• 设为首页
  • 点击收藏
  • 手机版
    手机扫一扫访问
    迪恩网络手机版
  • 关注官方公众号
    微信扫一扫关注
    公众号

漏洞

RSS

下级分类:

  • CVE-2022-21429
    CVE-2022-21429
    Vulnerability in the Oracle Communications Billing and Revenue Management product of Oracle Communications Applications (component: Billing Care). Supported versions that are affected are 12.0.0.4.0-1 ...……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:17 | 阅读:1404 | 回复:0
  • CVE-2022-21428
    CVE-2022-21428
    Vulnerability in the Oracle FLEXCUBE Universal Banking product of Oracle Financial Services Applications (component: Infrastructure). Supported versions that are affected are 12.1-12.4, 14.0-14.3 and ...……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:17 | 阅读:1189 | 回复:0
  • CVE-2022-31150
    CVE-2022-31150
    undici is an HTTP/1.1 client, written from scratch for Node.js. It is possible to inject CRLF sequences into request headers in undici in versions less than 5.7.1. A fix was released in version 5.8.0. ...……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:17 | 阅读:726 | 回复:0
  • CVE-2022-31144
    CVE-2022-31144
    Redis is an in-memory database that persists on disk. A specially crafted `XAUTOCLAIM` command on a stream key in a specific state may result with heap overflow, and potentially remote code execution. ...……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:17 | 阅读:560 | 回复:0
  • CVE-2022-34540
    CVE-2022-34540
    Digital Watchdog DW MEGApix IP cameras A7.2.2_20211029 was discovered to contain a command injection vulnerability in the component /admin/vca/license/license_tok.cgi. This vulnerability is exploitabl ...……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:17 | 阅读:575 | 回复:0
  • CVE-2022-34539
    CVE-2022-34539
    Digital Watchdog DW MEGApix IP cameras A7.2.2_20211029 was discovered to contain a command injection vulnerability in the component /admin/curltest.cgi. This vulnerability is exploitable via a crafted ...……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:17 | 阅读:731 | 回复:0
  • CVE-2022-34538
    CVE-2022-34538
    Digital Watchdog DW MEGApix IP cameras A7.2.2_20211029 was discovered to contain a command injection vulnerability in the component /admin/vca/bia/addacph.cgi. This vulnerability is exploitable via a ...……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:17 | 阅读:848 | 回复:0
  • CVE-2022-34537
    CVE-2022-34537
    Digital Watchdog DW MEGApix IP cameras A7.2.2_20211029 was discovered to contain a cross-site scripting (XSS) vulnerability via the component bia_oneshot.cgi.……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:17 | 阅读:809 | 回复:0
  • CVE-2022-34536
    CVE-2022-34536
    Digital Watchdog DW MEGApix IP cameras A7.2.2_20211029 allows attackers to access the core log file and perform session hijacking via a crafted session token.……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:17 | 阅读:792 | 回复:0
  • CVE-2022-34535
    CVE-2022-34535
    Digital Watchdog DW MEGApix IP cameras A7.2.2_20211029 allows unauthenticated attackers to view internal paths and scripts via web files.……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:17 | 阅读:569 | 回复:0
  • CVE-2022-34534
    CVE-2022-34534
    Digital Watchdog DW Spectrum Server 4.2.0.32842 allows attackers to access sensitive infromation via a crafted API call.……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:17 | 阅读:890 | 回复:0
  • CVE-2022-34266
    CVE-2022-34266
    The libtiff-4.0.3-35.amzn2.0.1 package for LibTIFF on Amazon Linux 2 allows attackers to cause a denial of service (application crash), a different vulnerability than CVE-2022-0562. When processing a ...……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:17 | 阅读:554 | 回复:0
  • CVE-2022-2476
    CVE-2022-2476
    A null pointer dereference bug was found in wavpack-5.4.0 The results from the ASAN log: AddressSanitizer:DEADLYSIGNAL ===================================================================84257==ERROR: ...……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:17 | 阅读:498 | 回复:0
