• 设为首页
  • 点击收藏
  • 手机版
    手机扫一扫访问
    迪恩网络手机版
  • 关注官方公众号
    微信扫一扫关注
    公众号
登陆 注册
OStack程序员社区-中国程序员成长平台 门户 漏洞

漏洞

RSS

下级分类:

  • CVE-2021-26304
    CVE漏洞
    CVE-2021-26304
    PHPGurukul Daily Expense Tracker System 1.0 is vulnerable to stored XSS via the add-expense.php Item parameter.……
    作者:菜鸟教程小白 | 时间:2022-2-5 09:54 | 阅读:39 | 回复:0
  • CVE-2021-26303
    CVE漏洞
    CVE-2021-26303
    PHPGurukul Daily Expense Tracker System 1.0 is vulnerable to stored XSS via the user-profile.php Full Name field.……
    作者:菜鸟教程小白 | 时间:2022-2-5 09:54 | 阅读:39 | 回复:0
  • CVE-2021-3341
    CVE漏洞
    CVE-2021-3341
    A path traversal vulnerability in the DxWebEngine component of DH2i DxEnterprise and DxOdyssey for Windows, version 19.5 through 20.x before 20.0.219.0, allows an attacker to read any file on the host ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 09:54 | 阅读:63 | 回复:0
  • CVE-2021-29265
    CVE漏洞
    CVE-2021-29265
    An issue was discovered in the Linux kernel before 5.11.7. usbip_sockfd_store in drivers/usb/usbip/stub_dev.c allows attackers to cause a denial of service (GPF) because the stub-up sequence has race ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 09:54 | 阅读:59 | 回复:0
  • CVE-2021-29264
    CVE漏洞
    CVE-2021-29264
    An issue was discovered in the Linux kernel through 5.11.10. drivers/net/ethernet/freescale/gianfar.c in the Freescale Gianfar Ethernet driver allows attackers to cause a system crash because a negati ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 09:54 | 阅读:64 | 回复:0
  • CVE-2021-21396
    CVE漏洞
    CVE-2021-21396
    wire-server is an open-source back end for Wire, a secure collaboration platform. In wire-server from version 2021-02-16 and before version 2021-03-02, the client metadata of all users was exposed in ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 09:54 | 阅读:41 | 回复:0
  • CVE-2021-21374
    CVE漏洞
    CVE-2021-21374
    Nimble is a package manager for the Nim programming language. In Nim release versions before versions 1.2.10 and 1.4.4, nimble refresh fetches a list of Nimble packages over HTTPS without full verific ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 09:54 | 阅读:41 | 回复:0
  • CVE-2021-21373
    CVE漏洞
    CVE-2021-21373
    Nimble is a package manager for the Nim programming language. In Nim release versions before versions 1.2.10 and 1.4.4, nimble refresh fetches a list of Nimble packages over HTTPS by default. In case ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 09:54 | 阅读:59 | 回复:0
  • CVE-2021-21372
    CVE漏洞
    CVE-2021-21372
    Nimble is a package manager for the Nim programming language. In Nim release version before versions 1.2.10 and 1.4.4, Nimble doCmd is used in different places and can be leveraged to execute arbitrar ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 09:54 | 阅读:36 | 回复:0
  • CVE-2021-20206
    CVE漏洞
    CVE-2021-20206
    An improper limitation of path name flaw was found in containernetworking/cni in versions before 0.8.1. When specifying the plugin to load in the 'type' field in the network configuration, it ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 09:54 | 阅读:37 | 回复:0
  • CVE-2021-21411
    CVE漏洞
    CVE-2021-21411
    OAuth2-Proxy is an open source reverse proxy that provides authentication with Google, Github or other providers. The `--gitlab-group` flag for group-based authorization in the GitLab provider stopped ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 09:54 | 阅读:33 | 回复:0
  • CVE-2021-21389
    CVE漏洞
    CVE-2021-21389
    BuddyPress is an open source WordPress plugin to build a community site. In releases of BuddyPress from 5.0.0 before 7.2.1 it's possible for a non-privileged, regular user to obtain administrator ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 09:54 | 阅读:57 | 回复:0
  • CVE-2020-7468
    CVE漏洞
    CVE-2020-7468
    In FreeBSD 12.2-STABLE before r365772, 11.4-STABLE before r365773, 12.1-RELEASE before p10, 11.4-RELEASE before p4 and 11.3-RELEASE before p14 a ftpd(8) bug in the implementation of the file system sa ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 09:54 | 阅读:37 | 回复:0
  • CVE-2020-7467
