• 设为首页
  • 点击收藏
  • 手机版
    手机扫一扫访问
    迪恩网络手机版
  • 关注官方公众号
    微信扫一扫关注
    公众号

漏洞

RSS

下级分类:

  • CVE-2022-34520
    CVE-2022-34520
    Radare2 v5.7.2 was discovered to contain a NULL pointer dereference via the function r_bin_file_xtr_load_buffer at bin/bfile.c. This vulnerability allows attackers to cause a Denial of Service (DOS) v ...……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:18 | 阅读:1167 | 回复:0
  • CVE-2022-34509
    CVE-2022-34509
    The wikifaces package in PyPI v1.0 included a code execution backdoor inserted by a third party.……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:18 | 阅读:667 | 回复:0
  • CVE-2022-34503
    CVE-2022-34503
    QPDF v8.4.2 was discovered to contain a heap buffer overflow via the function QPDF::processXRefStream. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted PDF file.……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:18 | 阅读:701 | 回复:0
  • CVE-2022-34502
    CVE-2022-34502
    Radare2 v5.7.0 was discovered to contain a heap buffer overflow via the function consume_encoded_name_new at format/wasm/wasm.c. This vulnerability allows attackers to cause a Denial of Service (DoS) ...……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:18 | 阅读:1069 | 回复:0
  • CVE-2022-34501
    CVE-2022-34501
    The bin-collection package in PyPI before v0.1 included a code execution backdoor inserted by a third party.……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:18 | 阅读:757 | 回复:0
  • CVE-2022-34500
    CVE-2022-34500
    The bin-collect package in PyPI before v0.1 included a code execution backdoor inserted by a third party.……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:18 | 阅读:595 | 回复:0
  • CVE-2022-34037
    CVE-2022-34037
    An out-of-bounds read in the rewrite function at /modules/caddyhttp/rewrite/rewrite.go in Caddy v2.5.1 allows attackers to cause a Denial of Service (DoS) via a crafted URI.……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:18 | 阅读:544 | 回复:0
  • CVE-2022-2470
    CVE-2022-2470
    Cross-site Scripting (XSS) - Reflected in GitHub repository microweber/microweber prior to 1.2.21.……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:18 | 阅读:542 | 回复:0
  • CVE-2022-2143
    CVE-2022-2143
    The affected product is vulnerable to two instances of command injection, which may allow an attacker to remotely execute arbitrary code.……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:18 | 阅读:895 | 回复:0
  • CVE-2022-2142
    CVE-2022-2142
    The affected product is vulnerable to a SQL injection with high attack complexity, which may allow an unauthorized attacker to disclose information.……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:18 | 阅读:919 | 回复:0
  • CVE-2022-2139
    CVE-2022-2139
    The affected product is vulnerable to directory traversal, which may allow an attacker to access unauthorized files and execute arbitrary code.……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:18 | 阅读:1012 | 回复:0
  • CVE-2022-2138
    CVE-2022-2138
    The affected product is vulnerable due to missing authentication, which may allow an attacker to read or modify sensitive data and execute arbitrary code, resulting in a denial-of-service condition.……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:18 | 阅读:671 | 回复:0
  • CVE-2022-2137
    CVE-2022-2137
    The affected product is vulnerable to two SQL injections that require high privileges for exploitation and may allow an unauthorized attacker to disclose information……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:18 | 阅读:745 | 回复:0
  • CVE-2022-2136
    CVE-2022-2136
    The affected product is vulnerable to multiple SQL injections that require low privileges for exploitation and may allow an unauthorized attacker to disclose information.……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:18 | 阅读:665 | 回复:0
  • CVE-2022-2135
    CVE-2022-2135
    The affected product is vulnerable to multiple SQL injections, which may allow an unauthorized attacker to disclose information.……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:18 | 阅读:575 | 回复:0
  • CVE-2022-1655
    CVE-2022-1655
    An Incorrect Permission Assignment for Critical Resource flaw was found in Horizon on Red Hat OpenStack. Horizon session cookies are created without the HttpOnly flag despite HorizonSecureCookies bein ...……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:18 | 阅读:985 | 回复:0
  • CVE-2021-36200
    CVE-2021-36200
    Under certain circumstances an unauthenticated user could access the the web API for Metasys ADS/ADX/OAS 10 versions prior to 10.1.6 and 11 versions prior to 11.0.2 and enumerate users.……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:18 | 阅读:685 | 回复:0
  • CVE-2022-36131
    CVE-2022-36131
    The Better PDF Exporter add-on 10.0.0 for Atlassian Jira is prone to stored XSS via a crafted description to the PDF Templates overview page.……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:18 | 阅读:652 | 回复:0
  • CVE-2022-31168
    CVE-2022-31168
    Zulip is an open source team chat tool. Due to an incorrect authorization check in Zulip Server 5.4 and earlier, a member of an organization could craft an API call that grants organization administra ...……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:18 | 阅读:597 | 回复:0
  • CVE-2022-2209
    CVE-2022-2209
    ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. Reason: This CVE has been rejected as it was incorrectly assigned. All references and descriptions in this candidate have been removed to prevent acciden ...……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:18 | 阅读:540 | 回复:0
  • CVE-2022-2327
    CVE-2022-2327
