• 设为首页
  • 点击收藏
  • 手机版
    手机扫一扫访问
    迪恩网络手机版
  • 关注官方公众号
    微信扫一扫关注
    公众号

CVE漏洞

RSS
  • CVE-2022-27864
    CVE-2022-27864
    A Double Free vulnerability allows remote attackers to execute arbitrary code through DesignReview.exe application on PDF files within affected installations. User interaction is required to exploit t ...……
    作者:菜鸟教程小白 | 时间:2022-8-12 22:21 | 阅读:2014 | 回复:0
  • CVE-2022-27865
    CVE-2022-27865
    A maliciously crafted TGA or PCX file may be used to write beyond the allocated buffer through DesignReview.exe application while parsing TGA and PCX files. This vulnerability may be exploited to exec ...……
    作者:菜鸟教程小白 | 时间:2022-8-12 22:21 | 阅读:1278 | 回复:0
  • CVE-2022-27866
    CVE-2022-27866
    A maliciously crafted TIFF file when consumed through DesignReview.exe application can be forced to read beyond allocated boundaries when parsing the TIFF file. This vulnerability in conjunction with ...……
    作者:菜鸟教程小白 | 时间:2022-8-12 22:21 | 阅读:1331 | 回复:0
  • CVE-2022-2323
    CVE-2022-2323
    Improper neutralization of special elements used in a user input allows an authenticated malicious user to perform remote code execution in the host system. This vulnerability impacts SonicWall Switch ...……
    作者:菜鸟教程小白 | 时间:2022-8-12 22:21 | 阅读:1380 | 回复:0
  • CVE-2022-22280
    CVE-2022-22280
    Improper Neutralization of Special Elements used in an SQL Command leading to Unauthenticated SQL Injection vulnerability, impacting SonicWall GMS 9.3.1-SP2-Hotfix1, Analytics On-Prem 2.5.0.3-2520 and ...……
    作者:菜鸟教程小白 | 时间:2022-8-12 22:21 | 阅读:1390 | 回复:0
  • CVE-2022-2324
    CVE-2022-2324
    Improperly Implemented Security Check vulnerability in the SonicWall Hosted Email Security leads to bypass of Capture ATP security service in the appliance. This vulnerability impacts 10.0.17.7319 and ...……
    作者:菜鸟教程小白 | 时间:2022-8-12 22:21 | 阅读:1214 | 回复:0
  • CVE-2022-36447
    CVE-2022-36447
    An inflation issue was discovered in Chia Network CAT1 Standard 1.0.0. Previously minted tokens minted on the Chia blockchain using the CAT1 standard can be inflated to an arbitrary extent by any hold ...……
    作者:菜鸟教程小白 | 时间:2022-8-12 22:21 | 阅读:1391 | 回复:0
  • CVE-2022-34496
    CVE-2022-34496
    Hiby R3 PRO firmware v1.5 to v1.7 was discovered to contain a file upload vulnerability via the file upload feature.……
    作者:菜鸟教程小白 | 时间:2022-8-12 22:21 | 阅读:1364 | 回复:0
  • CVE-2022-34526
    CVE-2022-34526
    A stack overflow was discovered in the _TIFFVGetField function of Tiffsplit v4.4.0. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted TIFF file.……
    作者:菜鸟教程小白 | 时间:2022-8-12 22:21 | 阅读:1330 | 回复:0
  • CVE-2022-34527
    CVE-2022-34527
    D-Link DSL-3782 v1.03 and below was discovered to contain a command injection vulnerability via the function byte_4C0160.……
    作者:菜鸟教程小白 | 时间:2022-8-12 22:21 | 阅读:1386 | 回复:0
  • CVE-2022-34528
    CVE-2022-34528
    D-Link DSL-3782 v1.03 and below was discovered to contain a stack overflow via the function getAttrValue.……
    作者:菜鸟教程小白 | 时间:2022-8-12 22:21 | 阅读:1467 | 回复:0
  • CVE-2022-34531
    CVE-2022-34531
    DedeCMS v5.7.95 was discovered to contain a remote code execution (RCE) vulnerability via the component mytag_ main.php.……
    作者:菜鸟教程小白 | 时间:2022-8-12 22:21 | 阅读:1590 | 回复:0
  • CVE-2021-27785
    CVE-2021-27785
    HCL Commerce's Remote Store server could allow a local attacker to obtain sensitive personal information. The vulnerability requires the victim to first perform a particular operation on the websi ...……
    作者:菜鸟教程小白 | 时间:2022-8-12 22:21 | 阅读:1594 | 回复:0
  • CVE-2022-30083
    CVE-2022-30083
    EllieGrid Android Application version 3.4.1 is vulnerable to Code Injection. The application appears to evaluate user input as code (remote).……
    作者:菜鸟教程小白 | 时间:2022-8-12 22:21 | 阅读:1605 | 回复:0
  • CVE-2022-33158
    CVE-2022-33158
