Svg-Renderer v0.2.0 allows attackers to execute arbitrary web scripts or HTML via a crafted sb3 file.……
    作者:菜鸟教程小白 | 时间:2022-6-22 21:59 | 阅读:25 | 回复:0
  • CVE-2021-41842
    CVE-2021-41842
    An issue was discovered in AtaLegacySmm in the kernel 5.0 before 05.08.46, 5.1 before 05.16.46, 5.2 before 05.26.46, 5.3 before 05.35.46, 5.4 before 05.43.46, and 5.5 before 05.51.45 in Insyde InsydeH ...……
    作者:菜鸟教程小白 | 时间:2022-6-22 21:59 | 阅读:27 | 回复:0
  • CVE-2021-45971
    CVE-2021-45971
    An issue was discovered in SdHostDriver in Insyde InsydeH2O with kernel 5.1 before 05.16.25, 5.2 before 05.26.25, 5.3 before 05.35.25, 5.4 before 05.43.25, and 5.5 before 05.51.25. A vulnerability exi ...……
    作者:菜鸟教程小白 | 时间:2022-6-22 21:59 | 阅读:43 | 回复:0
  • CVE-2021-43947
    CVE-2021-43947
    Affected versions of Atlassian Jira Server and Data Center allow remote attackers with administrator privileges to execute arbitrary code via a Remote Code Execution (RCE) vulnerability in the Email T ...……
    作者:菜鸟教程小白 | 时间:2022-6-22 21:59 | 阅读:29 | 回复:0
  • CVE-2022-0121
    CVE-2022-0121
    hoppscotch is vulnerable to Exposure of Sensitive Information to an Unauthorized Actor……
    作者:菜鸟教程小白 | 时间:2022-6-22 21:59 | 阅读:33 | 回复:0
  • CVE-2021-46141
    CVE-2021-46141
    An issue was discovered in uriparser before 0.9.6. It performs invalid free operations in uriFreeUriMembers and uriMakeOwner.……
    作者:菜鸟教程小白 | 时间:2022-6-22 21:59 | 阅读:56 | 回复:0
  • CVE-2021-46142
    CVE-2021-46142
    An issue was discovered in uriparser before 0.9.6. It performs invalid free operations in uriNormalizeSyntax.……
    作者:菜鸟教程小白 | 时间:2022-6-22 21:59 | 阅读:107 | 回复:0
  • CVE-2021-46143
    CVE-2021-46143
    In doProlog in xmlparse.c in Expat (aka libexpat) before 2.4.3, an integer overflow exists for m_groupSize.……
    作者:菜鸟教程小白 | 时间:2022-6-22 21:59 | 阅读:68 | 回复:0
  • CVE-2021-46144
    CVE-2021-46144
    Roundcube before 1.4.13 and 1.5.x before 1.5.2 allows XSS via an HTML e-mail message with crafted Cascading Style Sheets (CSS) token sequences.……
    作者:菜鸟教程小白 | 时间:2022-6-22 21:59 | 阅读:65 | 回复:0
  • CVE-2022-0122
    CVE-2022-0122
    forge is vulnerable to URL Redirection to Untrusted Site……
    作者:菜鸟教程小白 | 时间:2022-6-22 21:59 | 阅读:48 | 回复:0
  • CVE-2022-22704
    CVE-2022-22704
    The zabbix-agent2 package before 5.4.9-r1 for Alpine Linux sometimes allows privilege escalation to root because the design incorrectly expected that systemd would (in effect) determine part of the co ...……
    作者:菜鸟教程小白 | 时间:2022-6-22 21:59 | 阅读:66 | 回复:0
  • CVE-2021-46145
    CVE-2021-46145
    The keyfob subsystem in Honda Civic 2012 vehicles allows a replay attack for unlocking. This is related to a non-expiring rolling code and counter resynchronization.……
    作者:菜鸟教程小白 | 时间:2022-6-22 21:59 | 阅读:55 | 回复:0
  • CVE-2022-22707
    CVE-2022-22707
    In lighttpd 1.4.46 through 1.4.63, the mod_extforward_Forwarded function of the mod_extforward plugin has a stack-based buffer overflow (4 bytes representing -1), as demonstrated by remote denial of s ...……
    作者:菜鸟教程小白 | 时间:2022-6-22 21:59 | 阅读:60 | 回复:0
  • CVE-2021-36737
    CVE-2021-36737
    The input fields of the Apache Pluto UrlTestPortlet are vulnerable to Cross-Site Scripting (XSS) attacks. Users should migrate to version 3.1.1 of the v3-demo-portlet.war artifact……
    作者:菜鸟教程小白 | 时间:2022-6-22 21:59 | 阅读:32 | 回复:0
  • CVE-2021-36738
    CVE-2021-36738
    The input fields in the JSP version of the Apache Pluto Applicant MVCBean CDI portlet are vulnerable to Cross-Site Scripting (XSS) attacks. Users should migrate to version 3.1.1 of the applicant-mvcbe ...……
    作者:菜鸟教程小白 | 时间:2022-6-22 21:59 | 阅读:52 | 回复:0
  • CVE-2021-36739
    CVE-2021-36739
    The first name and last name fields of the Apache Pluto 3.1.0 MVCBean JSP portlet maven archetype are vulnerable to Cross-Site Scripting (XSS) attacks.……
    作者:菜鸟教程小白 | 时间:2022-6-22 21:59 | 阅读:35 | 回复:0
  • CVE-2021-44351
    CVE-2021-44351
    An arbitrary file read vulnerability exists in NavigateCMS 2.9 via /navigate/navigate_download.php id parameter.……
    作者:菜鸟教程小白 | 时间:2022-6-22 21:59 | 阅读:39 | 回复:0
  • CVE-2021-44564
    CVE-2021-44564
    A security vulnerability originally reported in the SYNC2101 product, and applicable to specific sub-families of SYNC devices, allows an attacker to download the configuration file used in the device ...……
    作者:菜鸟教程小白 | 时间:2022-6-22 21:59 | 阅读:34 | 回复:0
  • CVE-2021-27738
    CVE-2021-27738
    All request mappings in `StreamingCoordinatorController.java` handling `/kylin/api/streaming_coordinator/*` REST API endpoints did not include any security checks, which allowed an unauthenticated use ...……
    作者:菜鸟教程小白 | 时间:2022-6-22 21:59 | 阅读:23 | 回复:0
  • CVE-2021-31522
    CVE-2021-31522
    Kylin can receive user input and load any class through Class.forName(...). This issue affects Apache Kylin 2 version 2.6.6 and prior versions; Apache Kylin 3 version 3.1.2 and prior versions; Apache ...……
    作者:菜鸟教程小白 | 时间:2022-6-22 21:59 | 阅读:41 | 回复:0
  • CVE-2021-36774
    CVE-2021-36774
    Apache Kylin allows users to read data from other database systems using JDBC. The MySQL JDBC driver supports certain properties, which, if left unmitigated, can allow an attacker to execute arbitrary ...……
    作者:菜鸟教程小白 | 时间:2022-6-22 21:59 | 阅读:29 | 回复:0

关注我们

极客给你想要的成长

关注极客中国获取最新资讯

热门推荐
专题导读
阅读排行榜

扫描微信二维码

查看手机版网站

随时了解更新最新资讯

139-2527-9053

在线客服(服务时间 9:00~18:00)

在线QQ客服
地址:深圳市南山区西丽大学城创智工业园
电邮:jeky_zhao#qq.com
移动电话:139-2527-9053

Powered by 互联科技 X3.4© 2001-2213 极客世界.|Sitemap