• 设为首页
  • 点击收藏
  • 手机版
    手机扫一扫访问
    迪恩网络手机版
  • 关注官方公众号
    微信扫一扫关注
    公众号

CVE漏洞

RSS
  • CVE-2021-44584
    CVE-2021-44584
    Cross-site scripting (XSS) vulnerability in index.php in emlog version = pro-1.0.7 allows remote attackers to inject arbitrary web script or HTML via the s parameter.……
    作者:菜鸟教程小白 | 时间:2022-6-22 21:59 | 阅读:20 | 回复:0
  • CVE-2021-44878
    CVE-2021-44878
    If an OpenID Connect provider supports the none algorithm (i.e., tokens with no signature), pac4j v5.3.0 (and prior) does not refuse it without an explicit configuration on its side or for the idtoken ...……
    作者:菜鸟教程小白 | 时间:2022-6-22 21:59 | 阅读:22 | 回复:0
  • CVE-2021-45456
    CVE-2021-45456
    Apache kylin checks the legitimacy of the project before executing some commands with the project name passed in by the user. There is a mismatch between what is being checked and what is being used a ...……
    作者:菜鸟教程小白 | 时间:2022-6-22 21:59 | 阅读:24 | 回复:0
  • CVE-2021-45457
    CVE-2021-45457
    In Apache Kylin, Cross-origin requests with credentials are allowed to be sent from any origin. This issue affects Apache Kylin 2 version 2.6.6 and prior versions; Apache Kylin 3 version 3.1.2 and pri ...……
    作者:菜鸟教程小白 | 时间:2022-6-22 21:59 | 阅读:17 | 回复:0
  • CVE-2021-45458
    CVE-2021-45458
    Apache Kylin provides encryption classes PasswordPlaceholderConfigurer to help users encrypt their passwords. In the encryption algorithm used by this encryption class, the cipher is initialized with ...……
    作者:菜鸟教程小白 | 时间:2022-6-22 21:59 | 阅读:20 | 回复:0
  • CVE-2021-44590
    CVE-2021-44590
    In libming 0.4.8, a memory exhaustion vulnerability exist in the function cws2fws in util/main.c. Remote attackers could launch denial of service attacks by submitting a crafted SWF file that exploits ...……
    作者:菜鸟教程小白 | 时间:2022-6-22 21:59 | 阅读:21 | 回复:0
  • CVE-2021-44591
    CVE-2021-44591
    In libming 0.4.8, the parseSWF_DEFINELOSSLESS2 function in util/parser.c lacks a boundary check that would lead to denial-of-service attacks via a crafted SWF file.……
    作者:菜鸟教程小白 | 时间:2022-6-22 21:59 | 阅读:20 | 回复:0
  • CVE-2021-46076
    CVE-2021-46076
    Sourcecodester Vehicle Service Management System 1.0 is vulnerable to File upload. An attacker can upload a malicious php file in multiple endpoints it leading to Code Execution.……
    作者:菜鸟教程小白 | 时间:2022-6-22 21:59 | 阅读:19 | 回复:0
  • CVE-2021-46080
    CVE-2021-46080
    A Cross Site Request Forgery (CSRF) vulnerability exists in Vehicle Service Management System 1.0. An successful CSRF attacks leads to Stored Cross Site Scripting Vulnerability.……
    作者:菜鸟教程小白 | 时间:2022-6-22 21:59 | 阅读:18 | 回复:0
  • CVE-2021-45744
    CVE-2021-45744
    A Stored Cross Site Scripting (XSS) vulnerability exists in bludit 3.13.1 via the TAGS section in login panel.……
    作者:菜鸟教程小白 | 时间:2022-6-22 21:59 | 阅读:18 | 回复:0
  • CVE-2021-45745
    CVE-2021-45745
    A Stored Cross Site Scripting (XSS) vulnerability exists in Bludit 3.13.1 via the About Plugin in login panel.……
    作者:菜鸟教程小白 | 时间:2022-6-22 21:59 | 阅读:16 | 回复:0
  • CVE-2021-46067
    CVE-2021-46067
    In Vehicle Service Management System 1.0 an attacker can steal the cookies leading to Full Account Takeover.……
    作者:菜鸟教程小白 | 时间:2022-6-22 21:59 | 阅读:14 | 回复:0
  • CVE-2021-46068
    CVE-2021-46068
    A Stored Cross Site Scripting (XSS) vulnerability exists in Vehicle Service Management System 1.0 via the My Account Section in login panel.……
    作者:菜鸟教程小白 | 时间:2022-6-22 21:59 | 阅读:14 | 回复:0
  • CVE-2021-46069
    CVE-2021-46069
