漏洞 - 第878页-OStack程序员社区-中国程序员成长平台

OStack程序员社区-中国程序员成长平台 › 门户 ›漏洞

漏洞

RSS

下级分类:

CVE漏洞

CVE-2021-25145

A remote unauthorized disclosure of information vulnerability was discovered in some Aruba Instant Access Point (IAP) products in version(s): Aruba Instant 6.4.x: 6.4.4.8-4.2.4.18 and below; Aruba Ins ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:55 | 阅读：31 | 回复：0
CVE漏洞

CVE-2021-28672

Xerox Phaser 6510 before 64.65.51 and 64.59.11 (Bridge), WorkCentre 6515 before 65.65.51 and 65.59.11 (Bridge), VersaLink B400 before 37.65.51 and 37.59.01 (Bridge), B405 before 38.65.51 and 38.59.01 ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:55 | 阅读：57 | 回复：0
CVE漏洞

CVE-2021-28671

Xerox Phaser 6510 before 64.65.51 and 64.59.11 (Bridge), WorkCentre 6515 before 65.65.51 and 65.59.11 (Bridge), VersaLink B400 before 37.65.51 and 37.59.01 (Bridge), B405 before 38.65.51 and 38.59.01 ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:55 | 阅读：48 | 回复：0
CVE漏洞

CVE-2021-27276

This vulnerability allows remote attackers to delete arbitrary files on affected installations of NETGEAR ProSAFE Network Management System 1.6.0.26. Although authentication is required to exploit thi ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:55 | 阅读：48 | 回复：0
CVE漏洞

CVE-2021-27275

This vulnerability allows remote attackers to disclose sensitive information and delete arbitrary files on affected installations of NETGEAR ProSAFE Network Management System 1.6.0.26. Although authen ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:55 | 阅读：38 | 回复：0
CVE漏洞

CVE-2021-27274

This vulnerability allows remote attackers to execute arbitrary code on affected installations of NETGEAR ProSAFE Network Management System 1.6.0.26. Authentication is not required to exploit this vul ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:55 | 阅读：50 | 回复：0
CVE漏洞

CVE-2021-27273

This vulnerability allows remote attackers to execute arbitrary code on affected installations of NETGEAR ProSAFE Network Management System 1.6.0.26. Although authentication is required to exploit thi ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:55 | 阅读：197 | 回复：0
CVE漏洞

CVE-2021-27272

This vulnerability allows remote attackers to delete arbitrary files on affected installations of NETGEAR ProSAFE Network Management System 1.6.0.26. Although authentication is required to exploit thi ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:55 | 阅读：31 | 回复：0
CVE漏洞

CVE-2021-27245

This vulnerability allows a firewall bypass on affected installations of TP-Link Archer A7 prior to Archer C7(US)_V5_210125 and Archer A7(US)_V5_200220 AC1750 routers. Authentication is not required t ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:55 | 阅读：31 | 回复：0
CVE漏洞

CVE-2021-27244

This vulnerability allows local attackers to disclose sensitive information on affected installations of Parallels Desktop 16.0.1-48919. An attacker must first obtain the ability to execute low-privil ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:55 | 阅读：69 | 回复：0
CVE漏洞

CVE-2021-27243

This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop 16.0.1-48919. An attacker must first obtain the ability to execute low-privileged code o ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:55 | 阅读：59 | 回复：0
CVE漏洞

CVE-2021-27242

This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop 16.0.1-48919. An attacker must first obtain the ability to execute low-privileged code o ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:55 | 阅读：39 | 回复：0
CVE漏洞

CVE-2021-27241

This vulnerability allows local attackers to delete arbitrary directories on affected installations of Avast Premium Security 20.8.2429 (Build 20.8.5653.561). An attacker must first obtain the ability ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:55 | 阅读：49 | 回复：0
CVE漏洞

CVE-2021-27240

This vulnerability allows local attackers to escalate privileges on affected installations of SolarWinds Patch Manager 2020.2.1. An attacker must first obtain the ability to execute low-privileged cod ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:55 | 阅读：62 | 回复：0
CVE漏洞

