CVE漏洞

OStack程序员社区-中国程序员成长平台 › 门户 › 漏洞›CVE漏洞

RSS

CVE-2014-0156

Awesome spawn contains OS command injection vulnerability, which allows execution of additional commands passed to Awesome spawn as arguments. If untrusted input was included in command arguments, att ...……

作者：菜鸟教程小白 | 时间：2022-7-7 09:15 | 阅读：518 | 回复：0
CVE-2022-2257

Out-of-bounds Read in GitHub repository vim/vim prior to 9.0.……

作者：菜鸟教程小白 | 时间：2022-7-7 09:15 | 阅读：564 | 回复：0
CVE-2013-4464

** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during CVE-2013-4464. Notes: none.……

作者：菜鸟教程小白 | 时间：2022-7-7 09:14 | 阅读：494 | 回复：0
CVE-2013-4493

** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2013. Notes: none.……

作者：菜鸟教程小白 | 时间：2022-7-7 09:14 | 阅读：515 | 回复：0
CVE-2013-4506

** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2013. Notes: none.……

作者：菜鸟教程小白 | 时间：2022-7-7 09:14 | 阅读：499 | 回复：0
CVE-2013-4585

** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2013. Notes: none.……

作者：菜鸟教程小白 | 时间：2022-7-7 09:14 | 阅读：518 | 回复：0
CVE-2013-4586

** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2013. Notes: none.……

作者：菜鸟教程小白 | 时间：2022-7-7 09:14 | 阅读：531 | 回复：0
CVE-2013-5683

** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2013. Notes: none.……

作者：菜鸟教程小白 | 时间：2022-7-7 09:14 | 阅读：491 | 回复：0
CVE-2013-6390

** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2013. Notes: none.……

作者：菜鸟教程小白 | 时间：2022-7-7 09:14 | 阅读：557 | 回复：0
CVE-2021-41995

A misconfiguration of RSA in PingID Mac Login prior to 1.1 is vulnerable to pre-computed dictionary attacks, leading to an offline MFA bypass.……

作者：菜鸟教程小白 | 时间：2022-7-7 09:13 | 阅读：463 | 回复：0
CVE-2022-23717

PingID Windows Login prior to 2.8 is vulnerable to a denial of service condition on local machines when combined with using offline security keys as part of authentication.……

作者：菜鸟教程小白 | 时间：2022-7-7 09:13 | 阅读：547 | 回复：0
CVE-2022-23718

PingID Windows Login prior to 2.8 uses known vulnerable components that can lead to remote code execution. An attacker capable of achieving a sophisticated man-in-the-middle position, or to compromise ...……

作者：菜鸟教程小白 | 时间：2022-7-7 09:13 | 阅读：549 | 回复：0
CVE-2022-23719

PingID Windows Login prior to 2.8 does not authenticate communication with a local Java service used to capture security key requests. An attacker with the ability to execute code on the target machin ...……

作者：菜鸟教程小白 | 时间：2022-7-7 09:13 | 阅读：535 | 回复：0
CVE-2022-23720

PingID Windows Login prior to 2.8 does not alert or halt operation if it has been provisioned with the full permissions PingID properties file. An IT administrator could mistakenly deploy administrato ...……

作者：菜鸟教程小白 | 时间：2022-7-7 09:13 | 阅读：551 | 回复：0
CVE-2022-23725

PingID Windows Login prior to 2.8 does not properly set permissions on the Windows Registry entries used to store sensitive API keys under some circumstances.……

作者：菜鸟教程小白 | 时间：2022-7-7 09:13 | 阅读：495 | 回复：0
CVE-2013-4323

** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Notes: none.……

作者：菜鸟教程小白 | 时间：2022-7-7 09:13 | 阅读：526 | 回复：0
CVE-2013-4456

** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2013. Notes: none.……

作者：菜鸟教程小白 | 时间：2022-7-7 09:13 | 阅读：500 | 回复：0
CVE-2022-33312

Multiple command injection vulnerabilities exist in the web_server action endpoints functionalities of Robustel R1510 3.3.0. A specially-crafted network request can lead to arbitrary command execution ...……

作者：菜鸟教程小白 | 时间：2022-7-7 09:12 | 阅读：440 | 回复：0
CVE-2022-33313

Multiple command injection vulnerabilities exist in the web_server action endpoints functionalities of Robustel R1510 3.3.0. A specially-crafted network request can lead to arbitrary command execution ...……

作者：菜鸟教程小白 | 时间：2022-7-7 09:12 | 阅读：416 | 回复：0
CVE-2022-33314

Multiple command injection vulnerabilities exist in the web_server action endpoints functionalities of Robustel R1510 3.3.0. A specially-crafted network request can lead to arbitrary command execution ...……

作者：菜鸟教程小白 | 时间：2022-7-7 09:12 | 阅读：406 | 回复：0
CVE-2022-33325

Multiple command injection vulnerabilities exist in the web_server ajax endpoints functionalities of Robustel R1510 3.3.0. A specially-crafted network packets can lead to arbitrary command execution. ...……

作者：菜鸟教程小白 | 时间：2022-7-7 09:12 | 阅读：456 | 回复：0
CVE-2022-33326

Multiple command injection vulnerabilities exist in the web_server ajax endpoints functionalities of Robustel R1510 3.3.0. A specially-crafted network packets can lead to arbitrary command execution. ...……

