漏洞 - 第926页-OStack程序员社区-中国程序员成长平台

OStack程序员社区-中国程序员成长平台 › 门户 ›漏洞

漏洞

RSS

下级分类:

CVE漏洞

CVE-2020-36233

The Microsoft Windows Installer for Atlassian Bitbucket Server and Data Center before version 6.10.9, 7.x before 7.6.4, and from version 7.7.0 before 7.10.1 allows local attackers to escalate privileg ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:46 | 阅读：28 | 回复：0
CVE漏洞

CVE-2020-35776

A buffer overflow in res_pjsip_diversion.c in Sangoma Asterisk versions 13.38.1, 16.15.1, 17.9.1, and 18.1.1 allows remote attacker to crash Asterisk by deliberately misusing SIP 181 responses.……

作者：菜鸟教程小白 | 时间：2022-2-5 09:46 | 阅读：21 | 回复：0
CVE漏洞

CVE-2020-35592

Pi-hole 5.0, 5.1, and 5.1.1 allows XSS via the Options header to the admin/ URI. A remote user is able to inject arbitrary web script or HTML due to incorrect sanitization of user-supplied data and ac ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:46 | 阅读：20 | 回复：0
CVE漏洞

CVE-2020-35591

Pi-hole 5.0, 5.1, and 5.1.1 allows Session Fixation. The application does not generate a new session cookie after the user is logged in. A malicious user is able to create a new session cookie value a ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:46 | 阅读：12 | 回复：0
CVE漏洞

CVE-2021-3271

PressBooks 5.17.3 contains a cross-site scripting (XSS). Stored XSS can be submitted via the Book Info's Long Description Body, and all actions to open or preview the books page will result in the ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:46 | 阅读：12 | 回复：0
CVE漏洞

CVE-2021-27335

KollectApps before 4.8.16c is affected by insecure Java deserialization, leading to Remote Code Execution via a ysoserial.payloads.CommonsCollections parameter.……

作者：菜鸟教程小白 | 时间：2022-2-5 09:46 | 阅读：13 | 回复：0
CVE漏洞

CVE-2021-27329

Friendica 2021.01 allows SSRF via parse_url?binurl= for DNS lookups or HTTP requests to arbitrary domain names.……

作者：菜鸟教程小白 | 时间：2022-2-5 09:46 | 阅读：26 | 回复：0
CVE漏洞

CVE-2021-21318

Opencast is a free, open-source platform to support the management of educational audio and video content. In Opencast before version 9.2 there is a vulnerability in which publishing an episode with s ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:46 | 阅读：16 | 回复：0
CVE漏洞

CVE-2021-27379

An issue was discovered in Xen through 4.11.x, allowing x86 Intel HVM guest OS users to achieve unintended read/write DMA access, and possibly cause a denial of service (host OS crash) or gain privile ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:46 | 阅读：25 | 回复：0
CVE漏洞

CVE-2019-18243

HMI/SCADA iFIX (Versions 6.1 and prior) allows a local authenticated user to modify system-wide iFIX configurations through the registry. This may allow privilege escalation.……

作者：菜鸟教程小白 | 时间：2022-2-5 09:46 | 阅读：13 | 回复：0
CVE漏洞

CVE-2021-23341

The package prismjs before 1.23.0 are vulnerable to Regular Expression Denial of Service (ReDoS) via the prism-asciidoc, prism-rest, prism-tap and prism-eiffel components.……

作者：菜鸟教程小白 | 时间：2022-2-5 09:46 | 阅读：21 | 回复：0
CVE漏洞

CVE-2020-28499

All versions of package merge are vulnerable to Prototype Pollution via _recursiveMerge .……

作者：菜鸟教程小白 | 时间：2022-2-5 09:46 | 阅读：13 | 回复：0
CVE漏洞

CVE-2020-28491

This affects the package com.fasterxml.jackson.dataformat:jackson-dataformat-cbor from 0 and before 2.11.4, from 2.12.0-rc1 and before 2.12.1. Unchecked allocation of byte buffer can cause a java.lang ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:46 | 阅读：16 | 回复：0
CVE漏洞

CVE-2020-28463

All versions of package reportlab are vulnerable to Server-side Request Forgery (SSRF) via img tags. In order to reduce risk, use trustedSchemes trustedHosts (see in Reportlab's documentation) St ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:46 | 阅读：12 | 回复：0
CVE漏洞

CVE-2021-23340

This affects the package pimcore/pimcore before 6.8.8. A Local FIle Inclusion vulnerability exists in the downloadCsvAction function of the CustomReportController class (bundles/AdminBundle/Controller ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:46 | 阅读：19 | 回复：0
CVE漏洞

CVE-2021-20446

IBM Maximo for Civil Infrastructure 7.6.2 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionali ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:46 | 阅读：10 | 回复：0
CVE漏洞

CVE-2021-2054

Vulnerability in the RDBMS Sharding component of Oracle Database Server. Supported versions that are affected are 12.2.0.1, 18c and 19c. Easily exploitable vulnerability allows high privileged attacke ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:46 | 阅读：27 | 回复：0
CVE漏洞

CVE-2021-2052

Vulnerability in the JD Edwards EnterpriseOne Orchestrator product of Oracle JD Edwards (component: E1 IOT Orchestrator Security). The supported version that is affected is Prior to 9.2.5.1. Easily ex ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:46 | 阅读：28 | 回复：0
CVE漏洞

