CVE漏洞

OStack程序员社区-中国程序员成长平台 › 门户 › 漏洞›CVE漏洞

RSS

CVE-2022-36949

In Veritas NetBackup OpsCenter, an attacker with local access to a NetBackup OpsCenter server could potentially escalate their privileges. This affects 8.x through 8.3.0.2, 9.x through 9.0.0.1, 9.1.x ...……

作者：菜鸟教程小白 | 时间：2022-7-29 17:20 | 阅读：735 | 回复：0
CVE-2022-36950

In Veritas NetBackup OpsCenter, an unauthenticated remote attacker may be able to perform remote command execution through a Java classloader manipulation. This affects 8.x through 8.3.0.2, 9.x throug ...……

作者：菜鸟教程小白 | 时间：2022-7-29 17:20 | 阅读：836 | 回复：0
CVE-2022-36951

In Veritas NetBackup OpsCenter, an unauthenticated remote attacker may compromise the host by exploiting an incorrectly patched vulnerability. This affects 8.x through 8.3.0.2, 9.x through 9.0.0.1, 9. ...……

作者：菜鸟教程小白 | 时间：2022-7-29 17:20 | 阅读：735 | 回复：0
CVE-2022-36952

In Veritas NetBackup OpsCenter, a hard-coded credential exists that could be used to exploit the underlying VxSS subsystem. This affects 8.x through 8.3.0.2, 9.x through 9.0.0.1, 9.1.x through 9.1.0.1 ...……

作者：菜鸟教程小白 | 时间：2022-7-29 17:20 | 阅读：1091 | 回复：0
CVE-2022-36953

In Veritas NetBackup OpsCenter, certain endpoints could allow an unauthenticated remote attacker to gain sensitive information. This affects 8.x through 8.3.0.2, 9.x through 9.0.0.1, 9.1.x through 9.1 ...……

作者：菜鸟教程小白 | 时间：2022-7-29 17:20 | 阅读：1130 | 回复：0
CVE-2022-36954

In Veritas NetBackup OpsCenter, under specific conditions, an authenticated remote attacker may be able to create or modify OpsCenter user accounts. This affects 8.x through 8.3.0.2, 9.x through 9.0.0 ...……

作者：菜鸟教程小白 | 时间：2022-7-29 17:20 | 阅读：847 | 回复：0
CVE-2022-36955

In Veritas NetBackup, an attacker with unprivileged local access to a NetBackup Client may send specific commands to escalate their privileges. This affects 8.0 through 8.1.2, 8.2, 8.3 through 8.3.0.2 ...……

作者：菜鸟教程小白 | 时间：2022-7-29 17:20 | 阅读：831 | 回复：0
CVE-2022-36956

In Veritas NetBackup, the NetBackup Client allows arbitrary command execution from any remote host that has access to a valid host-id NetBackup certificate/private key from the same domain. The affect ...……

作者：菜鸟教程小白 | 时间：2022-7-29 17:20 | 阅读：852 | 回复：0
CVE-2022-1853

Use after free in Indexed DB in Google Chrome prior to 102.0.5005.61 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page.……

作者：菜鸟教程小白 | 时间：2022-7-29 17:20 | 阅读：1008 | 回复：0
CVE-2022-1854

Use after free in ANGLE in Google Chrome prior to 102.0.5005.61 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.……

作者：菜鸟教程小白 | 时间：2022-7-29 17:20 | 阅读：986 | 回复：0
CVE-2022-1855

Use after free in Messaging in Google Chrome prior to 102.0.5005.61 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.……

作者：菜鸟教程小白 | 时间：2022-7-29 17:20 | 阅读：792 | 回复：0
CVE-2022-1856

Use after free in User Education in Google Chrome prior to 102.0.5005.61 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted ...……

作者：菜鸟教程小白 | 时间：2022-7-29 17:20 | 阅读：808 | 回复：0
CVE-2022-1857

Insufficient policy enforcement in File System API in Google Chrome prior to 102.0.5005.61 allowed a remote attacker to bypass file system restrictions via a crafted HTML page.……