    CVE漏洞
    CVE-2020-7467
    In FreeBSD 12.2-STABLE before r365767, 11.4-STABLE before r365769, 12.1-RELEASE before p10, 11.4-RELEASE before p4 and 11.3-RELEASE before p14 a number of AMD virtualization instructions operate on ho ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 09:54 | 阅读:43 | 回复:0
  • CVE-2020-7464
    CVE漏洞
    CVE-2020-7464
    In FreeBSD 12.2-STABLE before r365730, 11.4-STABLE before r365738, 12.1-RELEASE before p10, 11.4-RELEASE before p4, and 11.3-RELEASE before p14, a programming error in the ure(4) device driver caused ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 09:54 | 阅读:80 | 回复:0
  • CVE-2020-7462
    CVE漏洞
    CVE-2020-7462
    In 11.4-PRERELEASE before r360733 and 11.3-RELEASE before p13, improper mbuf handling in the kernel causes a use-after-free bug by sending IPv6 Hop-by-Hop options over the loopback interface. The use- ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 09:54 | 阅读:43 | 回复:0
  • CVE-2020-7461
    CVE漏洞
    CVE-2020-7461
    In FreeBSD 12.1-STABLE before r365010, 11.4-STABLE before r365011, 12.1-RELEASE before p9, 11.4-RELEASE before p3, and 11.3-RELEASE before p13, dhclient(8) fails to handle certain malformed input rela ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 09:54 | 阅读:32 | 回复:0
  • CVE-2020-25582
    CVE漏洞
    CVE-2020-25582
    In FreeBSD 12.2-STABLE before r369334, 11.4-STABLE before r369335, 12.2-RELEASE before p4 and 11.4-RELEASE before p8 when a process, such as jexec(8) or killall(1), calls jail_attach(2) to enter a jai ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 09:54 | 阅读:43 | 回复:0
  • CVE-2020-25581
    CVE漏洞
    CVE-2020-25581
    In FreeBSD 12.2-STABLE before r369312, 11.4-STABLE before r369313, 12.2-RELEASE before p4 and 11.4-RELEASE before p8 due to a race condition in the jail_remove(2) implementation, it may fail to kill s ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 09:54 | 阅读:54 | 回复:0
  • CVE-2020-25580
    CVE漏洞
    CVE-2020-25580
    In FreeBSD 12.2-STABLE before r369346, 11.4-STABLE before r369345, 12.2-RELEASE before p4 and 11.4-RELEASE before p8 a regression in the login.access(5) rule processor has the effect of causing rules ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 09:54 | 阅读:40 | 回复:0
  • CVE-2020-25579
    CVE漏洞
    CVE-2020-25579
    In FreeBSD 12.2-STABLE before r368969, 11.4-STABLE before r369047, 12.2-RELEASE before p3, 12.1-RELEASE before p13 and 11.4-RELEASE before p7 msdosfs(5) was failing to zero-fill a pair of padding fiel ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 09:54 | 阅读:43 | 回复:0
  • CVE-2020-25578
    CVE漏洞
    CVE-2020-25578
    In FreeBSD 12.2-STABLE before r368969, 11.4-STABLE before r369047, 12.2-RELEASE before p3, 12.1-RELEASE before p13 and 11.4-RELEASE before p7 several file systems were not properly initializing the d_ ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 09:54 | 阅读:28 | 回复:0
  • CVE-2021-22194
    CVE漏洞
    CVE-2021-22194
    In all versions of GitLab, marshalled session keys were being stored in Redis.……
    作者:菜鸟教程小白 | 时间:2022-2-5 09:54 | 阅读:29 | 回复:0
  • CVE-2021-22184
    CVE漏洞
    CVE-2021-22184
    An information disclosure issue in GitLab starting from version 12.8 allowed a user with access to the server logs to see sensitive information that wasn't properly redacted.……
    作者:菜鸟教程小白 | 时间:2022-2-5 09:54 | 阅读:29 | 回复:0
  • CVE-2021-22180
    CVE漏洞
    CVE-2021-22180
    An issue has been discovered in GitLab affecting all versions starting from 13.4. Improper access control allows unauthorized users to access details on analytic pages.……
    作者:菜鸟教程小白 | 时间:2022-2-5 09:54 | 阅读:30 | 回复:0
  • CVE-2021-22172
    CVE漏洞
    CVE-2021-22172
    Improper authorization in GitLab 12.8+ allows a guest user in a private project to view tag data that should be inaccessible on the releases page……
    作者:菜鸟教程小白 | 时间:2022-2-5 09:54 | 阅读:32 | 回复:0
  • CVE-2021-21333
    CVE漏洞
    CVE-2021-21333
    Synapse is a Matrix reference homeserver written in python (pypi package matrix-synapse). Matrix is an ecosystem for open federated Instant Messaging and VoIP. In Synapse before version 1.27.0, the no ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 09:54 | 阅读:32 | 回复:0
