• 设为首页
  • 点击收藏
  • 手机版
    手机扫一扫访问
    迪恩网络手机版
  • 关注官方公众号
    微信扫一扫关注
    公众号
登陆 注册
OStack程序员社区-中国程序员成长平台 门户 漏洞

漏洞

RSS

下级分类:

  • CVE-2021-25299
    CVE漏洞
    CVE-2021-25299
    Nagios XI version xi-5.7.5 is affected by cross-site scripting (XSS). The vulnerability exists in the file /usr/local/nagiosxi/html/admin/sshterm.php due to improper sanitization of user-controlled in ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 09:43 | 阅读:36 | 回复:0
  • CVE-2021-25298
    CVE漏洞
    CVE-2021-25298
    Nagios XI version xi-5.7.5 is affected by OS command injection. The vulnerability exists in the file /usr/local/nagiosxi/html/includes/configwizards/cloud-vm/cloud-vm.inc.php due to improper sanitizat ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 09:43 | 阅读:27 | 回复:0
  • CVE-2021-25297
    CVE漏洞
    CVE-2021-25297
    Nagios XI version xi-5.7.5 is affected by OS command injection. The vulnerability exists in the file /usr/local/nagiosxi/html/includes/configwizards/switch/switch.inc.php due to improper sanitization ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 09:43 | 阅读:39 | 回复:0
  • CVE-2021-25296
    CVE漏洞
    CVE-2021-25296
    Nagios XI version xi-5.7.5 is affected by OS command injection. The vulnerability exists in the file /usr/local/nagiosxi/html/includes/configwizards/windowswmi/windowswmi.inc.php due to improper sanit ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 09:43 | 阅读:38 | 回复:0
  • CVE-2021-23337
    CVE漏洞
    CVE-2021-23337
    Lodash versions prior to 4.17.21 are vulnerable to Command Injection via the template function.……
    作者:菜鸟教程小白 | 时间:2022-2-5 09:43 | 阅读:26 | 回复:0
  • CVE-2021-23336
    CVE漏洞
    CVE-2021-23336
    The package python/cpython from 0 and before 3.6.13, from 3.7.0 and before 3.7.10, from 3.8.0 and before 3.8.8, from 3.9.0 and before 3.9.2 are vulnerable to Web Cache Poisoning via urllib.parse.parse ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 09:43 | 阅读:21 | 回复:0
  • CVE-2020-28500
    CVE漏洞
    CVE-2020-28500
    Lodash versions prior to 4.17.21 are vulnerable to Regular Expression Denial of Service (ReDoS) via the toNumber, trim and trimEnd functions.……
    作者:菜鸟教程小白 | 时间:2022-2-5 09:43 | 阅读:21 | 回复:0
  • CVE-2021-21702
    CVE漏洞
    CVE-2021-21702
    In PHP versions 7.3.x below 7.3.27, 7.4.x below 7.4.15 and 8.0.x below 8.0.2, when using SOAP extension to connect to a SOAP server, a malicious SOAP server could return malformed XML data as a respon ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 09:43 | 阅读:24 | 回复:0
  • CVE-2020-7071
    CVE漏洞
    CVE-2020-7071
    In PHP versions 7.3.x below 7.3.26, 7.4.x below 7.4.14 and 8.0.0, when validating URL with functions like filter_var($url, FILTER_VALIDATE_URL), PHP will accept an URL with invalid password as valid U ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 09:43 | 阅读:18 | 回复:0
  • CVE-2020-29451
    CVE漏洞
    CVE-2020-29451
    Affected versions of Atlassian Jira Server and Data Center allow remote attackers to enumerate Jira projects via an Information Disclosure vulnerability in the Jira Projects plugin report page. The af ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 09:43 | 阅读:45 | 回复:0
  • CVE-2020-36237
    CVE漏洞
    CVE-2020-36237
    Affected versions of Atlassian Jira Server and Data Center allow unauthenticated remote attackers to view custom field options via an Information Disclosure vulnerability in the /rest/api/2/customFiel ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 09:43 | 阅读:19 | 回复:0
  • CVE-2020-36236
    CVE漏洞
    CVE-2020-36236
    Affected versions of Atlassian Jira Server and Data Center allow remote attackers to inject arbitrary HTML or JavaScript via a Cross-Site Scripting (XSS) vulnerability in the ViewWorkflowSchemes.jspa ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 09:43 | 阅读:26 | 回复:0
  • CVE-2020-36235
    CVE漏洞
    CVE-2020-36235
    Affected versions of Atlassian Jira Server and Data Center allow unauthenticated remote attackers to view custom field and custom SLA names via an Information Disclosure vulnerability in the mobile si ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 09:43 | 阅读:18 | 回复:0