    A Stored Cross Site Scripting (XSS) vulnerability exists in Vehicle Service Management System 1.0 via the Mechanic List Section in login panel.……
    作者:菜鸟教程小白 | 时间:2022-6-22 21:59 | 阅读:14 | 回复:0
  • CVE-2021-46070
    CVE-2021-46070
    A Stored Cross Site Scripting (XSS) vulnerability exists in Vehicle Service Management System 1.0 via the Service Requests Section in login panel.……
    作者:菜鸟教程小白 | 时间:2022-6-22 21:59 | 阅读:12 | 回复:0
  • CVE-2021-46071
    CVE-2021-46071
    A Stored Cross Site Scripting (XSS) vulnerability exists in Vehicle Service Management System 1.0 via the Category List Section in login panel.……
    作者:菜鸟教程小白 | 时间:2022-6-22 21:59 | 阅读:10 | 回复:0
  • CVE-2021-46072
    CVE-2021-46072
    A Stored Cross Site Scripting (XSS) vulnerability exists in Vehicle Service Management System 1.0 via the Service List Section in login panel.……
    作者:菜鸟教程小白 | 时间:2022-6-22 21:59 | 阅读:8 | 回复:0
  • CVE-2021-46073
    CVE-2021-46073
    A Stored Cross Site Scripting (XSS) vulnerability exists in Sourcecodester Vehicle Service Management System 1.0 via the User List Section in login panel.……
    作者:菜鸟教程小白 | 时间:2022-6-22 21:59 | 阅读:6 | 回复:0
  • CVE-2021-46074
    CVE-2021-46074
    A Stored Cross Site Scripting (XSS) vulnerability exists in Sourcecodester Vehicle Service Management System 1.0 via the Settings Section in login panel.……
    作者:菜鸟教程小白 | 时间:2022-6-22 21:59 | 阅读:6 | 回复:0
  • CVE-2021-46075
    CVE-2021-46075
    A Privilege Escalation vulnerability exists in Sourcecodester Vehicle Service Management System 1.0. Staff account users can access the admin resources and perform CRUD Operations.……
    作者:菜鸟教程小白 | 时间:2022-6-22 21:59 | 阅读:6 | 回复:0
  • CVE-2021-46078
    CVE-2021-46078
    An Unrestricted File Upload vulnerability exists in Sourcecodester Vehicle Service Management System 1.0. A remote attacker can upload malicious files leading to a Stored Cross-Site Scripting vulnerab ...……
    作者:菜鸟教程小白 | 时间:2022-6-22 21:59 | 阅读:6 | 回复:0
  • CVE-2021-46079
    CVE-2021-46079
    An Unrestricted File Upload vulnerability exists in Sourcecodester Vehicle Service Management System 1.0. A remote attacker can upload malicious files leading to Html Injection.……
    作者:菜鸟教程小白 | 时间:2022-6-22 21:59 | 阅读:6 | 回复:0
  • CVE-2022-0128
    CVE-2022-0128
    vim is vulnerable to Out-of-bounds Read……
    作者:菜鸟教程小白 | 时间:2022-6-22 21:59 | 阅读:7 | 回复:0
  • CVE-2021-28714
    CVE-2021-28714
    Guest can force Linux netback driver to hog large amounts of kernel memory T Incoming data packets for a guest in the Linux kernel's netback driver are buffered until the guest is ready to process ...……
    作者:菜鸟教程小白 | 时间:2022-6-22 21:59 | 阅读:10 | 回复:0
  • CVE-2021-28715
    CVE-2021-28715
    Guest can force Linux netback driver to hog large amounts of kernel memory T Incoming data packets for a guest in the Linux kernel's netback driver are buffered until the guest is ready to process ...……
    作者:菜鸟教程小白 | 时间:2022-6-22 21:59 | 阅读:10 | 回复:0
  • CVE-2021-43045
    CVE-2021-43045
    A vulnerability in the .NET SDK of Apache Avro allows an attacker to allocate excessive resources, potentially causing a denial-of-service attack. This issue affects .NET applications using Apache Avr ...……
    作者:菜鸟教程小白 | 时间:2022-6-22 21:59 | 阅读:9 | 回复:0
  • CVE-2021-4194
    CVE-2021-4194
    bookstack is vulnerable to Improper Access Control……
    作者:菜鸟教程小白 | 时间:2022-6-22 21:59 | 阅读:10 | 回复:0
  • CVE-2021-46039
    CVE-2021-46039
    A Pointer Dereference Vulnerabilty exists in GPAC 1.0.1 via the shift_chunk_offsets.part function, which causes a Denial of Service (context-dependent).……
