漏洞 - 第29页-OStack程序员社区-中国程序员成长平台

OStack程序员社区-中国程序员成长平台 › 门户 ›漏洞

漏洞

RSS

下级分类:

CVE漏洞

CVE-2022-27545

BigFix Web Reports authorized users may perform HTML injection for the email administrative configuration page.……

作者：菜鸟教程小白 | 时间：2022-7-29 17:17 | 阅读：651 | 回复：0
CVE漏洞

CVE-2022-27544

BigFix Web Reports authorized users may see SMTP credentials in clear text.……

作者：菜鸟教程小白 | 时间：2022-7-29 17:17 | 阅读：707 | 回复：0
CVE漏洞

CVE-2022-35405

Zoho ManageEngine Password Manager Pro before 12101 and PAM360 before 5510 are vulnerable to unauthenticated remote code execution. (This also affects ManageEngine Access Manager Plus before 4303 with ...……

作者：菜鸟教程小白 | 时间：2022-7-29 17:17 | 阅读：1125 | 回复：0
CVE漏洞

CVE-2022-2193

Insecure Direct Object Reference vulnerability in HYPR Server before version 6.14.1 allows remote authenticated attackers to add a FIDO2 authenticator to arbitrary accounts via parameter tampering in ...……

作者：菜鸟教程小白 | 时间：2022-7-29 17:17 | 阅读：1226 | 回复：0
CVE漏洞

CVE-2022-2192

Forced Browsing vulnerability in HYPR Server version 6.10 to 6.15.1 allows remote attackers with a valid one-time recovery token to elevate privileges via path tampering in the Magic Link page. This i ...……

作者：菜鸟教程小白 | 时间：2022-7-29 17:16 | 阅读：1064 | 回复：0
CVE漏洞

CVE-2022-24082

If an on-premise installation of the Pega Platform is configured with the port for the JMX interface exposed to the Internet and port filtering is not properly configured, then it may be possible to u ...……

作者：菜鸟教程小白 | 时间：2022-7-29 17:16 | 阅读：915 | 回复：0
CVE漏洞

CVE-2022-1984

This issue affects: HYPR Windows WFA versions prior to 7.2; Unsafe Deserialization vulnerability in HYPR Workforce Access (WFA) before version 7.2 may allow local authenticated attackers to elevate pr ...……

作者：菜鸟教程小白 | 时间：2022-7-29 17:16 | 阅读：1307 | 回复：0
CVE漏洞

CVE-2021-32504

Unauthenticated users can access sensitive web URLs through GET request, which should be restricted to maintenance users only. A malicious attacker could use this sensitive information’s to launch fu ...……

作者：菜鸟教程小白 | 时间：2022-7-29 17:16 | 阅读：788 | 回复：0
CVE漏洞

CVE-2022-30302

Multiple relative path traversal vulnerabilities in FortiDeceptor management interface 1.0.0 through 3.2.x, 3.3.0 through 3.3.2, 4.0.0 through 4.0.1 may allow a remote and authenticated attacker to r ...……

作者：菜鸟教程小白 | 时间：2022-7-29 17:16 | 阅读：609 | 回复：0
CVE漏洞

CVE-2022-30301

A path traversal vulnerability in FortiAP-U CLI 6.2.0 through 6.2.3, 6.0.0 through 6.0.4, 5.4.0 through 5.4.6 may allow an admin user to delete and access unauthorized files and data via specifically ...……

作者：菜鸟教程小白 | 时间：2022-7-29 17:16 | 阅读：1029 | 回复：0
CVE漏洞

CVE-2022-2454

Integer Overflow or Wraparound in GitHub repository gpac/gpac prior to 2.1-DEV.……

作者：菜鸟教程小白 | 时间：2022-7-29 17:16 | 阅读：1018 | 回复：0
CVE漏洞

CVE-2022-2453

Use After Free in GitHub repository gpac/gpac prior to 2.1-DEV.……

作者：菜鸟教程小白 | 时间：2022-7-29 17:16 | 阅读：605 | 回复：0
CVE漏洞

CVE-2022-29060

A use of hard-coded cryptographic key vulnerability in FortiDDoS API 5.5.0 through 5.5.1, 5.4.0 through 5.4.2, 5.3.0 through 5.3.1, 5.2.0, 5.1.0 may allow an attacker who managed to retrieve the key ...……