CVE-2021-27239

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR R6400 and R6700 firmware version 1.0.4.98 routers. Authentication is not required to ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:55 | 阅读：46 | 回复：0
CVE漏洞

CVE-2021-3391

MobileIron Mobile@Work through 2021-03-22 allows attackers to distinguish among valid, disabled, and nonexistent user accounts by observing the number of failed login attempts needed to produce a Lock ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:55 | 阅读：59 | 回复：0
CVE漏洞

CVE-2021-28673

Xerox Phaser 6510 before 64.61.23 and 64.59.11 (Bridge), WorkCentre 6515 before 65.61.23 and 65.59.11 (Bridge), VersaLink B400 before 37.61.23 and 37.59.01 (Bridge), B405 before 38.61.23 and 38.59.01 ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:55 | 阅读：45 | 回复：0
CVE漏洞

CVE-2021-28669

Xerox AltaLink B80xx before 103.008.020.23120, C8030/C8035 before 103.001.020.23120, C8045/C8055 before 103.002.020.23120 and C8070 before 103.003.020.23120 provide the ability to set configuration at ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:55 | 阅读：48 | 回复：0
CVE漏洞

CVE-2021-28668

Xerox AltaLink B80xx before 103.008.020.23120, C8030/C8035 before 103.001.020.23120, C8045/C8055 before 103.002.020.23120 and C8070 before 103.003.020.23120 has several SQL injection vulnerabilities.……

作者：菜鸟教程小白 | 时间：2022-2-5 09:55 | 阅读：45 | 回复：0
CVE漏洞

CVE-2021-26714

The Enterprise License Manager portal in Mitel MiContact Center Enterprise before 9.4 could allow a user to access restricted files and folders due to insufficient access control. A successful exploit ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:55 | 阅读：25 | 回复：0
CVE漏洞

CVE-2021-25144

A remote buffer overflow vulnerability was discovered in some Aruba Instant Access Point (IAP) products in version(s): Aruba Instant 6.4.x: 6.4.4.8-4.2.4.17 and below; Aruba Instant 6.5.x: 6.5.4.16 an ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:55 | 阅读：39 | 回复：0
CVE漏洞

CVE-2021-25143

A remote denial of service (dos) vulnerability was discovered in some Aruba Instant Access Point (IAP) products in version(s): Aruba Instant 8.3.x: 8.3.0.12 and below; Aruba Instant 8.5.x: 8.5.0.9 and ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:55 | 阅读：58 | 回复：0
CVE漏洞

CVE-2020-35138

** DISPUTED ** The MobileIron agents through 2021-03-22 for Android and iOS contain a hardcoded encryption key, used to encrypt the submission of username/password details during the authentication pr ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:55 | 阅读：44 | 回复：0
CVE漏洞

CVE-2020-35137

** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: the reported issue is not a vulnerability or exposure. Notes: This is an opt-in feature to the product - it is not enabled by d ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:55 | 阅读：30 | 回复：0
CVE漏洞

CVE-2020-25583

In FreeBSD 12.2-STABLE before r368250, 11.4-STABLE before r368253, 12.2-RELEASE before p1, 12.1-RELEASE before p11 and 11.4-RELEASE before p5 when processing a DNSSL option, rtsold(8) decodes domain n ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:55 | 阅读：39 | 回复：0
CVE漏洞

CVE-2020-25577

In FreeBSD 12.2-STABLE before r368250, 11.4-STABLE before r368253, 12.2-RELEASE before p1, 12.1-RELEASE before p11 and 11.4-RELEASE before p5 rtsold(8) does not verify that the RDNSS option does not e ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:55 | 阅读：41 | 回复：0
CVE漏洞

CVE-2020-24636

A remote execution of arbitrary commands vulnerability was discovered in some Aruba Instant Access Point (IAP) products in version(s): Aruba Instant 6.5.x: 6.5.4.17 and below; Aruba Instant 8.3.x: 8.3 ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:55 | 阅读：48 | 回复：0
CVE漏洞

