CVE漏洞

OStack程序员社区-中国程序员成长平台 › 门户 › 漏洞›CVE漏洞

RSS

CVE-2013-2235

** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA.……

作者：菜鸟教程小白 | 时间：2022-7-7 08:59 | 阅读：61 | 回复：0
CVE-2013-2252

** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA.……

作者：菜鸟教程小白 | 时间：2022-7-7 08:59 | 阅读：72 | 回复：0
CVE-2017-20116

A vulnerability was found in TrueConf Server 4.3.7. It has been classified as problematic. Affected is an unknown function of the file /admin/group/list/. The manipulation of the argument checked_grou ...……

作者：菜鸟教程小白 | 时间：2022-7-7 08:58 | 阅读：76 | 回复：0
CVE-2017-20117

A vulnerability was found in TrueConf Server 4.3.7. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /admin/group. The manipulation leads to ...……

作者：菜鸟教程小白 | 时间：2022-7-7 08:58 | 阅读：71 | 回复：0
CVE-2017-20118

A vulnerability was found in TrueConf Server 4.3.7. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /admin/conferences/list/. The manipulation of the ...……

作者：菜鸟教程小白 | 时间：2022-7-7 08:58 | 阅读：79 | 回复：0
CVE-2017-20119

A vulnerability classified as problematic has been found in TrueConf Server 4.3.7. This affects an unknown part of the file /admin/general/change-lang. The manipulation of the argument redirect_url le ...……

作者：菜鸟教程小白 | 时间：2022-7-7 08:58 | 阅读：85 | 回复：0
CVE-2017-20120

A vulnerability classified as problematic was found in TrueConf Server 4.3.7. This vulnerability affects unknown code of the file /admin/service/stop/. The manipulation leads to cross-site request for ...……

作者：菜鸟教程小白 | 时间：2022-7-7 08:58 | 阅读：85 | 回复：0
CVE-2022-30192

Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-33638, CVE-2022-33639.……

作者：菜鸟教程小白 | 时间：2022-7-7 08:58 | 阅读：82 | 回复：0
CVE-2022-33042

Online Railway Reservation System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /admin/inquiries/view_details.php.……

作者：菜鸟教程小白 | 时间：2022-7-7 08:58 | 阅读：72 | 回复：0
CVE-2022-34043

Incorrect permissions for the folder C:\ProgramData\NoMachine\var\uninstall of Nomachine v7.9.2 allows attackers to perform a DLL hijacking attack and execute arbitrary code.……

作者：菜鸟教程小白 | 时间：2022-7-7 08:57 | 阅读：66 | 回复：0
CVE-2020-26877

ApiFest OAuth 2.0 Server 0.3.1 does not validate the redirect URI in accordance with RFC 6749 and is susceptible to an open redirector attack. Specifically, it directly sends an authorization code to ...……

作者：菜鸟教程小白 | 时间：2022-7-7 08:57 | 阅读：69 | 回复：0
CVE-2022-32969

MetaMask before 10.11.3 might allow an attacker to access a user's secret recovery phrase because an input field is used for a BIP39 mnemonic, and Firefox and Chromium save such fields to disk in ...……

作者：菜鸟教程小白 | 时间：2022-7-7 08:57 | 阅读：81 | 回复：0
CVE-2021-39074

IBM Security Guardium 11.4 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially ...……

作者：菜鸟教程小白 | 时间：2022-7-7 08:57 | 阅读：94 | 回复：0
CVE-2022-2252

Open Redirect in GitHub repository microweber/microweber prior to 1.2.19.……

作者：菜鸟教程小白 | 时间：2022-7-7 08:57 | 阅读：78 | 回复：0
CVE-2017-20113

A vulnerability, which was classified as problematic, was found in TrueConf Server 4.3.7. This affects an unknown part. The manipulation leads to basic cross site scripting (Stored). It is possible to ...……

作者：菜鸟教程小白 | 时间：2022-7-7 08:57 | 阅读：75 | 回复：0
CVE-2017-20114

A vulnerability has been found in TrueConf Server 4.3.7 and classified as problematic. This vulnerability affects unknown code of the file /admin/conferences/get-all-status/. The manipulation of the a ...……

作者：菜鸟教程小白 | 时间：2022-7-7 08:57 | 阅读：76 | 回复：0
CVE-2017-20115

A vulnerability was found in TrueConf Server 4.3.7 and classified as problematic. This issue affects some unknown processing of the file /admin/conferences/list/. The manipulation of the argument sort ...……

作者：菜鸟教程小白 | 时间：2022-7-7 08:57 | 阅读：74 | 回复：0
CVE-2021-40642

Textpattern CMS v4.8.7 and older vulnerability exists through Sensitive Cookie in HTTPS Session Without 'Secure' Attribute via textpattern/lib/txplib_misc.php. The secure flag is not set for t ...……

作者：菜鸟教程小白 | 时间：2022-7-7 08:56 | 阅读：78 | 回复：0
CVE-2022-33021

CVA6 commit 909d85a accesses invalid memory when reading the value of MHPMCOUNTER30.……

作者：菜鸟教程小白 | 时间：2022-7-7 08:56 | 阅读：78 | 回复：0
CVE-2022-33023

CVA6 commit 909d85a gives incorrect permission to use special multiplication units when the format of instructions is wrong.……

作者：菜鸟教程小白 | 时间：2022-7-7 08:56 | 阅读：78 | 回复：0
CVE-2022-33107

ThinkPHP v6.0.12 was discovered to contain a deserialization vulnerability via the component vendor\league\flysystem-cached-adapter\src\Storage\AbstractCache.php. This vulnerability allows attackers t ...……