作者：菜鸟教程小白 | 时间：2022-7-29 17:20 | 阅读：866 | 回复：0
CVE-2022-1858

Out of bounds read in DevTools in Google Chrome prior to 102.0.5005.61 allowed a remote attacker to perform an out of bounds memory read via specific user interaction.……

作者：菜鸟教程小白 | 时间：2022-7-29 17:20 | 阅读：747 | 回复：0
CVE-2022-1859

Use after free in Performance Manager in Google Chrome prior to 102.0.5005.61 allowed a remote attacker who convinced a user to engage in specific user interaction to potentially exploit heap corrupti ...……

作者：菜鸟教程小白 | 时间：2022-7-29 17:20 | 阅读：870 | 回复：0
CVE-2022-1860

Use after free in UI Foundations in Google Chrome on Chrome OS prior to 102.0.5005.61 allowed a remote attacker who convinced a user to engage in specific user interaction to potentially exploit heap ...……

作者：菜鸟教程小白 | 时间：2022-7-29 17:20 | 阅读：812 | 回复：0
CVE-2022-1861

Use after free in Sharing in Google Chrome on Chrome OS prior to 102.0.5005.61 allowed a remote attacker who convinced a user to enage in specific user interactions to potentially exploit heap corrupt ...……

作者：菜鸟教程小白 | 时间：2022-7-29 17:20 | 阅读：726 | 回复：0
CVE-2022-1862

Inappropriate implementation in Extensions in Google Chrome prior to 102.0.5005.61 allowed an attacker who convinced a user to install a malicious extension to bypass profile restrictions via a crafte ...……

作者：菜鸟教程小白 | 时间：2022-7-29 17:20 | 阅读：737 | 回复：0
CVE-2022-1863

Use after free in Tab Groups in Google Chrome prior to 102.0.5005.61 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted Chro ...……

作者：菜鸟教程小白 | 时间：2022-7-29 17:20 | 阅读：721 | 回复：0
CVE-2022-1864

Use after free in WebApp Installs in Google Chrome prior to 102.0.5005.61 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted ...……

作者：菜鸟教程小白 | 时间：2022-7-29 17:20 | 阅读：697 | 回复：0
CVE-2022-1865

Use after free in Bookmarks in Google Chrome prior to 102.0.5005.61 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted Chrom ...……

作者：菜鸟教程小白 | 时间：2022-7-29 17:20 | 阅读：643 | 回复：0
CVE-2022-1866

Use after free in Tablet Mode in Google Chrome on Chrome OS prior to 102.0.5005.61 allowed a remote attacker who convinced a user to engage in specific user interactions to potentially exploit heap co ...……

作者：菜鸟教程小白 | 时间：2022-7-29 17:20 | 阅读：987 | 回复：0
CVE-2022-1867

Insufficient validation of untrusted input in Data Transfer in Google Chrome prior to 102.0.5005.61 allowed a remote attacker to bypass same origin policy via a crafted clipboard content.……

作者：菜鸟教程小白 | 时间：2022-7-29 17:20 | 阅读：682 | 回复：0
CVE-2022-1868

Inappropriate implementation in Extensions API in Google Chrome prior to 102.0.5005.61 allowed an attacker who convinced a user to install a malicious extension to bypass navigation restrictions via a ...……

作者：菜鸟教程小白 | 时间：2022-7-29 17:20 | 阅读：666 | 回复：0
CVE-2022-1869

Type Confusion in V8 in Google Chrome prior to 102.0.5005.61 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.……

作者：菜鸟教程小白 | 时间：2022-7-29 17:20 | 阅读：819 | 回复：0
CVE-2022-1870

Use after free in App Service in Google Chrome prior to 102.0.5005.61 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted Chr ...……