作者：菜鸟教程小白 | 时间：2022-7-29 17:16 | 阅读：617 | 回复：0
CVE漏洞

CVE-2022-29057

A improper neutralization of input during web page generation ('cross-site scripting') in Fortinet FortiEDR version 5.1.0, 5.0.0 through 5.0.3 Patch 6 and 4.0.0 allows a remote authenticated a ...……

作者：菜鸟教程小白 | 时间：2022-7-29 17:16 | 阅读：698 | 回复：0
CVE漏洞

CVE-2022-27483

A improper neutralization of special elements used in an os command ('os command injection') in Fortinet FortiManager version 7.0.0 through 7.0.3, 6.4.0 through 6.4.7, 6.2.x and 6.0.x and Fort ...……

作者：菜鸟教程小白 | 时间：2022-7-29 17:16 | 阅读：953 | 回复：0
CVE漏洞

CVE-2022-26113

An execution with unnecessary privileges vulnerability in FortiClientWindows 7.0.0 through 7.0.3, 6.4.0 through 6.4.7, 6.2.0 through 6.2.9, 6.0.0 through 6.0.10 may allow a local attacker to perform ...……

作者：菜鸟教程小白 | 时间：2022-7-29 17:16 | 阅读：1221 | 回复：0
CVE漏洞

CVE-2022-2468

A vulnerability was found in SourceCodester Garage Management System 1.0 and classified as critical. This issue affects some unknown processing of the file /editbrand.php. The manipulation of the argu ...……

作者：菜鸟教程小白 | 时间：2022-7-29 17:16 | 阅读：566 | 回复：0
CVE漏洞

CVE-2022-2467

A vulnerability has been found in SourceCodester Garage Management System 1.0 and classified as critical. This vulnerability affects unknown code of the file /login.php. The manipulation of the argume ...……

作者：菜鸟教程小白 | 时间：2022-7-29 17:16 | 阅读：1051 | 回复：0
CVE漏洞

CVE-2022-30532

In affected versions of Octopus Deploy, there is no logging of changes to artifacts within Octopus Deploy.……

作者：菜鸟教程小白 | 时间：2022-7-29 17:16 | 阅读：1312 | 回复：0
CVE漏洞

CVE-2022-30526

A privilege escalation vulnerability was identified in the CLI command of Zyxel USG FLEX 100(W) firmware versions 4.50 through 5.30, USG FLEX 200 firmware versions 4.50 through 5.30, USG FLEX 500 firm ...……

作者：菜鸟教程小白 | 时间：2022-7-29 17:16 | 阅读：598 | 回复：0
CVE漏洞

CVE-2022-2030

A directory traversal vulnerability caused by specific character sequences within an improperly sanitized URL was identified in some CGI programs of Zyxel USG FLEX 100(W) firmware versions 4.50 throug ...……

作者：菜鸟教程小白 | 时间：2022-7-29 17:16 | 阅读：1032 | 回复：0
CVE漏洞

CVE-2022-34643

RISCV ISA Sim commit ac466a21df442c59962589ba296c702631e041b5 implements the incorrect exception priotrity when accessing memory.……

作者：菜鸟教程小白 | 时间：2022-7-29 17:16 | 阅读：686 | 回复：0
CVE漏洞

CVE-2022-34642

The component mcontrol.action in RISCV ISA Sim commit ac466a21df442c59962589ba296c702631e041b5 contains the incorrect mask which can cause a Denial of Service (DoS).……

作者：菜鸟教程小白 | 时间：2022-7-29 17:16 | 阅读：740 | 回复：0
CVE漏洞

CVE-2022-34641

CVA6 commit d315ddd0f1be27c1b3f27eb0b8daf471a952299a and RISCV-Boom commit ad64c5419151e5e886daee7084d8399713b46b4b implements the incorrect exception type when a PMP violation occurs during address t ...……

作者：菜鸟教程小白 | 时间：2022-7-29 17:16 | 阅读：688 | 回复：0
CVE漏洞

CVE-2022-34640

The *tval of ecall/ebreak in CVA6 commit d315ddd0f1be27c1b3f27eb0b8daf471a952299a was discovered to be incorrect.……

作者：菜鸟教程小白 | 时间：2022-7-29 17:16 | 阅读：790 | 回复：0
CVE漏洞

CVE-2022-34639

CVA6 commit d315ddd0f1be27c1b3f27eb0b8daf471a952299a treats non-standard fence instructions as illegal which can affect the function of the application.……