  • CVE-2020-36234
    CVE漏洞
    CVE-2020-36234
    Affected versions of Atlassian Jira Server and Data Center allow remote attackers to inject arbitrary HTML or JavaScript via a Cross-Site Scripting (XSS) vulnerability in the Screens Modal view. The a ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 09:43 | 阅读:22 | 回复:0
  • CVE-2021-27213
    CVE漏洞
    CVE-2021-27213
    config.py in pystemon before 2021-02-13 allows code execution via YAML deserialization because SafeLoader and safe_load are not used.……
    作者:菜鸟教程小白 | 时间:2022-2-5 09:43 | 阅读:23 | 回复:0
  • CVE-2021-26929
    CVE漏洞
    CVE-2021-26929
    An XSS issue was discovered in Horde Groupware Webmail Edition through 5.2.22 (where the Horde_Text_Filter library before 2.3.7 is used). The attacker can send a plain text e-mail message, with JavaSc ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 09:43 | 阅读:28 | 回复:0
  • CVE-2019-25019
    CVE漏洞
    CVE-2019-25019
    LimeSurvey before 4.0.0-RC4 allows SQL injection via the participant model.……
    作者:菜鸟教程小白 | 时间:2022-2-5 09:43 | 阅读:25 | 回复:0
  • CVE-2021-27212
    CVE漏洞
    CVE-2021-27212
    In OpenLDAP through 2.4.57 and 2.5.x through 2.5.1alpha, an assertion failure in slapd can occur in the issuerAndThisUpdateCheck function via a crafted packet, resulting in a denial of service (daemon ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 09:43 | 阅读:23 | 回复:0
  • CVE-2021-27210
    CVE漏洞
    CVE-2021-27210
    TP-Link Archer C5v 1.7_181221 devices allows remote attackers to retrieve cleartext credentials via 0,0 to the /cgi?15 URI.……
    作者:菜鸟教程小白 | 时间:2022-2-5 09:43 | 阅读:16 | 回复:0
  • CVE-2021-27209
    CVE漏洞
    CVE-2021-27209
    In the management interface on TP-Link Archer C5v 1.7_181221 devices, credentials are sent in a base64 format over cleartext HTTP.……
    作者:菜鸟教程小白 | 时间:2022-2-5 09:43 | 阅读:16 | 回复:0
  • CVE-2021-26753
    CVE漏洞
    CVE-2021-26753
    NeDi 1.9C allows an authenticated user to inject PHP code in the System Files function on the endpoint /System-Files.php via the txt HTTP POST parameter. This allows an attacker to obtain access to th ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 09:43 | 阅读:28 | 回复:0
  • CVE-2021-26752
    CVE漏洞
    CVE-2021-26752
    NeDi 1.9C allows an authenticated user to execute operating system commands in the Nodes Traffic function on the endpoint /Nodes-Traffic.php via the md or ag HTTP GET parameter. This allows an attacke ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 09:43 | 阅读:25 | 回复:0
  • CVE-2021-26751
    CVE漏洞
    CVE-2021-26751
    NeDi 1.9C allows an authenticated user to perform a SQL Injection in the Monitoring History function on the endpoint /Monitoring-History.php via the det HTTP GET parameter. This allows an attacker to ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 09:43 | 阅读:22 | 回复:0
  • CVE-2021-22984
    CVE漏洞
    CVE-2021-22984
    On BIG-IP Advanced WAF and ASM version 15.1.x before 15.1.0.2, 15.0.x before 15.0.1.4, 14.1.x before 14.1.2.5, 13.1.x before 13.1.3.4, 12.1.x before 12.1.5.2, and 11.6.x before 11.6.5.2, when receivin ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 09:43 | 阅读:13 | 回复:0
  • CVE-2021-22978
    CVE漏洞
    CVE-2021-22978
    On BIG-IP version 16.0.x before 16.0.1, 15.1.x before 15.1.1, 14.1.x before 14.1.3.1, 13.1.x before 13.1.3.5, and all 12.1.x and 11.6.x versions, undisclosed endpoints in iControl REST allow for a ref ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 09:43 | 阅读:22 | 回复:0
  • CVE-2021-22977
    CVE漏洞
    CVE-2021-22977
    On BIG-IP version 16.0.0-16.0.1 and 14.1.2.4-14.1.3, cooperation between malicious HTTP client code and a malicious server may cause TMM to restart and generate a core file. Note: Software versions wh ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 09:43 | 阅读:26 | 回复:0
  • CVE-2021-22504
    CVE漏洞
    CVE-2021-22504