作者：菜鸟教程小白 | 时间：2022-7-29 17:20 | 阅读：896 | 回复：0
CVE-2022-1871

Insufficient policy enforcement in File System API in Google Chrome prior to 102.0.5005.61 allowed an attacker who convinced a user to install a malicious extension to bypass file system policy via a ...……

作者：菜鸟教程小白 | 时间：2022-7-29 17:20 | 阅读：814 | 回复：0
CVE-2022-1872

Insufficient policy enforcement in Extensions API in Google Chrome prior to 102.0.5005.61 allowed an attacker who convinced a user to install a malicious extension to bypass downloads policy via a cra ...……

作者：菜鸟教程小白 | 时间：2022-7-29 17:20 | 阅读：1002 | 回复：0
CVE-2022-1873

Insufficient policy enforcement in COOP in Google Chrome prior to 102.0.5005.61 allowed a remote attacker to leak cross-origin data via a crafted HTML page.……

作者：菜鸟教程小白 | 时间：2022-7-29 17:20 | 阅读：1042 | 回复：0
CVE-2022-1874

Insufficient policy enforcement in Safe Browsing in Google Chrome on Mac prior to 102.0.5005.61 allowed a remote attacker to bypass downloads protection policy via a crafted HTML page.……

作者：菜鸟教程小白 | 时间：2022-7-29 17:20 | 阅读：955 | 回复：0
CVE-2022-1875

Inappropriate implementation in PDF in Google Chrome prior to 102.0.5005.61 allowed a remote attacker to leak cross-origin data via a crafted HTML page.……

作者：菜鸟教程小白 | 时间：2022-7-29 17:20 | 阅读：1159 | 回复：0
CVE-2022-1876

Heap buffer overflow in DevTools in Google Chrome prior to 102.0.5005.61 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted ...……

作者：菜鸟教程小白 | 时间：2022-7-29 17:20 | 阅读：1581 | 回复：0
CVE-2021-46830

A path traversal vulnerability exists within GoAnywhere MFT before 6.8.3 that utilize self-registration for the GoAnywhere Web Client. This vulnerability could potentially allow an external user who s ...……

作者：菜鸟教程小白 | 时间：2022-7-29 17:20 | 阅读：1198 | 回复：0
CVE-2021-33371

A stored cross-site scripting (XSS) vulnerability in /nav_bar_action.php of Student Management System v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into ...……

作者：菜鸟教程小白 | 时间：2022-7-29 17:20 | 阅读：796 | 回复：0
CVE-2022-34009

Fossil 2.18 on Windows allows attackers to cause a denial of service (daemon crash) via an XSS payload in a ticket. This occurs because the ticket data is stored in a temporary file, and the product d ...……

作者：菜鸟教程小白 | 时间：2022-7-29 17:20 | 阅读：777 | 回复：0
CVE-2022-34140

A stored cross-site scripting (XSS) vulnerability in /index.php?r=site%2Fsignup of Feehi CMS v2.1.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the us ...……

作者：菜鸟教程小白 | 时间：2022-7-29 17:20 | 阅读：741 | 回复：0
CVE-2022-1919

Use after free in Codecs in Google Chrome prior to 101.0.4951.41 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.……

作者：菜鸟教程小白 | 时间：2022-7-29 17:20 | 阅读：688 | 回复：0
CVE-2022-2007

Use after free in WebGPU in Google Chrome prior to 102.0.5005.115 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.……

作者：菜鸟教程小白 | 时间：2022-7-29 17:20 | 阅读：682 | 回复：0
CVE-2022-2008

Double free in WebGL in Google Chrome prior to 102.0.5005.115 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.……

作者：菜鸟教程小白 | 时间：2022-7-29 17:20 | 阅读：659 | 回复：0
CVE-2022-2010

Out of bounds read in compositing in Google Chrome prior to 102.0.5005.115 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML ...……

作者：菜鸟教程小白 | 时间：2022-7-29 17:20 | 阅读：957 | 回复：0