    作者:菜鸟教程小白 | 时间:2022-6-22 21:59 | 阅读:11 | 回复:0
  • CVE-2021-46040
    CVE-2021-46040
    A Pointer Dereference Vulnerabilty exists in GPAC 1.0.1 via the finplace_shift_moov_meta_offsets function, which causes a Denial of Servie (context-dependent).……
    作者:菜鸟教程小白 | 时间:2022-6-22 21:59 | 阅读:10 | 回复:0
  • CVE-2021-46041
    CVE-2021-46041
    A Segmentation Fault Vulnerability exists in GPAC 1.0.1 via the co64_box_new function, which causes a Denial of Service.……
    作者:菜鸟教程小白 | 时间:2022-6-22 21:59 | 阅读:12 | 回复:0
  • CVE-2021-46042
    CVE-2021-46042
    A Pointer Dereference Vulnerability exists in GPAC 1.0.1 via the _fseeko function, which causes a Denial of Service.……
    作者:菜鸟教程小白 | 时间:2022-6-22 21:59 | 阅读:11 | 回复:0
  • CVE-2021-42841
    CVE-2021-42841
    Insta HMS before 12.4.10 is vulnerable to XSS because of improper validation of user-supplied input by multiple scripts. A remote attacker could exploit this vulnerability via a crafted URL to execute ...……
    作者:菜鸟教程小白 | 时间:2022-6-22 21:59 | 阅读:12 | 回复:0
  • CVE-2021-46043
    CVE-2021-46043
    A Pointer Dereference Vulnerability exits in GPAC 1.0.1 in the gf_list_count function, which causes a Denial of Service.……
    作者:菜鸟教程小白 | 时间:2022-6-22 21:59 | 阅读:12 | 回复:0
  • CVE-2021-46044
    CVE-2021-46044
    A Pointer Dereference Vulnerabilty exists in GPAC 1.0.1via ShiftMetaOffset.isra, which causes a Denial of Service (context-dependent).……
    作者:菜鸟教程小白 | 时间:2022-6-22 21:59 | 阅读:12 | 回复:0
  • CVE-2022-21661
    CVE-2022-21661
    WordPress is a free and open-source content management system written in PHP and paired with a MariaDB database. Due to improper sanitization in WP_Query, there can be cases where SQL injection is pos ...……
    作者:菜鸟教程小白 | 时间:2022-6-22 21:59 | 阅读:12 | 回复:0
  • CVE-2022-21662
    CVE-2022-21662
    WordPress is a free and open-source content management system written in PHP and paired with a MariaDB database. Low-privileged authenticated users (like author) in WordPress core are able to execute ...……
    作者:菜鸟教程小白 | 时间:2022-6-22 21:59 | 阅读:15 | 回复:0
  • CVE-2022-21663
    CVE-2022-21663
    WordPress is a free and open-source content management system written in PHP and paired with a MariaDB database. On a multisite, users with Super Admin role can bypass explicit/additional hardening un ...……
    作者:菜鸟教程小白 | 时间:2022-6-22 21:59 | 阅读:11 | 回复:0
  • CVE-2022-21664
    CVE-2022-21664
    WordPress is a free and open-source content management system written in PHP and paired with a MariaDB database. Due to lack of proper sanitization in one of the classes, there's potential for uni ...……
    作者:菜鸟教程小白 | 时间:2022-6-22 21:59 | 阅读:13 | 回复:0
  • CVE-2021-25743
    CVE-2021-25743
    kubectl does not neutralize escape, meta or control sequences contained in the raw data it outputs to a terminal. This includes but is not limited to the unstructured string fields in objects such as ...……
    作者:菜鸟教程小白 | 时间:2022-6-22 21:59 | 阅读:11 | 回复:0
  • CVE-2021-38674
    CVE-2021-38674
    A cross-site scripting (XSS) vulnerability has been reported to affect QTS, QuTS hero and QuTScloud. If exploited, this vulnerability allows remote attackers to inject malicious code. We have already ...……
    作者:菜鸟教程小白 | 时间:2022-6-22 21:59 | 阅读:12 | 回复:0

关注我们

极客给你想要的成长

关注极客中国获取最新资讯

热门推荐
专题导读
阅读排行榜

扫描微信二维码

查看手机版网站

随时了解更新最新资讯

139-2527-9053

在线客服(服务时间 9:00~18:00)

在线QQ客服
地址:深圳市南山区西丽大学城创智工业园
电邮:jeky_zhao#qq.com
移动电话:139-2527-9053

Powered by 互联科技 X3.4© 2001-2213 极客世界.|Sitemap