• 设为首页
  • 点击收藏
  • 手机版
    手机扫一扫访问
    迪恩网络手机版
  • 关注官方公众号
    微信扫一扫关注
    公众号

CVE漏洞

RSS
  • CVE-2021-46019
    CVE-2021-46019
    An untrusted pointer dereference in rec_db_destroy() at rec-db.c of GNU Recutils v1.8.90 can lead to a segmentation fault or application crash.……
    作者:菜鸟教程小白 | 时间:2022-2-5 13:03 | 阅读:16 | 回复:0
  • CVE-2021-46020
    CVE-2021-46020
    An untrusted pointer dereference in mrb_vm_exec() of mruby v3.0.0 can lead to a segmentation fault or application crash.……
    作者:菜鸟教程小白 | 时间:2022-2-5 13:03 | 阅读:20 | 回复:0
  • CVE-2021-46021
    CVE-2021-46021
    An Use-After-Free vulnerability in rec_record_destroy() at rec-record.c of GNU Recutils v1.8.90 can lead to a segmentation fault or application crash.……
    作者:菜鸟教程小白 | 时间:2022-2-5 13:03 | 阅读:23 | 回复:0
  • CVE-2021-46022
    CVE-2021-46022
    An Use-After-Free vulnerability in rec_mset_elem_destroy() at rec-mset.c of GNU Recutils v1.8.90 can lead to a segmentation fault or application crash.……
    作者:菜鸟教程小白 | 时间:2022-2-5 13:03 | 阅读:18 | 回复:0
  • CVE-2021-46195
    CVE-2021-46195
    GCC v12.0 was discovered to contain an uncontrolled recursion via the component libiberty/rust-demangle.c. This vulnerability allows attackers to cause a Denial of Service (DoS) by consuming excessive ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 13:03 | 阅读:17 | 回复:0
  • CVE-2022-0130
    CVE-2022-0130
    Tenable.sc versions 5.14.0 through 5.19.1 were found to contain a remote code execution vulnerability which could allow a remote, unauthenticated attacker to execute code under special circumstances. ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 13:03 | 阅读:19 | 回复:0
  • CVE-2022-21137
    CVE-2022-21137
    Omron CX-One Versions 4.60 and prior are vulnerable to a stack-based buffer overflow while processing specific project files, which may allow an attacker to execute arbitrary code.……
    作者:菜鸟教程小白 | 时间:2022-2-5 13:03 | 阅读:22 | 回复:0
  • CVE-2022-22290
    CVE-2022-22290
    Incorrect download source UI in Downloads in Samsung Internet prior to 16.0.6.23 allows attackers to perform domain spoofing via a crafted HTML page.……
    作者:菜鸟教程小白 | 时间:2022-2-5 13:03 | 阅读:33 | 回复:0
  • CVE-2022-22529
    CVE-2022-22529
    SAP Enterprise Threat Detection (ETD) - version 2.0, does not sufficiently encode user-controlled inputs which may lead to an unauthorized attacker possibly exploit XSS vulnerability. The UIs in ETD a ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 13:03 | 阅读:25 | 回复:0
  • CVE-2022-22530
    CVE-2022-22530
    The F0743 Create Single Payment application of SAP S/4HANA - versions 100, 101, 102, 103, 104, 105, 106, does not check uploaded or downloaded files. This allows an attacker with basic user rights to ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 13:03 | 阅读:16 | 回复:0
  • CVE-2022-22531
    CVE-2022-22531
    The F0743 Create Single Payment application of SAP S/4HANA - versions 100, 101, 102, 103, 104, 105, 106, does not check uploaded or downloaded files. This allows an attacker with basic user rights to ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 13:03 | 阅读:28 | 回复:0
  • CVE-2021-46168
    CVE-2021-46168
    Spin v6.5.1 was discovered to contain an out-of-bounds write in lex() at spinlex.c.……
    作者:菜鸟教程小白 | 时间:2022-2-5 13:03 | 阅读:15 | 回复:0
  • CVE-2021-46169
    CVE-2021-46169
    Modex v2.11 was discovered to contain an Use-After-Free vulnerability via the component tcache.……