  • CVE-2022-2122
    CVE-2022-2122
    DOS / potential heap overwrite in qtdemux using zlib decompression. Integer overflow in qtdemux element in qtdemux_inflate function which causes a segfault, or could cause a heap overwrite, depending ...……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:17 | 阅读:528 | 回复:0
  • CVE-2022-1925
    CVE-2022-1925
    DOS / potential heap overwrite in mkv demuxing using HEADERSTRIP decompression. Integer overflow in matroskaparse element in gst_matroska_decompress_data function which causes a heap overflow. Due to ...……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:17 | 阅读:522 | 回复:0
  • CVE-2022-1924
    CVE-2022-1924
    DOS / potential heap overwrite in mkv demuxing using lzo decompression. Integer overflow in matroskademux element in lzo decompression function which causes a segfault, or could cause a heap overwrite ...……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:17 | 阅读:751 | 回复:0
  • CVE-2022-1923
    CVE-2022-1923
    DOS / potential heap overwrite in mkv demuxing using bzip decompression. Integer overflow in matroskademux element in bzip decompression function which causes a segfault, or could cause a heap overwri ...……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:17 | 阅读:608 | 回复:0
  • CVE-2022-1922
    CVE-2022-1922
    DOS / potential heap overwrite in mkv demuxing using zlib decompression. Integer overflow in matroskademux element in gst_matroska_decompress_data function which causes a segfault, or could cause a he ...……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:17 | 阅读:568 | 回复:0
  • CVE-2022-1921
    CVE-2022-1921
    Integer overflow in avidemux element in gst_avi_demux_invert function which allows a heap overwrite while parsing avi files. Potential for arbitrary code execution through heap overwrite.……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:17 | 阅读:1051 | 回复:0
  • CVE-2022-1920
    CVE-2022-1920
    Integer overflow in matroskademux element in gst_matroska_demux_add_wvpk_header function which allows a heap overwrite while parsing matroska files. Potential for arbitrary code execution through heap ...……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:17 | 阅读:564 | 回复:0
  • CVE-2022-36305
    CVE-2022-36305
    Vesta v1.0.0-5 was discovered to contain a cross-site scripting (XSS) vulnerability via the body function at /web/api/v1/upload/UploadHandler.php.……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:17 | 阅读:634 | 回复:0
  • CVE-2022-36304
    CVE-2022-36304
    Vesta v1.0.0-5 was discovered to contain a cross-site scripting (XSS) vulnerability via the generate_response function at /web/api/v1/upload/UploadHandler.php.……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:17 | 阅读:537 | 回复:0
  • CVE-2022-36303
    CVE-2022-36303
    Vesta v1.0.0-5 was discovered to contain a cross-site scripting (XSS) vulnerability via the handle_file_upload function at /web/api/v1/upload/UploadHandler.php.……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:17 | 阅读:532 | 回复:0
  • CVE-2022-34025
    CVE-2022-34025
    Vesta v1.0.0-5 was discovered to contain a cross-site scripting (XSS) vulnerability via the post function at /web/api/v1/upload/UploadHandler.php.……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:17 | 阅读:525 | 回复:0
  • CVE-2022-34169
    CVE-2022-34169
    The Apache Xalan Java XSLT library is vulnerable to an integer truncation issue when processing malicious XSLT stylesheets. This can be used to corrupt Java class files generated by the internal XSLTC ...……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:17 | 阅读:604 | 回复:0
  • CVE-2022-34024
    CVE-2022-34024
    Barangay Management System v1.0 was discovered to contain an arbitrary file upload vulnerability via the resident module editing function at /bmis/pages/resident/resident.php.……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:17 | 阅读:586 | 回复:0
  • CVE-2022-30570
    CVE-2022-30570