    Trend Micro VPN Proxy Pro version 5.2.1026 and below contains a vulnerability involving some overly permissive folders in a key directory which could allow a local attacker to obtain privilege escalat ...……
    作者:菜鸟教程小白 | 时间:2022-8-12 22:21 | 阅读:1445 | 回复:0
  • CVE-2022-35234
    CVE-2022-35234
    Trend Micro Security 2021 and 2022 (Consumer) is vulnerable to an Out-Of-Bounds Read Information Disclosure Vulnerability that could allow an attacker to read sensitive information from other memory l ...……
    作者:菜鸟教程小白 | 时间:2022-8-12 22:21 | 阅读:1474 | 回复:0
  • CVE-2022-36336
    CVE-2022-36336
    A link following vulnerability in the scanning function of Trend Micro Apex One and Worry-Free Business Security agents could allow a local attacker to escalate privileges on affected installations. T ...……
    作者:菜鸟教程小白 | 时间:2022-8-12 22:21 | 阅读:1345 | 回复:0
  • CVE-2022-33994
    CVE-2022-33994
    The Gutenberg plugin through 13.7.3 for WordPress allows stored XSS by the Contributor role via an SVG document to the Insert from URL feature. NOTE: the XSS payload does not execute in the context of ...……
    作者:菜鸟教程小白 | 时间:2022-8-12 22:21 | 阅读:1583 | 回复:0
  • CVE-2015-5598
    CVE-2015-5598
    ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2015. Notes: none.……
    作者:菜鸟教程小白 | 时间:2022-7-29 18:15 | 阅读:1127 | 回复:0
  • CVE-2022-36915
    CVE-2022-36915
    Jenkins Android Signing Plugin 2.2.5 and earlier does not perform a permission check in a method implementing form validation, allowing attackers with Item/Read permission but without Item/Workspace o ...……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:20 | 阅读:1131 | 回复:0
  • CVE-2022-36916
    CVE-2022-36916
    A cross-site request forgery (CSRF) vulnerability in Jenkins Google Cloud Backup Plugin 0.6 and earlier allows attackers to request a manual backup.……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:20 | 阅读:972 | 回复:0
  • CVE-2022-36917
    CVE-2022-36917
    A missing permission check in Jenkins Google Cloud Backup Plugin 0.6 and earlier allows attackers with Overall/Read permission to request a manual backup.……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:20 | 阅读:922 | 回复:0
  • CVE-2022-36918
    CVE-2022-36918
    Jenkins Buckminster Plugin 1.1.1 and earlier does not perform a permission check in a method implementing form validation, allowing attackers with Overall/Read permission to check for the existence of ...……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:20 | 阅读:889 | 回复:0
  • CVE-2022-36919
    CVE-2022-36919
    A missing permission check in Jenkins Coverity Plugin 1.11.4 and earlier allows attackers with Overall/Read permission to enumerate credentials IDs of credentials stored in Jenkins.……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:20 | 阅读:846 | 回复:0
  • CVE-2022-36920
    CVE-2022-36920
    A cross-site request forgery (CSRF) vulnerability in Jenkins Coverity Plugin 1.11.4 and earlier allows attackers to connect to an attacker-specified URL using attacker-specified credentials IDs obtain ...……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:20 | 阅读:941 | 回复:0
  • CVE-2022-36921
    CVE-2022-36921
    A missing permission check in Jenkins Coverity Plugin 1.11.4 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified URL using attacker-specified credentials IDs ...……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:20 | 阅读:1400 | 回复:0
  • CVE-2022-36922
    CVE-2022-36922
    Jenkins Lucene-Search Plugin 370.v62a5f618cd3a and earlier does not escape the search query parameter displayed on the 'search' result page, resulting in a reflected cross-site scripting (XSS) ...……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:20 | 阅读:907 | 回复:0
  • CVE-2022-33943
    CVE-2022-33943
    Authenticated (contributor or higher user role) Cross-Site Scripting (XSS) vulnerability in Nico Amarilla's BxSlider WP plugin = 2.0.0 at WordPress.……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:20 | 阅读:1033 | 回复:0
