• 设为首页
  • 点击收藏
  • 手机版
    手机扫一扫访问
    迪恩网络手机版
  • 关注官方公众号
    微信扫一扫关注
    公众号
登陆 注册
OStack程序员社区-中国程序员成长平台 门户 漏洞

漏洞

RSS

下级分类:

  • CVE-2022-2039
    CVE漏洞
    CVE-2022-2039
    The Free Live Chat Support plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including 1.0.11. This is due to missing nonce protection on the livesupporti_setting ...……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:16 | 阅读:712 | 回复:0
  • CVE-2022-2001
    CVE漏洞
    CVE-2022-2001
    The DX Share Selection plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including 1.4. This is due to missing nonce protection on the dxss_admin_page() function ...……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:16 | 阅读:631 | 回复:0
  • CVE-2022-23745
    CVE漏洞
    CVE-2022-23745
    A potential memory corruption issue was found in Capsule Workspace Android app (running on GrapheneOS). This could result in application crashing but could not be used to gather any sensitive informat ...……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:16 | 阅读:1156 | 回复:0
  • CVE-2022-22304
    CVE漏洞
    CVE-2022-22304
    An improper neutralization of input during web page generation vulnerability in FortiAuthenticator OWA Agent for Microsoft version 2.2 and 2.1 may allow an unauthenticated attacker to perform an XSS ...……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:16 | 阅读:553 | 回复:0
  • CVE-2022-1912
    CVE漏洞
    CVE-2022-1912
    The Button Widget Smartsoft plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.0.1. This is due to missing nonce validation on the smartsoftbutton_set ...……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:16 | 阅读:1095 | 回复:0
  • CVE-2022-1565
    CVE漏洞
    CVE-2022-1565
    The plugin WP All Import is vulnerable to arbitrary file uploads due to missing file type validation via the wp_all_import_get_gz.php file in versions up to, and including, 3.6.7. This makes it possib ...……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:16 | 阅读:964 | 回复:0
  • CVE-2021-44170
    CVE漏洞
    CVE-2021-44170
    A stack-based buffer overflow vulnerability in the command line interpreter of FortiOS before 7.0.4 and FortiProxy before 2.0.8 may allow an authenticated attacker to execute unauthorized code or com ...……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:16 | 阅读:765 | 回复:0
  • CVE-2021-42755
    CVE漏洞
    CVE-2021-42755
    An integer overflow / wraparound vulnerability in FortiSwitch 7.0.2 and below, 6.4.9 and below, 6.2.x, 6.0.x; FortiRecorder 6.4.2 and below, 6.0.10 and below; FortiOS 7.0.2 and below, 6.4.8 and below ...……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:16 | 阅读:1171 | 回复:0
  • CVE-2022-35741
    CVE漏洞
    CVE-2022-35741
    Apache CloudStack version 4.5.0 and later has a SAML 2.0 authentication Service Provider plugin which is found to be vulnerable to XML external entity (XXE) injection. This plugin is not enabled by de ...……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:16 | 阅读:1103 | 回复:0
  • CVE-2022-34902
    CVE漏洞
    CVE-2022-34902
    This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Access 6.5.4 (39316) Agent. An attacker must first obtain the ability to execute low-privileged ...……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:16 | 阅读:621 | 回复:0
  • CVE-2022-34901
    CVE漏洞
    CVE-2022-34901
    This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Access 6.5.4 (39316) Agent. An attacker must first obtain the ability to execute low-privileged ...……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:16 | 阅读:592 | 回复:0
  • CVE-2022-34900
    CVE漏洞
    CVE-2022-34900
    This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Access 6.5.3 (39313) Agent. An attacker must first obtain the ability to execute low-privileged ...……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:16 | 阅读:598 | 回复:0
  • CVE-2022-34899
    CVE漏洞
    CVE-2022-34899
    This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Access 6.5.4 (39316) Agent. An attacker must first obtain the ability to execute low-privileged ...……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:16 | 阅读:1970 | 回复:0
  • CVE-2022-34892
    CVE漏洞