    作者:菜鸟教程小白 | 时间:2022-2-5 13:03 | 阅读:17 | 回复:0
  • CVE-2021-46170
    CVE-2021-46170
    An issue was discovered in JerryScript commit a6ab5e9. There is an Use-After-Free in lexer_compare_identifier_to_string in js-lexer.c file.……
    作者:菜鸟教程小白 | 时间:2022-2-5 13:03 | 阅读:14 | 回复:0
  • CVE-2021-46171
    CVE-2021-46171
    Modex v2.11 was discovered to contain a NULL pointer dereference in set_create_id() at xtract.c.……
    作者:菜鸟教程小白 | 时间:2022-2-5 13:03 | 阅读:17 | 回复:0
  • CVE-2021-24044
    CVE-2021-24044
    By passing invalid javascript code where await and yield were called upon non-async and non-generator getter/setter functions, Hermes would invoke generator functions and error out on invalid await/yi ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 13:03 | 阅读:18 | 回复:0
  • CVE-2022-23094
    CVE-2022-23094
    Libreswan 4.2 through 4.5 allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a crafted IKEv1 packet because pluto/ikev1.c wrongly expects that a state ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 13:03 | 阅读:24 | 回复:0
  • CVE-2021-33963
    CVE-2021-33963
    China Mobile An Lianbao WF-1 v1.0.1 router web interface through /api/ZRMacClone/mac_addr_clone receives parameters by POST request, and the parameter macType has a command injection vulnerability. An ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 13:03 | 阅读:10 | 回复:0
  • CVE-2021-44049
    CVE-2021-44049
    CyberArk Endpoint Privilege Manager (EPM) through 11.5.3.328 before 2021-12-20 allows a local user to gain elevated privileges via a Trojan horse Procmon64.exe in the user's Temp directory.……
    作者:菜鸟教程小白 | 时间:2022-2-5 13:03 | 阅读:10 | 回复:0
  • CVE-2022-23095
    CVE-2022-23095
    Open Design Alliance Drawings SDK before 2022.12.1 mishandles the loading of JPG files. Unchecked input data from a crafted JPG file leads to memory corruption. An attacker can leverage this vulnerabi ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 13:03 | 阅读:13 | 回复:0
  • CVE-2022-23178
    CVE-2022-23178
    An issue was discovered on Crestron HD-MD4X2-4K-E 1.0.0.2159 devices. When the administrative web interface of the HDMI switcher is accessed unauthenticated, user credentials are disclosed that are va ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 13:03 | 阅读:47 | 回复:0
  • CVE-2020-28919
    CVE-2020-28919
    A stored cross site scripting (XSS) vulnerability in Checkmk 1.6.0x prior to 1.6.0p19 allows an authenticated remote attacker to inject arbitrary JavaScript via a javascript: URL in a view title.……
    作者:菜鸟教程小白 | 时间:2022-2-5 13:03 | 阅读:10 | 回复:0
  • CVE-2021-32545
    CVE-2021-32545
    Pexip Infinity before 26 allows remote denial of service because of missing RTMP input validation.……
    作者:菜鸟教程小白 | 时间:2022-2-5 13:03 | 阅读:9 | 回复:0
  • CVE-2021-33498
    CVE-2021-33498
    Pexip Infinity before 26 allows remote denial of service because of missing H.264 input validation (issue 1 of 2).……
    作者:菜鸟教程小白 | 时间:2022-2-5 13:03 | 阅读:9 | 回复:0
  • CVE-2021-33499
    CVE-2021-33499
    Pexip Infinity before 26 allows remote denial of service because of missing H.264 input validation (issue 2 of 2).……
    作者:菜鸟教程小白 | 时间:2022-2-5 13:03 | 阅读:5 | 回复:0
  • CVE-2021-35969
    CVE-2021-35969
    Pexip Infinity before 26 allows temporary remote Denial of Service (abort) because of missing call-setup input validation.……
    作者:菜鸟教程小白 | 时间:2022-2-5 13:03 | 阅读:7 | 回复:0
  • CVE-2021-42555
    CVE-2021-42555
