• 设为首页
  • 点击收藏
  • 手机版
    手机扫一扫访问
    迪恩网络手机版
  • 关注官方公众号
    微信扫一扫关注
    公众号
登陆 注册
OStack程序员社区-中国程序员成长平台 门户 漏洞

漏洞

RSS

下级分类:

  • CVE-2020-8625
    CVE漏洞
    CVE-2020-8625
    BIND servers are vulnerable if they are running an affected version and are configured to use GSS-TSIG features. In a configuration which uses BIND's default settings the vulnerable code path is n ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 09:45 | 阅读:21 | 回复:0
  • CVE-2021-27374
    CVE漏洞
    CVE-2021-27374
    VertiGIS WebOffice 10.7 SP1 before patch20210202 and 10.8 SP1 before patch20210207 allows attackers to achieve Zugriff auf Inhalte der WebOffice Applikation.……
    作者:菜鸟教程小白 | 时间:2022-2-5 09:45 | 阅读:18 | 回复:0
  • CVE-2021-26720
    CVE漏洞
    CVE-2021-26720
    avahi-daemon-check-dns.sh in the Debian avahi package through 0.8-4 is executed as root via /etc/network/if-up.d/avahi-daemon, and allows a local attacker to cause a denial of service or create arbitr ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 09:45 | 阅读:45 | 回复:0
  • CVE-2020-36245
    CVE漏洞
    CVE-2020-36245
    GramAddict through 1.2.3 allows remote attackers to execute arbitrary code because of use of UIAutomator2 and ATX-Agent. The attacker must be able to reach TCP port 7912, e.g., by being on the same Wi ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 09:45 | 阅读:28 | 回复:0
  • CVE-2021-3396
    CVE漏洞
    CVE-2021-3396
    OpenNMS Meridian 2016, 2017, 2018 before 2018.1.25, 2019 before 2019.1.16, and 2020 before 2020.1.5, Horizon 1.2 through 27.0.4, and Newts 1.5.3 has Incorrect Access Control, which allows local and re ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 09:45 | 阅读:19 | 回复:0
  • CVE-2021-27367
    CVE漏洞
    CVE-2021-27367
    Controller/Backend/FileEditController.php and Controller/Backend/FilemanagerController.php in Bolt before 4.1.13 allow Directory Traversal.……
    作者:菜鸟教程小白 | 时间:2022-2-5 09:45 | 阅读:21 | 回复:0
  • CVE-2021-26911
    CVE漏洞
    CVE-2021-26911
    core/imap/MCIMAPSession.cpp in Canary Mail before 3.22 has Missing SSL Certificate Validation for IMAP in STARTTLS mode.……
    作者:菜鸟教程小白 | 时间:2022-2-5 09:45 | 阅读:16 | 回复:0
  • CVE-2020-25605
    CVE漏洞
    CVE-2020-25605
    Cleartext transmission of sensitive information in Agora Video SDK prior to 3.1 allows a remote attacker to obtain access to audio and video of any ongoing Agora video call through observation of clea ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 09:45 | 阅读:24 | 回复:0
  • CVE-2020-13555
    CVE漏洞
    CVE-2020-13555
    An exploitable local privilege elevation vulnerability exists in the file system permissions of Advantech WebAccess/SCADA 9.0.1 installation. In COM Server Application Privilege Escalation, an attacke ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 09:45 | 阅读:15 | 回复:0
  • CVE-2020-13553
    CVE漏洞
    CVE-2020-13553
    An exploitable local privilege elevation vulnerability exists in the file system permissions of Advantech WebAccess/SCADA 9.0.1 installation. In webvrpcs Run Key Privilege Escalation in installation f ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 09:45 | 阅读:20 | 回复:0
  • CVE-2020-13552
    CVE漏洞
    CVE-2020-13552
    An exploitable local privilege elevation vulnerability exists in the file system permissions of Advantech WebAccess/SCADA 9.0.1 installation. In privilege escalation via multiple service executables i ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 09:45 | 阅读:17 | 回复:0
  • CVE-2020-13551
    CVE漏洞
    CVE-2020-13551
    An exploitable local privilege elevation vulnerability exists in the file system permissions of Advantech WebAccess/SCADA 9.0.1 installation. In privilege escalation via PostgreSQL executable, an atta ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 09:45 | 阅读:18 | 回复:0
  • CVE-2020-13550
    CVE漏洞
    CVE-2020-13550
    A local file inclusion vulnerability exists in the installation functionality of Advantech WebAccess/SCADA 9.0.1. A specially crafted application can lead to information disclosure. An attacker can se ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 09:45 | 阅读:9 | 回复:0