    CVE-2022-34892
    This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop Parallels Desktop 17.1.1. An attacker must first obtain the ability to execute low-privi ...……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:16 | 阅读:540 | 回复:0
  • CVE-2022-34891
    CVE漏洞
    CVE-2022-34891
    This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop Parallels Desktop 17.1.1. An attacker must first obtain the ability to execute low-privi ...……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:16 | 阅读:654 | 回复:0
  • CVE-2022-34890
    CVE漏洞
    CVE-2022-34890
    This vulnerability allows local attackers to disclose sensitive information on affected installations of Parallels Desktop 17.1.1 (51537). An attacker must first obtain the ability to execute low-priv ...……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:16 | 阅读:880 | 回复:0
  • CVE-2022-34889
    CVE漏洞
    CVE-2022-34889
    This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop 17.1.1 (51537). An attacker must first obtain the ability to execute high-privileged cod ...……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:16 | 阅读:660 | 回复:0
  • CVE-2022-2400
    CVE漏洞
    CVE-2022-2400
    External Control of File Name or Path in GitHub repository dompdf/dompdf prior to 2.0.0.……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:16 | 阅读:888 | 回复:0
  • CVE-2022-23142
    CVE漏洞
    CVE-2022-23142
    ZXEN CG200 has a DoS vulnerability. An attacker could construct and send a large number of HTTP GET requests in a short time, which can make the product management websites not accessible.……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:16 | 阅读:561 | 回复:0
  • CVE-2021-33656
    CVE漏洞
    CVE-2021-33656
    When setting font with malicous data by ioctl cmd PIO_FONT,kernel will write memory out of bounds.……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:16 | 阅读:624 | 回复:0
  • CVE-2021-33655
    CVE漏洞
    CVE-2021-33655
    When sending malicous data to kernel by ioctl cmd FBIOPUT_VSCREENINFO,kernel will write memory out of bounds.……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:16 | 阅读:618 | 回复:0
  • CVE-2022-35404
    CVE漏洞
    CVE-2022-35404
    ManageEngine Password Manager Pro 12100 and prior and OPManager 126100 and prior are vulnerable to unauthorized file and directory creation on a server machine.……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:16 | 阅读:1567 | 回复:0
  • CVE-2022-32450
    CVE漏洞
    CVE-2022-32450
    AnyDesk 7.0.9 allows a local user to gain SYSTEM privileges via a symbolic link because the user can write to their own %APPDATA% folder (used for ad.trace and chat) but the product runs as SYSTEM whe ...……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:16 | 阅读:806 | 回复:0
  • CVE-2022-30627
    CVE漏洞
    CVE-2022-30627
    This vulnerability affects all of the company's products that also include the FW versions: update_i90_cv2.021_b20210104, update_i50_v1.0.55_b20200509, update_x6_v2.1.2_b202001127, update_b5_v2.0. ...……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:16 | 阅读:596 | 回复:0
  • CVE-2022-30626
    CVE漏洞
    CVE-2022-30626
    Browsing the path: http://ip/wifi_ap_pata_get.cmd, will show in the name of the existing access point on the component, and a password in clear text.……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:16 | 阅读:1113 | 回复:0
  • CVE-2022-30625
    CVE漏洞
    CVE-2022-30625
    Directory listing is a web server function that displays the directory contents when there is no index file in a specific website directory. A directory listing provides an attacker with the complete ...……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:16 | 阅读:577 | 回复:0
  • CVE-2022-30624
    CVE漏洞
    CVE-2022-30624
    Browsing the admin.html page allows the user to reset the admin password. Also appears in the JS code for the password.……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:16 | 阅读:661 | 回复:0
  • CVE-2022-30623
    CVE漏洞
    CVE-2022-30623
    The server checks the user's cookie in a non-standard way, and a value is entered in the cookie value name of the status and its value is set to true to bypass the identification with the system u ...……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:16 | 阅读:639 | 回复:0
