CVE漏洞

OStack程序员社区-中国程序员成长平台 › 门户 › 漏洞›CVE漏洞

RSS

CVE-2019-19156

** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2019. Notes: none.……

作者：菜鸟教程小白 | 时间：2022-7-8 08:05 | 阅读：658 | 回复：0
CVE-2019-19157

** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2019. Notes: none.……

作者：菜鸟教程小白 | 时间：2022-7-8 08:05 | 阅读：670 | 回复：0
CVE-2019-19158

** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2019. Notes: none.……

作者：菜鸟教程小白 | 时间：2022-7-8 08:05 | 阅读：637 | 回复：0
CVE-2019-19159

** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2019. Notes: none.……

作者：菜鸟教程小白 | 时间：2022-7-8 08:05 | 阅读：648 | 回复：0
CVE-2020-25585

** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2020. Notes: none.……

作者：菜鸟教程小白 | 时间：2022-7-8 08:05 | 阅读：612 | 回复：0
CVE-2020-25586

** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2020. Notes: none.……

作者：菜鸟教程小白 | 时间：2022-7-8 08:05 | 阅读：647 | 回复：0
CVE-2020-25587

** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2020. Notes: none.……

作者：菜鸟教程小白 | 时间：2022-7-8 08:05 | 阅读：619 | 回复：0
CVE-2020-25588

** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2020. Notes: none.……

作者：菜鸟教程小白 | 时间：2022-7-8 08:05 | 阅读：634 | 回复：0
CVE-2020-25589

** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2020. Notes: none.……

作者：菜鸟教程小白 | 时间：2022-7-8 08:05 | 阅读：690 | 回复：0
CVE-2020-25590

** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2020. Notes: none.……

作者：菜鸟教程小白 | 时间：2022-7-8 08:05 | 阅读：666 | 回复：0
CVE-2020-25591

** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2020. Notes: none.……

作者：菜鸟教程小白 | 时间：2022-7-8 08:05 | 阅读：661 | 回复：0
CVE-2020-27731

** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2020. Notes: none.……

作者：菜鸟教程小白 | 时间：2022-7-8 08:05 | 阅读：618 | 回复：0
CVE-2020-27732

** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2020. Notes: none.……

作者：菜鸟教程小白 | 时间：2022-7-8 08:05 | 阅读：666 | 回复：0
CVE-2021-29281

File upload vulnerability in GFI Mail Archiver versions up to and including 15.1 via insecure implementation of Telerik Web UI plugin which is affected by CVE-2014-2217, and CVE-2017-11317.……

作者：菜鸟教程小白 | 时间：2022-7-8 08:05 | 阅读：687 | 回复：0
CVE-2021-35283

SQL Injection vulnerability in product_admin.php in atoms183 CMS 1.0, allows attackers to execute arbitrary commands via the Name, Fname, and ID parameters to search.php.……

作者：菜鸟教程小白 | 时间：2022-7-8 08:05 | 阅读：674 | 回复：0
CVE-2021-41042

In Eclipse Lyo versions 1.0.0 to 4.1.0, a TransformerFactory is initialized with the defaults that do not restrict DTD loading when working with RDF/XML. This allows an attacker to cause an external D ...……

作者：菜鸟教程小白 | 时间：2022-7-8 08:05 | 阅读：639 | 回复：0
CVE-2022-2047

In Eclipse Jetty versions 9.4.0 thru 9.4.46, and 10.0.0 thru 10.0.9, and 11.0.0 thru 11.0.9 versions, the parsing of the authority segment of an http scheme URI, the Jetty HttpURI class improperly det ...……

作者：菜鸟教程小白 | 时间：2022-7-8 08:05 | 阅读：777 | 回复：0
CVE-2022-2048

In Eclipse Jetty HTTP/2 server implementation, when encountering an invalid HTTP/2 request, the error handling has a bug that can wind up not properly cleaning up the active connections and associated ...……

作者：菜鸟教程小白 | 时间：2022-7-8 08:05 | 阅读：834 | 回复：0
CVE-2022-2191

In Eclipse Jetty versions 10.0.0 thru 10.0.9, and 11.0.0 thru 11.0.9 versions, SslConnection does not release ByteBuffers from configured ByteBufferPool in case of error code paths.……

作者：菜鸟教程小白 | 时间：2022-7-8 08:05 | 阅读：638 | 回复：0
CVE-2022-31029

AdminLTE is a Pi-hole Dashboard for stats and configuration. In affected versions inserting code like `scriptalert(XSS)/script` in the field marked with Domain to look for and hitting kbdenter/kbd (or ...……

作者：菜鸟教程小白 | 时间：2022-7-8 08:05 | 阅读：749 | 回复：0
CVE-2022-32481

Dell PowerProtect Cyber Recovery, versions prior to 19.11, contain a privilege escalation vulnerability on virtual appliance deployments. A lower-privileged authenticated user can chain docker command ...……

作者：菜鸟教程小白 | 时间：2022-7-8 08:05 | 阅读：646 | 回复：0
CVE-2022-33936

Cloud Mobility for Dell EMC Storage, 1.3.0.XXX contains a RCE vulnerability. A non-privileged user could potentially exploit this vulnerability, leading to achieving a root shell. This is a critical i ...……

作者：菜鸟教程小白 | 时间：2022-7-8 08:05 | 阅读：722 | 回复：0
CVE-2022-32060

An arbitrary file upload vulnerability in the Update Branding Settings component of Snipe-IT v6.0.2 allows attackers to execute arbitrary code via a crafted file.……