  • CVE-2021-1416
    CVE漏洞
    CVE-2021-1416
    Multiple vulnerabilities in the Admin portal of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to obtain sensitive information. These vulnerabilities are due to imp ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 09:45 | 阅读:13 | 回复:0
  • CVE-2021-1412
    CVE漏洞
    CVE-2021-1412
    Multiple vulnerabilities in the Admin portal of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to obtain sensitive information. These vulnerabilities are due to imp ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 09:45 | 阅读:34 | 回复:0
  • CVE-2021-1378
    CVE漏洞
    CVE-2021-1378
    A vulnerability in the SSH service of the Cisco StarOS operating system could allow an unauthenticated, remote attacker to cause an affected device to stop processing traffic, resulting in a denial of ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 09:45 | 阅读:21 | 回复:0
  • CVE-2021-1372
    CVE漏洞
    CVE-2021-1372
    A vulnerability in Cisco Webex Meetings Desktop App and Webex Productivity Tools for Windows could allow an authenticated, local attacker to gain access to sensitive information on an affected system. ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 09:45 | 阅读:19 | 回复:0
  • CVE-2021-1366
    CVE漏洞
    CVE-2021-1366
    A vulnerability in the interprocess communication (IPC) channel of Cisco AnyConnect Secure Mobility Client for Windows could allow an authenticated, local attacker to perform a DLL hijacking attack on ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 09:45 | 阅读:13 | 回复:0
  • CVE-2021-1351
    CVE漏洞
    CVE-2021-1351
    A vulnerability in the web-based interface of Cisco Webex Meetings could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based interf ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 09:45 | 阅读:18 | 回复:0
  • CVE-2021-27362
    CVE漏洞
    CVE-2021-27362
    The WPG plugin before 3.1.0.0 for IrfanView 4.57 has a Read Access Violation on Control Flow starting at WPG!ReadWPG_W+0x0000000000000133, which might allow remote attackers to execute arbitrary code.……
    作者:菜鸟教程小白 | 时间:2022-2-5 09:45 | 阅读:20 | 回复:0
  • CVE-2021-27224
    CVE漏洞
    CVE-2021-27224
    The WPG plugin before 3.1.0.0 for IrfanView 4.57 has a user-mode write access violation starting at WPG+0x0000000000012ec6, which might allow remote attackers to execute arbitrary code.……
    作者:菜鸟教程小白 | 时间:2022-2-5 09:45 | 阅读:16 | 回复:0
  • CVE-2021-26809
    CVE漏洞
    CVE-2021-26809
    PHPGurukul Car Rental Project version 2.0 suffers from a remote shell upload vulnerability in changeimage1.php.……
    作者:菜鸟教程小白 | 时间:2022-2-5 09:45 | 阅读:19 | 回复:0
  • CVE-2021-26697
    CVE漏洞
    CVE-2021-26697
    The lineage endpoint of the deprecated Experimental API was not protected by authentication in Airflow 2.0.0. This allowed unauthenticated users to hit that endpoint. This is low-severity issue as the ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 09:45 | 阅读:18 | 回复:0
  • CVE-2021-26559
    CVE漏洞
    CVE-2021-26559
    Improper Access Control on Configurations Endpoint for the Stable API of Apache Airflow allows users with Viewer or User role to get Airflow Configurations including sensitive information even when ` ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 09:45 | 阅读:18 | 回复:0
  • CVE-2021-25780
    CVE漏洞
    CVE-2021-25780
    An arbitrary file upload vulnerability has been identified in posts.php in Baby Care System 1.0. The vulnerability could be exploited by an remote attacker to upload content to the server, including P ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 09:45 | 阅读:11 | 回复:0
  • CVE-2021-25779
    CVE漏洞
    CVE-2021-25779
    Baby Care System v1.0 is vulnerable to SQL injection via the 'id' parameter on the contentsectionpage.php page.……
    作者:菜鸟教程小白 | 时间:2022-2-5 09:45 | 阅读:16 | 回复:0
  • CVE-2021-22174
    CVE漏洞
    CVE-2021-22174
    Crash in USB HID dissector in Wireshark 3.4.0 to 3.4.2 allows denial of service via packet injection or crafted capture file……