作者：菜鸟教程小白 | 时间：2022-7-7 08:56 | 阅读：74 | 回复：0
CVE-2022-33035

XLPD v7.0.0094 and below contains an unquoted service path vulnerability which allows local users to launch processes with elevated privileges.……

作者：菜鸟教程小白 | 时间：2022-7-7 08:56 | 阅读：81 | 回复：0
CVE-2022-33036

A binary hijack in Embarcadero Dev-CPP v6.3 allows attackers to execute arbitrary code via a crafted .exe file.……

作者：菜鸟教程小白 | 时间：2022-7-7 08:56 | 阅读：85 | 回复：0
CVE-2022-33037

A binary hijack in Orwell-Dev-Cpp v5.11 allows attackers to execute arbitrary code via a crafted .exe file.……

作者：菜鸟教程小白 | 时间：2022-7-7 08:56 | 阅读：81 | 回复：0
CVE-2022-31266

In ILIAS through 7.10, lack of verification when changing an email address (on the Profile Page) allows remote attackers to take over accounts.……

作者：菜鸟教程小白 | 时间：2022-7-7 08:55 | 阅读：81 | 回复：0
CVE-2022-31897

SourceCodester Zoo Management System 1.0 is vulnerable to Cross Site Scripting (XSS) via public_html/register_visitor?msg=.……

作者：菜鸟教程小白 | 时间：2022-7-7 08:55 | 阅读：85 | 回复：0
CVE-2017-20108

A vulnerability classified as problematic has been found in Easy Table Plugin 1.6. This affects an unknown part of the file /wordpress/wp-admin/options-general.php. The manipulation with the input scr ...……

作者：菜鸟教程小白 | 时间：2022-7-7 08:55 | 阅读：79 | 回复：0
CVE-2017-20109

A vulnerability classified as problematic was found in Teleopti WFM up to 7.1.0. Affected by this vulnerability is an unknown functionality of the file /TeleoptiWFM/Administration/GetOneTenant of the ...……

作者：菜鸟教程小白 | 时间：2022-7-7 08:55 | 阅读：84 | 回复：0
CVE-2017-20110

A vulnerability, which was classified as problematic, has been found in Teleopti WFM up to 7.1.0. Affected by this issue is some unknown functionality of the component Administration. The manipulation ...……

作者：菜鸟教程小白 | 时间：2022-7-7 08:55 | 阅读：89 | 回复：0
CVE-2017-20111

A vulnerability, which was classified as critical, was found in Teleopti WFM 7.1.0. This affects an unknown part of the component Administration. The manipulation leads to improper privilege managemen ...……

作者：菜鸟教程小白 | 时间：2022-7-7 08:55 | 阅读：83 | 回复：0
CVE-2017-20112

A vulnerability has been found in IVPN Client 2.6.6120.33863 and classified as critical. Affected by this vulnerability is an unknown functionality. The manipulation of the argument --up cmd leads to ...……

作者：菜鸟教程小白 | 时间：2022-7-7 08:55 | 阅读：74 | 回复：0
CVE-2022-31887

Marval MSM v14.19.0.12476 has a 0-Click Account Takeover vulnerability which allows an attacker to change any user's password in the organization, this means that the user can also escalate achiev ...……

作者：菜鸟教程小白 | 时间：2022-7-7 08:54 | 阅读：95 | 回复：0
CVE-2022-32532

Apache Shiro before 1.9.1, A RegexRequestMatcher can be misconfigured to be bypassed on some servlet containers. Applications using RegExPatternMatcher with `.` in the regular expression are possibly ...……

作者：菜鸟教程小白 | 时间：2022-7-7 08:54 | 阅读：88 | 回复：0
CVE-2022-28803

In SilverStripe Framework through 2022-04-07, Stored XSS can occur in javascript link tags added via XMLHttpRequest (XHR).……

作者：菜鸟教程小白 | 时间：2022-7-7 08:54 | 阅读：90 | 回复：0
CVE-2022-29269

In Nagios XI through 5.8.5, in the schedule report function, an authenticated attacker is able to inject HTML tags that lead to the reformatting/editing of emails from an official email address.……

作者：菜鸟教程小白 | 时间：2022-7-7 08:54 | 阅读：84 | 回复：0
CVE-2022-29270

In Nagios XI through 5.8.5, it is possible for a user without password verification to change his e-mail address.……

作者：菜鸟教程小白 | 时间：2022-7-7 08:54 | 阅读：92 | 回复：0
CVE-2022-29271

In Nagios XI through 5.8.5, a read-only Nagios user (due to an incorrect permission check) is able to schedule downtime for any host/services. This allows an attacker to permanently disable all monito ...……

作者：菜鸟教程小白 | 时间：2022-7-7 08:54 | 阅读：90 | 回复：0
CVE-2022-29272

In Nagios XI through 5.8.5, an open redirect vulnerability exists in the login function that could lead to spoofing.……

作者：菜鸟教程小白 | 时间：2022-7-7 08:54 | 阅读：80 | 回复：0
CVE-2022-31886

Marval MSM v14.19.0.12476 is vulnerable to Cross Site Request Forgery (CSRF). An attacker can disable the 2FA by sending the user a malicious form.……

作者：菜鸟教程小白 | 时间：2022-7-7 08:53 | 阅读：94 | 回复：0
CVE-2020-19896

File inclusion vulnerability in Minicms v1.9 allows remote attackers to execute arbitary PHP code via post-edit.php.……

作者：菜鸟教程小白 | 时间：2022-7-7 08:53 | 阅读：105 | 回复：0