    Arbitrary code execution vulnerability on Micro Focus Operations Bridge Manager product, affecting versions 10.1x, 10.6x, 2018.05, 2018.11, 2019.05, 2019.11, 2020.05, 2020.10. The vulnerability could ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 09:43 | 阅读:34 | 回复:0
  • CVE-2020-13949
    CVE漏洞
    CVE-2020-13949
    In Apache Thrift 0.9.3 to 0.13.0, malicious RPC clients could send short messages which would result in a large memory allocation, potentially leading to denial of service.……
    作者:菜鸟教程小白 | 时间:2022-2-5 09:43 | 阅读:36 | 回复:0
  • CVE-2021-1239
    CVE漏洞
    CVE-2021-1239
    Multiple vulnerabilities in the web-based management interface of Cisco Firepower Management Center (FMC) could allow an authenticated, remote attacker to conduct a stored cross-site scripting (XSS) a ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 09:43 | 阅读:44 | 回复:0
  • CVE-2021-1238
    CVE漏洞
    CVE-2021-1238
    Multiple vulnerabilities in the web-based management interface of Cisco Firepower Management Center (FMC) could allow an authenticated, remote attacker to conduct a stored cross-site scripting (XSS) a ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 09:43 | 阅读:42 | 回复:0
  • CVE-2021-1237
    CVE漏洞
    CVE-2021-1237
    A vulnerability in the Network Access Manager and Web Security Agent components of Cisco AnyConnect Secure Mobility Client for Windows could allow an authenticated, local attacker to perform a DLL inj ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 09:43 | 阅读:40 | 回复:0
  • CVE-2021-1236
    CVE漏洞
    CVE-2021-1236
    Multiple Cisco products are affected by a vulnerability in the Snort application detection engine that could allow an unauthenticated, remote attacker to bypass the configured policies on an affected ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 09:43 | 阅读:36 | 回复:0
  • CVE-2021-1226
    CVE漏洞
    CVE-2021-1226
    A vulnerability in the audit logging component of Cisco Unified Communications Manager, Cisco Unified Communications Manager Session Management Edition, Cisco Unified Communications Manager IM amp; Pr ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 09:43 | 阅读:33 | 回复:0
  • CVE-2021-1224
    CVE漏洞
    CVE-2021-1224
    Multiple Cisco products are affected by a vulnerability with TCP Fast Open (TFO) when used in conjunction with the Snort detection engine that could allow an unauthenticated, remote attacker to bypass ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 09:43 | 阅读:35 | 回复:0
  • CVE-2021-1223
    CVE漏洞
    CVE-2021-1223
    Multiple Cisco products are affected by a vulnerability in the Snort detection engine that could allow an unauthenticated, remote attacker to bypass a configured file policy for HTTP. The vulnerabilit ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 09:43 | 阅读:54 | 回复:0
  • CVE-2021-1217
    CVE漏洞
    CVE-2021-1217
    Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to execute arbitrary code ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 09:43 | 阅读:40 | 回复:0
  • CVE-2021-1216
    CVE漏洞
    CVE-2021-1216
    Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to execute arbitrary code ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 09:43 | 阅读:36 | 回复:0
  • CVE-2021-1215
    CVE漏洞
    CVE-2021-1215
    Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to execute arbitrary code ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 09:43 | 阅读:53 | 回复:0
  • CVE-2021-1214
    CVE漏洞
    CVE-2021-1214
    Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to execute arbitrary code ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 09:43 | 阅读:42 | 回复:0
  • CVE-2021-1213
    CVE漏洞
    CVE-2021-1213
    Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to execute arbitrary code ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 09:43 | 阅读:36 | 回复:0

关注我们

极客给你想要的成长

关注极客中国获取最新资讯

加入Q群 官方微博
热门推荐
More+
专题导读
More+
热门话题
More+
阅读排行榜

扫描微信二维码

查看手机版网站

随时了解更新最新资讯

139-2527-9053

在线客服(服务时间 9:00~18:00)

在线QQ客服
地址:深圳市南山区西丽大学城创智工业园
电邮:jeky_zhao#qq.com
移动电话:139-2527-9053

Powered by 互联科技 X3.4© 2001-2213 极客世界.|Sitemap