    The Column Based Security component of TIBCO Software Inc.'s TIBCO Data Virtualization and TIBCO Data Virtualization for AWS Marketplace contains an easily exploitable vulnerability that allows a ...……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:17 | 阅读:1087 | 回复:0
  • CVE-2022-2394
    CVE-2022-2394
    Puppet Bolt prior to version 3.24.0 will print sensitive parameters when planning a run resulting in them potentially being logged when run programmatically, such as via Puppet Enterprise.……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:17 | 阅读:624 | 回复:0
  • CVE-2022-27373
    CVE-2022-27373
    Shanghai Feixun Data Communication Technology Co., Ltd router fir302b A2 was discovered to contain a remote command execution (RCE) vulnerability via the Ping function.……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:17 | 阅读:617 | 回复:0
  • CVE-2022-34023
    CVE-2022-34023
    Barangay Management System v1.0 was discovered to contain a SQL injection vulnerability via the hidden_id parameter at /officials/officials.php.……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:17 | 阅读:783 | 回复:0
  • CVE-2022-34001
    CVE-2022-34001
    Unit4 ERP through 7.9 allows XXE via ExecuteServerProcessAsynchronously.……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:17 | 阅读:590 | 回复:0
  • CVE-2022-22417
    CVE-2022-22417
    IBM Sterling Partner Engagement Manager 6.1.2, 6.2, and Cloud/SasS 22.2 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus alt ...……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:17 | 阅读:549 | 回复:0
  • CVE-2022-22416
    CVE-2022-22416
    IBM Sterling Partner Engagement Manager 6.1.2, 6.2, and Cloud/SasS 22.2 is vulnerable to server-side request forgery (SSRF). This may allow an authenticated attacker to send unauthorized requests from ...……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:17 | 阅读:646 | 回复:0
  • CVE-2022-22360
    CVE-2022-22360
    IBM Sterling Partner Engagement Manager 6.1.2, 6.2, and Cloud/SasS 22.2 could allow a remote authenticated attacker to conduct an LDAP injection. By using a specially crafted request, an attacker coul ...……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:17 | 阅读:797 | 回复:0
  • CVE-2022-22359
    CVE-2022-22359
    IBM Sterling Partner Engagement Manager 6.1.2, 6.2, and Cloud/SasS 22.2 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmit ...……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:17 | 阅读:590 | 回复:0
  • CVE-2022-22358
    CVE-2022-22358
    IBM Sterling Partner Engagement Manager 6.1.2, 6.2, and Cloud/SasS 22.2 is vulnerable to an XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vu ...……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:17 | 阅读:1303 | 回复:0
  • CVE-2022-35912
    CVE-2022-35912
    In grails-databinding in Grails before 3.3.15, 4.x before 4.1.1, 5.x before 5.1.9, and 5.2.x before 5.2.1 (at least when certain Java 8 configurations are used), data binding allows a remote attacker ...……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:17 | 阅读:698 | 回复:0
  • CVE-2022-2469
    CVE-2022-2469
    GNU SASL libgsasl server-side read-out-of-bounds with malicious authenticated GSS-API client……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:17 | 阅读:588 | 回复:0
  • CVE-2022-27580
    CVE-2022-27580
    A deserialization vulnerability in a .NET framework class used and not properly checked by Safety Designer all versions up to and including 1.11.0 allows an attacker to craft malicious project files. ...……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:17 | 阅读:807 | 回复:0
  • CVE-2022-27579
    CVE-2022-27579
    A deserialization vulnerability in a .NET framework class used and not properly checked by Flexi Soft Designer in all versions up to and including 1.9.4 SP1 allows an attacker to craft malicious proje ...……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:17 | 阅读:803 | 回复:0

关注我们

极客给你想要的成长

关注极客中国获取最新资讯

热门推荐
阅读排行榜

扫描微信二维码

查看手机版网站

随时了解更新最新资讯

139-2527-9053

在线客服(服务时间 9:00~18:00)

在线QQ客服
地址:深圳市南山区西丽大学城创智工业园
电邮:jeky_zhao#qq.com
移动电话:139-2527-9053

Powered by 互联科技 X3.4© 2001-2213 极客世界.|Sitemap