CVE-2021-2051

Vulnerability in the Oracle BI Publisher product of Oracle Fusion Middleware (component: E-Business Suite - XDO). Supported versions that are affected are 5.5.0.0.0, 11.1.1.9.0, 12.2.1.3.0 and 12.2.1. ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:46 | 阅读：31 | 回复：0
CVE漏洞

CVE-2021-2050

Vulnerability in the Oracle BI Publisher product of Oracle Fusion Middleware (component: E-Business Suite - XDO). Supported versions that are affected are 5.5.0.0.0, 11.1.1.9.0, 12.2.1.3.0 and 12.2.1. ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:46 | 阅读：35 | 回复：0
CVE漏洞

CVE-2021-2049

Vulnerability in the Oracle BI Publisher product of Oracle Fusion Middleware (component: Administration). Supported versions that are affected are 5.5.0.0.0, 11.1.1.9.0, 12.2.1.3.0 and 12.2.1.4.0. Eas ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:46 | 阅读：44 | 回复：0
CVE漏洞

CVE-2021-2048

Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 8.0.22 and prior. Difficult to exploit vulnerability allows high privileged atta ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:46 | 阅读：34 | 回复：0
CVE漏洞

CVE-2021-2047

Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core Components). Supported versions that are affected are 10.3.6.0.0, 12.1.3.0.0, and 12.2.1.3.0. Easily ex ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:46 | 阅读：44 | 回复：0
CVE漏洞

CVE-2021-2046

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Stored Procedure). Supported versions that are affected are 8.0.22 and prior. Easily exploitable vulnerability allows high ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:46 | 阅读：39 | 回复：0
CVE漏洞

CVE-2021-2045

Vulnerability in the Oracle Text component of Oracle Database Server. Supported versions that are affected are 12.1.0.2, 12.2.0.1, 18c and 19c. Difficult to exploit vulnerability allows low privileged ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:46 | 阅读：39 | 回复：0
CVE漏洞

CVE-2021-2044

Vulnerability in the PeopleSoft Enterprise FIN Payables product of Oracle PeopleSoft (component: Financial Sanctions). The supported version that is affected is 9.2. Easily exploitable vulnerability a ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:46 | 阅读：35 | 回复：0
CVE漏洞

CVE-2021-2043

Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft (component: Portal). Supported versions that are affected are 8.56, 8.57 and 8.58. Easily exploitable vulnerability ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:46 | 阅读：33 | 回复：0
CVE漏洞

CVE-2021-2042

Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 8.0.21 and prior. Easily exploitable vulnerability allows high privileged attack ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:46 | 阅读：31 | 回复：0
CVE漏洞

CVE-2021-2041

Vulnerability in the Oracle Business Intelligence Enterprise Edition product of Oracle Fusion Middleware (component: Installation). Supported versions that are affected are 12.2.1.3.0 and 12.2.1.4.0. ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:46 | 阅读：28 | 回复：0
CVE漏洞

CVE-2021-2040

Vulnerability in the Oracle Argus Safety product of Oracle Health Sciences Applications (component: Case Form, Local Affiliate Form). The supported version that is affected is 8.2.2. Easily exploitabl ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:46 | 阅读：45 | 回复：0
CVE漏洞

CVE-2021-2039

Vulnerability in the Siebel Core - Server Framework product of Oracle Siebel CRM (component: Search). Supported versions that are affected are 20.12 and prior. Easily exploitable vulnerability allows ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:46 | 阅读：36 | 回复：0
CVE漏洞

CVE-2021-2038

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Components Services). Supported versions that are affected are 8.0.22 and prior. Difficult to exploit vulnerability allows ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:46 | 阅读：36 | 回复：0
CVE漏洞

CVE-2021-2036

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.22 and prior. Easily exploitable vulnerability allows high privil ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:46 | 阅读：41 | 回复：0
CVE漏洞

CVE-2021-2035

Vulnerability in the RDBMS Scheduler component of Oracle Database Server. Supported versions that are affected are 12.1.0.2, 12.2.0.1, 18c and 19c. Easily exploitable vulnerability allows low privileg ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:46 | 阅读：38 | 回复：0
CVE漏洞

CVE-2021-2034

Vulnerability in the Oracle Common Applications Calendar product of Oracle E-Business Suite (component: Tasks). Supported versions that are affected are 12.1.1-12.1.3. Easily exploitable vulnerability ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:46 | 阅读：40 | 回复：0
CVE漏洞

CVE-2021-2033

Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core Components). Supported versions that are affected are 12.1.3.0.0, 12.2.1.3.0, 12.2.1.4.0 and 14.1.1.0.0 ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:46 | 阅读：32 | 回复：0
CVE漏洞

CVE-2021-2032

Vulnerability in the MySQL Server product of Oracle MySQL (component: Information Schema). Supported versions that are affected are 5.7.32 and prior and 8.0.22 and prior. Easily exploitable vulnerabil ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:46 | 阅读：24 | 回复：0
CVE漏洞

CVE-2021-2031

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.22 and prior. Easily exploitable vulnerability allows high privil ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:46 | 阅读：29 | 回复：0
CVE漏洞

CVE-2021-2030

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.21 and prior. Easily exploitable vulnerability allows high privil ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:46 | 阅读：24 | 回复：0
CVE漏洞

CVE-2021-2029

Vulnerability in the Oracle Scripting product of Oracle E-Business Suite (component: Miscellaneous). Supported versions that are affected are 12.1.1-12.1.3 and 12.2.3-12.2.8. Easily exploitable vulner ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:46 | 阅读：24 | 回复：0