  • CVE-2022-30621
    CVE漏洞
    CVE-2022-30621
    Allows a remote user to read files on the camera's OS GetFileContent.cgi. Reading arbitrary files on the camera's OS as root user.……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:16 | 阅读:1761 | 回复:0
  • CVE-2022-30620
    CVE漏洞
    CVE-2022-30620
    On Cellinx Camera with guest enabled, attacker with web access can elevate privileges to administrative: 1 to 0 privileges by changing the following cookie values from is_admin, showConfig. Administra ...……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:16 | 阅读:551 | 回复:0
  • CVE-2022-24692
    CVE漏洞
    CVE-2022-24692
    An issue was discovered in DSK DSKNet 2.16.136.0 and 2.17.136.5. The new menu option within the general Parameters page is vulnerable to stored XSS. The attacker can create a menu option, make it visi ...……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:16 | 阅读:573 | 回复:0
  • CVE-2022-24691
    CVE漏洞
    CVE-2022-24691
    An issue was discovered in DSK DSKNet 2.16.136.0 and 2.17.136.5. A SQL Injection vulnerability allows authenticated users to taint database data and extract sensitive information via crafted HTTP requ ...……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:16 | 阅读:1176 | 回复:0
  • CVE-2022-24690
    CVE漏洞
    CVE-2022-24690
    An issue was discovered in DSK DSKNet 2.16.136.0 and 2.17.136.5. A PresAbs.php SQL Injection vulnerability allows unauthenticated users to taint database data and extract sensitive information via cra ...……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:16 | 阅读:814 | 回复:0
  • CVE-2022-24689
    CVE漏洞
    CVE-2022-24689
    An issue was discovered in DSK DSKNet 2.16.136.0 and 2.17.136.5. It mishandles access control. This allows a remote attacker to access account information pages (including personal data) without being ...……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:16 | 阅读:574 | 回复:0
  • CVE-2022-24688
    CVE漏洞
    CVE-2022-24688
    An issue was discovered in DSK DSKNet 2.16.136.0 and 2.17.136.5. The Touch settings allow unrestricted file upload (and consequently Remote Code Execution) via PDF upload with PHP content and a .php e ...……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:16 | 阅读:803 | 回复:0
  • CVE-2022-36127
    CVE漏洞
    CVE-2022-36127
    A vulnerability in Apache SkyWalking NodeJS Agent prior to 0.5.1. The vulnerability will cause NodeJS services that has this agent installed to be unavailable if the OAP is unhealthy and NodeJS agent ...……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:16 | 阅读:689 | 回复:0
  • CVE-2016-15003
    CVE漏洞
    CVE-2016-15003
    A vulnerability has been found in FileZilla Client 3.17.0.0 and classified as problematic. This vulnerability affects unknown code of the file C:\Program Files\FileZilla FTP Client\uninstall.exe of th ...……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:16 | 阅读:1049 | 回复:0
  • CVE-2022-33891
    CVE漏洞
    CVE-2022-33891
    The Apache Spark UI offers the possibility to enable ACLs via the configuration option spark.acls.enable. With an authentication filter, this checks whether a user has access permissions to view or mo ...……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:16 | 阅读:1408 | 回复:0
  • CVE-2022-27434
    CVE漏洞
    CVE-2022-27434
    UNIT4 TETA Mobile Edition (ME) before 29.5.HF17 was discovered to contain a SQL injection vulnerability via the ProfileName parameter in the errorReporting page.……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:16 | 阅读:1309 | 回复:0
  • CVE-2021-44954
    CVE漏洞
    CVE-2021-44954
    In QVIS NVR DVR before 2021-12-13, an attacker can escalate privileges from a qvisdvr user to the root user by abusing a Sudo misconfiguration.……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:16 | 阅读:613 | 回复:0

关注我们

极客给你想要的成长

关注极客中国获取最新资讯

加入Q群 官方微博
热门推荐
More+
专题导读
More+
热门话题
More+
阅读排行榜

扫描微信二维码

查看手机版网站

随时了解更新最新资讯

139-2527-9053

在线客服(服务时间 9:00~18:00)

在线QQ客服
地址:深圳市南山区西丽大学城创智工业园
电邮:jeky_zhao#qq.com
移动电话:139-2527-9053

Powered by 互联科技 X3.4© 2001-2213 极客世界.|Sitemap