作者：菜鸟教程小白 | 时间：2022-7-8 08:05 | 阅读：640 | 回复：0
CVE-2022-32061

An arbitrary file upload vulnerability in the Select User function under the People Menu component of Snipe-IT v6.0.2 allows attackers to execute arbitrary code via a crafted file.……

作者：菜鸟教程小白 | 时间：2022-7-8 08:05 | 阅读：644 | 回复：0
CVE-2022-2264

Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.……

作者：菜鸟教程小白 | 时间：2022-7-8 08:04 | 阅读：728 | 回复：0
CVE-2022-33099

An issue in the component luaG_runerror of Lua v5.4.4 and below leads to a heap-buffer overflow when a recursive error occurs.……

作者：菜鸟教程小白 | 时间：2022-7-8 08:04 | 阅读：526 | 回复：0
CVE-2022-33103

Das U-Boot from v2020.10 to v2022.07-rc3 was discovered to contain an out-of-bounds write via the function sqfs_readdir().……

作者：菜鸟教程小白 | 时间：2022-7-8 08:04 | 阅读：768 | 回复：0
CVE-2022-2282

** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. Reason: This CVE has been rejected as it was incorrectly assigned. All references and descriptions in this candidate have been removed to prevent acciden ...……

作者：菜鸟教程小白 | 时间：2022-7-8 08:04 | 阅读：435 | 回复：0
CVE-2014-3648

The simplepush server iterates through the application installations and pushes a notification to the server provided by deviceToken. But this is user controlled. If a bogus applications is registered ...……

作者：菜鸟教程小白 | 时间：2022-7-8 08:04 | 阅读：738 | 回复：0
CVE-2014-3650

Multiple persistent cross-site scripting (XSS) flaws were found in the way Aerogear handled certain user-supplied content. A remote attacker could use these flaws to compromise the application with sp ...……

作者：菜鸟教程小白 | 时间：2022-7-8 08:04 | 阅读：784 | 回复：0
CVE-2022-2253

A user with administrative privileges in Distributed Data Systems WebHMI 4.1.1.7662 may send OS commands to execute on the host server.……

作者：菜鸟教程小白 | 时间：2022-7-8 08:04 | 阅读：624 | 回复：0
CVE-2022-1983

Incorrect authorization in GitLab EE affecting all versions from 10.7 prior to 14.10.5, 15.0 prior to 15.0.4, and 15.1 prior to 15.1.1, allowed an attacker already in possession of a valid Deploy Key ...……

作者：菜鸟教程小白 | 时间：2022-7-8 08:04 | 阅读：511 | 回复：0
CVE-2022-2185

A critical issue has been discovered in GitLab affecting all versions starting from 14.0 prior to 14.10.5, 15.0 prior to 15.0.4, and 15.1 prior to 15.1.1 where it was possible for an unauthorised user ...……

作者：菜鸟教程小白 | 时间：2022-7-8 08:04 | 阅读：531 | 回复：0
CVE-2022-2227

Improper access control in the runner jobs API in GitLab CE/EE affecting all versions prior to 14.10.5, 15.0 prior to 15.0.4, and 15.1 prior to 15.1.1 allows a previous maintainer of a project with a ...……

作者：菜鸟教程小白 | 时间：2022-7-8 08:04 | 阅读：530 | 回复：0
CVE-2022-2230

A Stored Cross-Site Scripting vulnerability in the project settings page in GitLab CE/EE affecting all versions from 14.4 prior to 14.10.5, 15.0 prior to 15.0.4, and 15.1 prior to 15.1.1, allows an at ...……

作者：菜鸟教程小白 | 时间：2022-7-8 08:04 | 阅读：543 | 回复：0
CVE-2022-2235

Insufficient sanitization in GitLab EE's external issue tracker affecting all versions from 14.5 prior to 14.10.5, 15.0 prior to 15.0.4, and 15.1 prior to 15.1.1 allows an attacker to perform cros ...……

作者：菜鸟教程小白 | 时间：2022-7-8 08:04 | 阅读：861 | 回复：0
CVE-2022-2243

An access control vulnerability in GitLab EE/CE affecting all versions from 14.8 prior to 14.10.5, 15.0 prior to 15.0.4, and 15.1 prior to 15.1.1, allows authenticated users to enumerate issues in non ...……

作者：菜鸟教程小白 | 时间：2022-7-8 08:04 | 阅读：855 | 回复：0
CVE-2022-2244

An improper authorization vulnerability in GitLab EE/CE affecting all versions from 14.8 prior to 14.10.5, 15.0 prior to 15.0.4, and 15.1 prior to 15.1.1, allows project memebers with reporter role to ...……

作者：菜鸟教程小白 | 时间：2022-7-8 08:04 | 阅读：934 | 回复：0
CVE-2022-2250

An open redirect vulnerability in GitLab EE/CE affecting all versions from 11.1 prior to 14.10.5, 15.0 prior to 15.0.4, and 15.1 prior to 15.1.1, allows an attacker to redirect users to an arbitrary l ...……

作者：菜鸟教程小白 | 时间：2022-7-8 08:04 | 阅读：888 | 回复：0
CVE-2022-2254

A user with administrative privileges in Distributed Data Systems WebHMI 4.1.1.7662 can store a script that could impact other logged in users.……

作者：菜鸟教程小白 | 时间：2022-7-8 08:04 | 阅读：603 | 回复：0