  • CVE-2022-35669
    CVE-2022-35669
    Acrobat Reader versions 22.001.20142 (and earlier), 20.005.30334 (and earlier) and 20.005.30334 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensi ...……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:20 | 阅读:1026 | 回复:0
  • CVE-2022-35672
    CVE-2022-35672
    Adobe Acrobat Reader version 22.001.20085 (and earlier), 20.005.30314 (and earlier) and 17.012.30205 (and earlier) are affected by an out-of-bounds read vulnerability when parsing a crafted file, whic ...……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:20 | 阅读:863 | 回复:0
  • CVE-2022-34120
    CVE-2022-34120
    Barangay Management System v1.0 was discovered to contain a remote code execution (RCE) vulnerability via the module editing function at /pages/activity/activity.php.……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:20 | 阅读:1030 | 回复:0
  • CVE-2022-34121
    CVE-2022-34121
    Cuppa CMS v1.0 was discovered to contain a local file inclusion (LFI) vulnerability via the component /templates/default/html/windows/right.php.……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:20 | 阅读:891 | 回复:0
  • CVE-2022-36946
    CVE-2022-36946
    nfqnl_mangle in net/netfilter/nfnetlink_queue.c in the Linux kernel through 5.18.14 allows remote attackers to cause a denial of service (panic) because, in the case of an nf_queue verdict with a one- ...……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:20 | 阅读:1344 | 回复:0
  • CVE-2020-6998
    CVE-2020-6998
    The connection establishment algorithm found in Rockwell Automation CompactLogix 5370 and ControlLogix 5570 versions 33 and prior does not sufficiently manage its control flow during execution, creati ...……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:20 | 阅读:1182 | 回复:0
  • CVE-2021-38410
    CVE-2021-38410
    AVEVA Software Platform Common Services (PCS) Portal versions 4.5.2, 4.5.1, 4.5.0, and 4.4.6 are vulnerable to DLL hijacking through an uncontrolled search path element, which may allow an attacker co ...……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:20 | 阅读:1658 | 回复:0
  • CVE-2021-38417
    CVE-2021-38417
    VISAM VBASE version 11.6.0.6 is vulnerable to improper access control via the web-remote endpoint, which may allow an unauthenticated user viewing access to folders and files in the directory listing.……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:20 | 阅读:1142 | 回复:0
  • CVE-2021-42535
    CVE-2021-42535
    VISAM VBASE version 11.6.0.6 does not neutralize or incorrectly neutralizes user-controllable input before the data is placed in output used as a public-facing webpage.……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:20 | 阅读:942 | 回复:0
  • CVE-2021-42537
    CVE-2021-42537
    VISAM VBASE version 11.6.0.6 processes an XML document that can contain XML entities with URIs that resolve to documents outside of the intended sphere of control, causing the product to embed incorre ...……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:20 | 阅读:779 | 回复:0
  • CVE-2022-35911
    CVE-2022-35911
    On Patlite NH-FB series devices through 1.46, remote attackers can cause a denial of service by omitting the query string.……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:20 | 阅读:953 | 回复:0
  • CVE-2022-36948
    CVE-2022-36948
    In Veritas NetBackup OpsCenter, a DOM XSS attack can occur. This affects 8.x through 8.3.0.2, 9.x through 9.0.0.1, 9.1.x through 9.1.0.1, and 10.……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:20 | 阅读:806 | 回复:0

关注我们

极客给你想要的成长

关注极客中国获取最新资讯

热门推荐
专题导读
阅读排行榜

扫描微信二维码

查看手机版网站

随时了解更新最新资讯

139-2527-9053

在线客服(服务时间 9:00~18:00)

在线QQ客服
地址:深圳市南山区西丽大学城创智工业园
电邮:jeky_zhao#qq.com
移动电话:139-2527-9053

Powered by 互联科技 X3.4© 2001-2213 极客世界.|Sitemap