  • CVE-2021-21332
    CVE漏洞
    CVE-2021-21332
    Synapse is a Matrix reference homeserver written in python (pypi package matrix-synapse). Matrix is an ecosystem for open federated Instant Messaging and VoIP. In Synapse before version 1.27.0, the pa ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 09:54 | 阅读:31 | 回复:0
  • CVE-2021-25372
    CVE漏洞
    CVE-2021-25372
    An improper boundary check in DSP driver prior to SMR Mar-2021 Release 1 allows out of bounds memory access.……
    作者:菜鸟教程小白 | 时间:2022-2-5 09:54 | 阅读:17 | 回复:0
  • CVE-2021-25371
    CVE漏洞
    CVE-2021-25371
    A vulnerability in DSP driver prior to SMR Mar-2021 Release 1 allows attackers load arbitrary ELF libraries inside DSP.……
    作者:菜鸟教程小白 | 时间:2022-2-5 09:54 | 阅读:26 | 回复:0
  • CVE-2021-25370
    CVE漏洞
    CVE-2021-25370
    An incorrect implementation handling file descriptor in dpu driver prior to SMR Mar-2021 Release 1 results in memory corruption leading to kernel panic.……
    作者:菜鸟教程小白 | 时间:2022-2-5 09:54 | 阅读:36 | 回复:0
  • CVE-2021-25369
    CVE漏洞
    CVE-2021-25369
    An improper access control vulnerability in sec_log file prior to SMR MAR-2021 Release 1 exposes sensitive kernel information to userspace.……
    作者:菜鸟教程小白 | 时间:2022-2-5 09:54 | 阅读:40 | 回复:0
  • CVE-2021-22886
    CVE漏洞
    CVE-2021-22886
    Rocket.Chat before 3.11, 3.10.5, 3.9.7, 3.8.8 is vulnerable to persistent cross-site scripting (XSS) using nested markdown tags allowing a remote attacker to inject arbitrary JavaScript in a message. ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 09:54 | 阅读:34 | 回复:0
  • CVE-2021-29255
    CVE漏洞
    CVE-2021-29255
    MicroSeven MYM71080i-B 2.0.5 through 2.0.20 devices send admin credentials in cleartext to pnp.microseven.com TCP port 7007. An attacker on the same network as the device can capture these credentials ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 09:54 | 阅读:40 | 回复:0
  • CVE-2021-21403
    CVE漏洞
    CVE-2021-21403
    In github.com/kongchuanhujiao/server before version 1.3.21 there is an authentication Bypass by Primary Weakness vulnerability. All users are impacted. This is fixed in version 1.3.21.……
    作者:菜鸟教程小白 | 时间:2022-2-5 09:54 | 阅读:25 | 回复:0
  • CVE-2020-28695
    CVE漏洞
    CVE-2020-28695
    Askey Fiber Router RTF3505VW-N1 BR_SV_g000_R3505VWN1001_s32_7 devices allow Remote Code Execution and retrieval of admin credentials to log into the Dashboard or login via SSH, leading to code executi ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 09:54 | 阅读:33 | 回复:0
  • CVE-2021-20289
    CVE漏洞
    CVE-2021-20289
    A flaw was found in RESTEasy in all versions of RESTEasy up to 4.6.0.Final. The endpoint class and method names are returned as part of the exception response when RESTEasy cannot convert one of the r ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 09:54 | 阅读:30 | 回复:0
  • CVE-2021-20285
    CVE漏洞
    CVE-2021-20285
    A flaw was found in upx canPack in p_lx_elf.cpp in UPX 3.96. This flaw allows attackers to cause a denial of service (SEGV or buffer overflow and application crash) or possibly have unspecified other ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 09:54 | 阅读:37 | 回复:0
  • CVE-2021-20284
    CVE漏洞
    CVE-2021-20284
    A flaw was found in GNU Binutils 2.35.1, where there is a heap-based buffer overflow in _bfd_elf_slurp_secondary_reloc_section in elf.c due to the number of symbols not calculated correctly. The highe ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 09:54 | 阅读:76 | 回复:0
  • CVE-2021-20271
    CVE漏洞
    CVE-2021-20271
    A flaw was found in RPM's signature check functionality when reading a package file. This flaw allows an attacker who can convince a victim to install a seemingly verifiable package, whose signatu ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 09:54 | 阅读:203 | 回复:0

关注我们

极客给你想要的成长

关注极客中国获取最新资讯

加入Q群 官方微博
热门推荐
More+
专题导读
More+
热门话题
More+
阅读排行榜

扫描微信二维码

查看手机版网站

随时了解更新最新资讯

139-2527-9053

在线客服(服务时间 9:00~18:00)

在线QQ客服
地址:深圳市南山区西丽大学城创智工业园
电邮:jeky_zhao#qq.com
移动电话:139-2527-9053

Powered by 互联科技 X3.4© 2001-2213 极客世界.|Sitemap