作者：菜鸟教程小白 | 时间：2022-7-7 09:12 | 阅读：414 | 回复：0
CVE-2022-33327

Multiple command injection vulnerabilities exist in the web_server ajax endpoints functionalities of Robustel R1510 3.3.0. A specially-crafted network packets can lead to arbitrary command execution. ...……

作者：菜鸟教程小白 | 时间：2022-7-7 09:12 | 阅读：473 | 回复：0
CVE-2022-33328

Multiple command injection vulnerabilities exist in the web_server ajax endpoints functionalities of Robustel R1510 3.3.0. A specially-crafted network packets can lead to arbitrary command execution. ...……

作者：菜鸟教程小白 | 时间：2022-7-7 09:12 | 阅读：492 | 回复：0
CVE-2022-33329

Multiple command injection vulnerabilities exist in the web_server ajax endpoints functionalities of Robustel R1510 3.3.0. A specially-crafted network packets can lead to arbitrary command execution. ...……

作者：菜鸟教程小白 | 时间：2022-7-7 09:12 | 阅读：453 | 回复：0
CVE-2022-34817

A cross-site request forgery (CSRF) vulnerability in Jenkins Failed Job Deactivator Plugin 1.2.1 and earlier allows attackers to disable jobs.……

作者：菜鸟教程小白 | 时间：2022-7-7 09:11 | 阅读：419 | 回复：0
CVE-2022-34818

Jenkins Failed Job Deactivator Plugin 1.2.1 and earlier does not perform permission checks in several views and HTTP endpoints, allowing attackers with Overall/Read permission to disable jobs.……

作者：菜鸟教程小白 | 时间：2022-7-7 09:11 | 阅读：393 | 回复：0
CVE-2013-4252

** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Notes: none.……

作者：菜鸟教程小白 | 时间：2022-7-7 09:11 | 阅读：372 | 回复：0
CVE-2013-4561

In a openshift node, there is a cron job to update mcollective facts that mishandles a temporary file. This may lead to loss of confidentiality and integrity.……

作者：菜鸟教程小白 | 时间：2022-7-7 09:11 | 阅读：410 | 回复：0
CVE-2022-28127

A data removal vulnerability exists in the web_server /action/remove/ API functionality of Robustel R1510 3.3.0. A specially-crafted network request can lead to arbitrary file deletion. An attacker ca ...……

作者：菜鸟教程小白 | 时间：2022-7-7 09:11 | 阅读：451 | 回复：0
CVE-2022-2197

By using a specific credential string, an attacker with network access to the device’s web interface could circumvent the authentication scheme and perform administrative operations.……

作者：菜鸟教程小白 | 时间：2022-7-7 09:11 | 阅读：451 | 回复：0
CVE-2022-32585

A command execution vulnerability exists in the clish art2 functionality of Robustel R1510 3.3.0. A specially-crafted network request can lead to arbitrary command execution. An attacker can send a se ...……

作者：菜鸟教程小白 | 时间：2022-7-7 09:11 | 阅读：455 | 回复：0
CVE-2022-34809

Jenkins RQM Plugin 2.8 and earlier stores a password unencrypted in its global configuration file on the Jenkins controller where it can be viewed by users with access to the Jenkins controller file s ...……

作者：菜鸟教程小白 | 时间：2022-7-7 09:10 | 阅读：368 | 回复：0
CVE-2022-34810

A missing check in Jenkins RQM Plugin 2.8 and earlier allows attackers with Overall/Read permission to enumerate credentials IDs of credentials stored in Jenkins.……

作者：菜鸟教程小白 | 时间：2022-7-7 09:10 | 阅读：376 | 回复：0
CVE-2022-34811

A missing permission check in Jenkins XPath Configuration Viewer Plugin 1.1.1 and earlier allows attackers with Overall/Read permission to access the XPath Configuration Viewer page.……

作者：菜鸟教程小白 | 时间：2022-7-7 09:10 | 阅读：385 | 回复：0
CVE-2022-34812

A cross-site request forgery (CSRF) vulnerability in Jenkins XPath Configuration Viewer Plugin 1.1.1 and earlier allows attackers to create and delete XPath expressions.……

作者：菜鸟教程小白 | 时间：2022-7-7 09:10 | 阅读：379 | 回复：0
CVE-2022-34813

A missing permission check in Jenkins XPath Configuration Viewer Plugin 1.1.1 and earlier allows attackers with Overall/Read permission to create and delete XPath expressions.……

作者：菜鸟教程小白 | 时间：2022-7-7 09:10 | 阅读：401 | 回复：0
CVE-2022-34814

Jenkins Request Rename Or Delete Plugin 1.1.0 and earlier does not correctly perform a permission check in an HTTP endpoint, allowing attackers with Overall/Read permission to view an administrative c ...……

作者：菜鸟教程小白 | 时间：2022-7-7 09:10 | 阅读：390 | 回复：0
CVE-2022-34815

A cross-site request forgery (CSRF) vulnerability in Jenkins Request Rename Or Delete Plugin 1.1.0 and earlier allows attackers to accept pending requests, thereby renaming or deleting jobs.……

作者：菜鸟教程小白 | 时间：2022-7-7 09:10 | 阅读：433 | 回复：0
CVE-2022-34816

Jenkins HPE Network Virtualization Plugin 1.0 stores passwords unencrypted in its global configuration file on the Jenkins controller where they can be viewed by users with access to the Jenkins contr ...……

作者：菜鸟教程小白 | 时间：2022-7-7 09:10 | 阅读：420 | 回复：0