CVE-2020-24635

A remote execution of arbitrary commands vulnerability was discovered in some Aruba Instant Access Point (IAP) products in version(s): Aruba Instant 6.5.x: 6.5.4.17 and below; Aruba Instant 8.3.x: 8.3 ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:55 | 阅读：39 | 回复：0
CVE漏洞

CVE-2021-29417

gitjacker before 0.1.0 allows remote attackers to execute arbitrary code via a crafted .git directory because of directory traversal.……

作者：菜鸟教程小白 | 时间：2022-2-5 09:55 | 阅读：25 | 回复：0
CVE漏洞

CVE-2021-29416

An issue was discovered in PortSwigger Burp Suite before 2021.2. During viewing of a malicious request, it can be manipulated into issuing a request that does not respect its upstream proxy configurat ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:55 | 阅读：36 | 回复：0
CVE漏洞

CVE-2021-28670

Xerox AltaLink B8045/B8090 before 103.008.030.32000, C8030/C8035 before 103.001.030.32000, C8045/C8055 before 103.002.030.32000 and C8070 before 103.003.030.32000 allow unauthorized users, by leveragi ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:55 | 阅读：37 | 回复：0
CVE漏洞

CVE-2020-25218

Grandstream GRP261x VoIP phone running firmware version 1.0.3.6 (Base) allow Authentication Bypass in its administrative web interface.……

作者：菜鸟教程小白 | 时间：2022-2-5 09:55 | 阅读：43 | 回复：0
CVE漏洞

CVE-2020-25217

Grandstream GRP261x VoIP phone running firmware version 1.0.3.6 (Base) allows Command Injection as root in its administrative web interface.……

作者：菜鸟教程小白 | 时间：2022-2-5 09:55 | 阅读：37 | 回复：0
CVE漏洞

CVE-2021-29267

Sherlock SherlockIM through 2021-03-29 allows Cross Site Scripting (XSS) by leveraging the api/Files/Attachment URI to attack help-desk staff via the chatbot feature.……

作者：菜鸟教程小白 | 时间：2022-2-5 09:55 | 阅读：47 | 回复：0
CVE漏洞

CVE-2021-27352

An open redirect vulnerability in Ilch CMS version 2.1.42 allows attackers to redirect users to an attacker's site after a successful login.……

作者：菜鸟教程小白 | 时间：2022-2-5 09:55 | 阅读：52 | 回复：0
CVE漏洞

CVE-2021-21727

A ZTE product has a DoS vulnerability. A remote attacker can amplify traffic by sending carefully constructed IPv6 packets to the affected devices, which eventually leads to device denial of service. ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:55 | 阅读：65 | 回复：0
CVE漏洞

CVE-2020-7850

NBBDownloader.ocx ActiveX Control in Groupware contains a vulnerability that could allow remote files to be downloaded and executed by setting the arguments to the activex method. A remote attacker co ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:55 | 阅读：73 | 回复：0
CVE漏洞

CVE-2019-5317

A local authentication bypass vulnerability was discovered in some Aruba Instant Access Point (IAP) products in version(s): Aruba Instant 6.4.x: 6.4.4.8-4.2.4.18 and below; Aruba Instant 6.5.x: 6.5.4. ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:55 | 阅读：47 | 回复：0
CVE漏洞

CVE-2021-23358

The package underscore from 1.13.0-0 and before 1.13.0-2, from 1.3.2 and before 1.12.1 are vulnerable to Arbitrary Code Injection via the template function, particularly when a variable property is pa ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:55 | 阅读：57 | 回复：0
CVE漏洞

CVE-2021-28937

The /password.html page of the Web management interface of the Acexy Wireless-N WiFi Repeater REV 1.0 (28.08.06.1) contains the administrator account password in plaintext. The page can be intercepted ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:55 | 阅读：53 | 回复：0