    io_uring use work_flags to determine which identity need to grab from the calling process to make sure it is consistent with the calling process when executing IORING_OP. Some operations are missing s ...……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:18 | 阅读:919 | 回复:0
  • CVE-2022-31172
    CVE-2022-31172
    OpenZeppelin Contracts is a library for smart contract development. Versions 4.1.0 until 4.7.1 are vulnerable to the SignatureChecker reverting. `SignatureChecker.isValidSignatureNow` is not expected ...……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:18 | 阅读:633 | 回复:0
  • CVE-2022-31170
    CVE-2022-31170
    OpenZeppelin Contracts is a library for smart contract development. Versions 4.0.0 until 4.7.1 are vulnerable to ERC165Checker reverting instead of returning `false`. `ERC165Checker.supportsInterface` ...……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:18 | 阅读:590 | 回复:0
  • CVE-2022-31169
    CVE-2022-31169
    Wasmtime is a standalone runtime for WebAssembly. There is a bug in Wasmtime's code generator, Cranelift, for AArch64 targets where constant divisors can result in incorrect division results at ru ...……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:18 | 阅读:707 | 回复:0
  • CVE-2022-31164
    CVE-2022-31164
    Tovy is a a staff management system for Roblox groups. A vulnerability in versions prior to 0.7.51 allows users to log in as other users, including privileged users such as the other of the instance. ...……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:18 | 阅读:572 | 回复:0
  • CVE-2022-31163
    CVE-2022-31163
    TZInfo is a Ruby library that provides access to time zone data and allows times to be converted using time zone rules. Versions prior to 0.36.1, as well as those prior to 1.2.10 when used with the Ru ...……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:18 | 阅读:915 | 回复:0
  • CVE-2022-31162
    CVE-2022-31162
    Slack Morphism is an async client library for Rust. Prior to 0.41.0, it was possible for Slack OAuth client information to leak in application debug logs. Stricter and more secure debug formatting was ...……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:18 | 阅读:709 | 回复:0
  • CVE-2022-2495
    CVE-2022-2495
    Cross-site Scripting (XSS) - Stored in GitHub repository microweber/microweber prior to 1.2.21.……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:18 | 阅读:827 | 回复:0
  • CVE-2022-2494
    CVE-2022-2494
    Cross-site Scripting (XSS) - Stored in GitHub repository openemr/openemr prior to 7.0.0.……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:18 | 阅读:849 | 回复:0
  • CVE-2022-2493
    CVE-2022-2493
    Data Access from Outside Expected Data Manager Component in GitHub repository openemr/openemr prior to 7.0.0.……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:18 | 阅读:1041 | 回复:0
  • CVE-2022-20916
    CVE-2022-20916
    A vulnerability in the web-based management interface of Cisco IoT Control Center could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the i ...……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:18 | 阅读:775 | 回复:0
  • CVE-2022-20913
    CVE-2022-20913
    A vulnerability in Cisco Nexus Dashboard could allow an authenticated, remote attacker to write arbitrary files on an affected device. This vulnerability is due to insufficient input validation in the ...……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:18 | 阅读:631 | 回复:0
  • CVE-2022-20912
    CVE-2022-20912
    Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to execute arbitrary code ...……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:18 | 阅读:632 | 回复:0
  • CVE-2022-20911
    CVE-2022-20911
    Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to execute arbitrary code ...……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:18 | 阅读:1205 | 回复:0
  • CVE-2022-20910
    CVE-2022-20910
    Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to execute arbitrary code ...……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:18 | 阅读:643 | 回复:0
  • CVE-2022-20909
    CVE-2022-20909
    Multiple vulnerabilities in Cisco Nexus Dashboard could allow an authenticated, local attacker to elevate privileges on an affected device. These vulnerabilities are due to insufficient input validati ...……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:18 | 阅读:701 | 回复:0
  • CVE-2022-20908
    CVE-2022-20908
    Multiple vulnerabilities in Cisco Nexus Dashboard could allow an authenticated, local attacker to elevate privileges on an affected device. These vulnerabilities are due to insufficient input validati ...……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:18 | 阅读:627 | 回复:0
  • CVE-2022-20907
    CVE-2022-20907
    Multiple vulnerabilities in Cisco Nexus Dashboard could allow an authenticated, local attacker to elevate privileges on an affected device. These vulnerabilities are due to insufficient input validati ...……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:18 | 阅读:617 | 回复:0
  • CVE-2022-20906
    CVE-2022-20906
    Multiple vulnerabilities in Cisco Nexus Dashboard could allow an authenticated, local attacker to elevate privileges on an affected device. These vulnerabilities are due to insufficient input validati ...……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:18 | 阅读:697 | 回复:0
  • CVE-2022-20904
    CVE-2022-20904
    Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to execute arbitrary code ...……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:18 | 阅读:784 | 回复:0

关注我们

极客给你想要的成长

关注极客中国获取最新资讯

热门推荐
阅读排行榜

扫描微信二维码

查看手机版网站

随时了解更新最新资讯

139-2527-9053

在线客服(服务时间 9:00~18:00)

在线QQ客服
地址:深圳市南山区西丽大学城创智工业园
电邮:jeky_zhao#qq.com
移动电话:139-2527-9053

Powered by 互联科技 X3.4© 2001-2213 极客世界.|Sitemap