    Pexip Infinity before 26.2 allows temporary remote Denial of Service (abort) because of missing call-setup input validation.……
    作者:菜鸟教程小白 | 时间:2022-2-5 13:03 | 阅读:11 | 回复:0
  • CVE-2021-33827
    CVE-2021-33827
    The files_antivirus component before 1.0.0 for ownCloud allows OS Command Injection via the administration settings.……
    作者:菜鸟教程小白 | 时间:2022-2-5 13:03 | 阅读:9 | 回复:0
  • CVE-2021-33828
    CVE-2021-33828
    The files_antivirus component before 1.0.0 for ownCloud mishandles the protection mechanism by which malicious files (that have been uploaded to a public share) are supposed to be deleted upon detecti ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 13:03 | 阅读:14 | 回复:0
  • CVE-2021-44537
    CVE-2021-44537
    ownCloud owncloud/client before 2.9.2 allows Resource Injection by a server into the desktop client via a URL, leading to remote code execution.……
    作者:菜鸟教程小白 | 时间:2022-2-5 13:03 | 阅读:10 | 回复:0
  • CVE-2022-0238
    CVE-2022-0238
    phoronix-test-suite is vulnerable to Cross-Site Request Forgery (CSRF)……
    作者:菜鸟教程小白 | 时间:2022-2-5 13:03 | 阅读:7 | 回复:0
  • CVE-2022-0235
    CVE-2022-0235
    node-fetch is vulnerable to Exposure of Sensitive Information to an Unauthorized Actor……
    作者:菜鸟教程小白 | 时间:2022-2-5 13:03 | 阅读:6 | 回复:0
  • CVE-2021-4170
    CVE-2021-4170
    calibre-web is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')……
    作者:菜鸟教程小白 | 时间:2022-2-5 13:03 | 阅读:12 | 回复:0
  • CVE-2022-23303
    CVE-2022-23303
    The implementations of SAE in hostapd before 2.10 and wpa_supplicant before 2.10 are vulnerable to side channel attacks as a result of cache access patterns. NOTE: this issue exists because of an inco ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 13:03 | 阅读:8 | 回复:0
  • CVE-2022-23304
    CVE-2022-23304
    The implementations of EAP-pwd in hostapd before 2.10 and wpa_supplicant before 2.10 are vulnerable to side-channel attacks as a result of cache access patterns. NOTE: this issue exists because of an ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 13:03 | 阅读:9 | 回复:0
  • CVE-2022-0239
    CVE-2022-0239
    corenlp is vulnerable to Improper Restriction of XML External Entity Reference……
    作者:菜鸟教程小白 | 时间:2022-2-5 13:03 | 阅读:11 | 回复:0
  • CVE-2021-4171
    CVE-2021-4171
    calibre-web is vulnerable to Business Logic Errors……
    作者:菜鸟教程小白 | 时间:2022-2-5 13:03 | 阅读:8 | 回复:0
  • CVE-2022-0131
    CVE-2022-0131
    Jimoty App for Android versions prior to 3.7.42 uses a hard-coded API key for an external service. By exploiting this vulnerability, API key for an external service may be obtained by analyzing data i ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 13:03 | 阅读:26 | 回复:0
  • CVE-2022-0180
    CVE-2022-0180
    Cross-site request forgery (CSRF) vulnerability in Quiz And Survey Master versions prior to 7.3.7 allows a remote attacker to hijack the authentication of administrators and conduct arbitrary operatio ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 13:03 | 阅读:16 | 回复:0
  • CVE-2022-0181
    CVE-2022-0181
    Reflected cross-site scripting vulnerability in Quiz And Survey Master versions prior to 7.3.7 allows a remote attacker to inject an arbitrary script via unspecified vectors.……
    作者:菜鸟教程小白 | 时间:2022-2-5 13:03 | 阅读:5 | 回复:0

关注我们

极客给你想要的成长

关注极客中国获取最新资讯

热门推荐
专题导读
阅读排行榜

扫描微信二维码

查看手机版网站

随时了解更新最新资讯

139-2527-9053

在线客服(服务时间 9:00~18:00)

在线QQ客服
地址:深圳市南山区西丽大学城创智工业园
电邮:jeky_zhao#qq.com
移动电话:139-2527-9053

Powered by 互联科技 X3.4© 2001-2213 极客世界.|Sitemap