    作者:菜鸟教程小白 | 时间:2022-2-5 09:45 | 阅读:10 | 回复:0
  • CVE-2021-22173
    CVE漏洞
    CVE-2021-22173
    Memory leak in USB HID dissector in Wireshark 3.4.0 to 3.4.2 allows denial of service via packet injection or crafted capture file……
    作者:菜鸟教程小白 | 时间:2022-2-5 09:45 | 阅读:12 | 回复:0
  • CVE-2020-36003
    CVE漏洞
    CVE-2020-36003
    The id parameter in detail.php of Online Book Store v1.0 is vulnerable to union-based blind SQL injection, which leads to the ability to retrieve all databases.……
    作者:菜鸟教程小白 | 时间:2022-2-5 09:45 | 阅读:16 | 回复:0
  • CVE-2020-36002
    CVE漏洞
    CVE-2020-36002
    Seat-Reservation-System 1.0 has a SQL injection vulnerability in index.php in the id parameter where attackers can obtain sensitive database information.……
    作者:菜鸟教程小白 | 时间:2022-2-5 09:45 | 阅读:18 | 回复:0
  • CVE-2020-35339
    CVE漏洞
    CVE-2020-35339
    In 74cms version 5.0.1, there is a remote code execution vulnerability in /Application/Admin/Controller/ConfigController.class.php and /ThinkPHP/Common/functions.php where attackers can obtain server ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 09:45 | 阅读:37 | 回复:0
  • CVE-2020-12365
    CVE漏洞
    CVE-2020-12365
    Untrusted pointer dereference in some Intel(R) Graphics Drivers before versions 15.33.51.5146, 15.45.32.5145, 15.36.39.5144 and 15.40.46.5143 may allow an authenticated user to potentially denial of s ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 09:45 | 阅读:29 | 回复:0
  • CVE-2021-22855
    CVE漏洞
    CVE-2021-22855
    The specific function of HR Portal of Soar Cloud System accepts any type of object to be deserialized. Attackers can send malicious serialized objects to execute arbitrary commands.……
    作者:菜鸟教程小白 | 时间:2022-2-5 09:45 | 阅读:15 | 回复:0
  • CVE-2021-22854
    CVE漏洞
    CVE-2021-22854
    The HR Portal of Soar Cloud System fails to filter specific parameters. Remote attackers can inject SQL syntax and obtain all data in the database without privilege.……
    作者:菜鸟教程小白 | 时间:2022-2-5 09:45 | 阅读:22 | 回复:0
  • CVE-2021-22853
    CVE漏洞
    CVE-2021-22853
    The HR Portal of Soar Cloud System fails to manage access control. While obtaining user ID, remote attackers can access sensitive data via a specific data packet, such as user’s login information ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 09:45 | 阅读:23 | 回复:0
  • CVE-2021-0109
    CVE漏洞
    CVE-2021-0109
    Insecure inherited permissions for the Intel(R) SOC driver package for STK1A32SC before version 604 may allow an authenticated user to potentially enable escalation of privilege via local access.……
    作者:菜鸟教程小白 | 时间:2022-2-5 09:45 | 阅读:18 | 回复:0
  • CVE-2020-8765
    CVE漏洞
    CVE-2020-8765
    Incorrect default permissions in the installer for the Intel(R) RealSense(TM) DCM may allow a privileged user to potentially enable escalation of privilege via local access.……
    作者:菜鸟教程小白 | 时间:2022-2-5 09:45 | 阅读:20 | 回复:0
  • CVE-2020-8701
    CVE漏洞
    CVE-2020-8701
    Incorrect default permissions in installer for the Intel(R) SSD Toolbox versions before 2/9/2021 may allow a privileged user to potentially enable escalation of privilege via local access.……
    作者:菜鸟教程小白 | 时间:2022-2-5 09:45 | 阅读:17 | 回复:0
  • CVE-2020-8678
    CVE漏洞
    CVE-2020-8678
    Improper access control for Intel(R) Graphics Drivers before version 15.45.33.5164 and 27.20.100.8280 may allow an authenticated user to potentially enable an escalation of privilege via local access.……
    作者:菜鸟教程小白 | 时间:2022-2-5 09:45 | 阅读:31 | 回复:0
  • CVE-2020-7849
    CVE漏洞
    CVE-2020-7849
    A vulnerability of uPrism.io CURIX(Video conferecing solution) could allow an unauthenticated attacker to execute arbitrary code. This vulnerability is due to insufficient input(server domain) validat ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 09:45 | 阅读:20 | 回复:0

关注我们

极客给你想要的成长

关注极客中国获取最新资讯

加入Q群 官方微博
热门推荐
More+
专题导读
More+
热门话题
More+
阅读排行榜

扫描微信二维码

查看手机版网站

随时了解更新最新资讯

139-2527-9053

在线客服(服务时间 9:00~18:00)

在线QQ客服
地址:深圳市南山区西丽大学城创智工业园
电邮:jeky_zhao#qq.com
移动电话:139-2527-9053

Powered by 互联科技 X3.4© 2001-2213 极客世界.|Sitemap