作者：菜鸟教程小白 | 时间：2022-7-29 17:16 | 阅读：998 | 回复：0
CVE漏洞

CVE-2022-34637

CVA6 commit d315ddd0f1be27c1b3f27eb0b8daf471a952299a implements an incorrect exception type when an illegal virtual address is loaded.……

作者：菜鸟教程小白 | 时间：2022-7-29 17:16 | 阅读：836 | 回复：0
CVE漏洞

CVE-2022-34636

CVA6 commit d315ddd0f1be27c1b3f27eb0b8daf471a952299a and RISCV-Boom commit ad64c5419151e5e886daee7084d8399713b46b4b implements the incorrect exception type when a PMA violation occurs during address t ...……

作者：菜鸟教程小白 | 时间：2022-7-29 17:16 | 阅读：660 | 回复：0
CVE漏洞

CVE-2022-34635

The mstatus.sd field in CVA6 commit d315ddd0f1be27c1b3f27eb0b8daf471a952299a does not update when the mstatus.fs field is set to Dirty.……

作者：菜鸟教程小白 | 时间：2022-7-29 17:16 | 阅读：587 | 回复：0
CVE漏洞

CVE-2022-34634

CVA6 commit d315ddd0f1be27c1b3f27eb0b8daf471a952299a executes crafted or incorrectly formatted det instructions rather create an exception.……

作者：菜鸟教程小白 | 时间：2022-7-29 17:16 | 阅读：696 | 回复：0
CVE漏洞

CVE-2022-34633

CVA6 commit d315ddd0f1be27c1b3f27eb0b8daf471a952299a executes crafted or incorrectly formatted sfence.vma instructions rather create an exception.……

作者：菜鸟教程小白 | 时间：2022-7-29 17:16 | 阅读：641 | 回复：0
CVE漏洞

CVE-2022-34632

Rocket-Chip commit 4f8114374d8824dfdec03f576a8cd68bebce4e56 was discovered to contain insufficient cryptography via the component /rocket/RocketCore.scala.……

作者：菜鸟教程小白 | 时间：2022-7-29 17:16 | 阅读：703 | 回复：0
CVE漏洞

CVE-2022-34035

HTMLDoc v1.9.12 and below was discovered to contain a heap overflow via e_node htmldoc/htmldoc/html.cxx:588.……

作者：菜鸟教程小白 | 时间：2022-7-29 17:16 | 阅读：742 | 回复：0
CVE漏洞

CVE-2022-34033

HTMLDoc v1.9.15 was discovered to contain a heap overflow via (write_header) /htmldoc/htmldoc/html.cxx:273.……

作者：菜鸟教程小白 | 时间：2022-7-29 17:16 | 阅读：732 | 回复：0
CVE漏洞

CVE-2022-34032

Nginx NJS v0.7.5 was discovered to contain a segmentation violation in the function njs_value_own_enumerate at src/njs_value.c.……

作者：菜鸟教程小白 | 时间：2022-7-29 17:16 | 阅读：544 | 回复：0
CVE漏洞

CVE-2022-34031

Nginx NJS v0.7.5 was discovered to contain a segmentation violation via njs_value_to_number at src/njs_value_conversion.h.……

作者：菜鸟教程小白 | 时间：2022-7-29 17:16 | 阅读：567 | 回复：0
CVE漏洞

CVE-2022-34030

Nginx NJS v0.7.5 was discovered to contain a segmentation violation via njs_djb_hash at src/njs_djb_hash.c.……

作者：菜鸟教程小白 | 时间：2022-7-29 17:16 | 阅读：634 | 回复：0
CVE漏洞

CVE-2022-34029

Nginx NJS v0.7.4 was discovered to contain an out-of-bounds read via njs_scope_value at njs_scope.h.……

作者：菜鸟教程小白 | 时间：2022-7-29 17:16 | 阅读：601 | 回复：0
CVE漏洞

CVE-2022-34028

Nginx NJS v0.7.5 was discovered to contain a segmentation violation via njs_utf8_next at src/njs_utf8.h.……

作者：菜鸟教程小白 | 时间：2022-7-29 17:16 | 阅读：635 | 回复：0
CVE漏洞

CVE-2022-34027

Nginx NJS v0.7.4 was discovered to contain a segmentation violation via njs_value_property at njs_value.c.……

作者：菜鸟教程小白 | 时间：2022-7-29 17:16 | 阅读：941 | 回复：0