• 设为首页
  • 点击收藏
  • 手机版
    手机扫一扫访问
    迪恩网络手机版
  • 关注官方公众号
    微信扫一扫关注
    公众号
登陆 注册
OStack程序员社区-中国程序员成长平台 门户 漏洞

漏洞

RSS

下级分类:

  • CVE-2019-18629
    CVE漏洞
    CVE-2019-18629
    Xerox AltaLink B8045/B8055/B8065/B8075/B8090 and C8030/C8035/C8045/C8055/C8070 multifunction printers with software releases before 101.00x.099.28200 allow an attacker to execute an unwanted binary du ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 09:41 | 阅读:58 | 回复:0
  • CVE-2019-18628
    CVE漏洞
    CVE-2019-18628
    Xerox AltaLink B8045/B8055/B8065/B8075/B8090 and C8030/C8035/C8045/C8055/C8070 multifunction printers with software releases before 101.00x.099.28200 allow a user with administrative privileges to tur ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 09:41 | 阅读:68 | 回复:0
  • CVE-2021-21331
    CVE漏洞
    CVE-2021-21331
    The Java client for the Datadog API before version 1.0.0-beta.9 has a local information disclosure of sensitive information downloaded via the API using the API Client. The Datadog API is executed on ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 09:41 | 阅读:66 | 回复:0
  • CVE-2021-27940
    CVE漏洞
    CVE-2021-27940
    resources/public/js/orchestrator.js in openark orchestrator before 3.2.4 allows XSS via the orchestrator-msg parameter.……
    作者:菜鸟教程小白 | 时间:2022-2-5 09:41 | 阅读:53 | 回复:0
  • CVE-2021-27935
    CVE漏洞
    CVE-2021-27935
    An issue was discovered in AdGuard before 0.105.2. An attacker able to get the user's cookie is able to bruteforce their password offline, because the hash of the password is stored in the cookie. ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 09:41 | 阅读:63 | 回复:0
  • CVE-2021-27931
    CVE漏洞
    CVE-2021-27931
    LumisXP (aka Lumis Experience Platform) before 10.0.0 allows unauthenticated blind XXE via an API request to PageControllerXml.jsp. One can send a request crafted with an XXE payload and achieve outco ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 09:41 | 阅读:61 | 回复:0
  • CVE-2021-21314
    CVE漏洞
    CVE-2021-21314
    GLPI is open source software which stands for Gestionnaire Libre de Parc Informatique and it is a Free Asset and IT Management Software package. In GLPI before verison 9.5.4, there is an XSS vulnerabi ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 09:41 | 阅读:67 | 回复:0
  • CVE-2021-21313
    CVE漏洞
    CVE-2021-21313
    GLPI is open source software which stands for Gestionnaire Libre de Parc Informatique and it is a Free Asset and IT Management Software package. In GLPI before verison 9.5.4, there is a vulnerability ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 09:41 | 阅读:56 | 回复:0
  • CVE-2021-21312
    CVE漏洞
    CVE-2021-21312
    GLPI is open source software which stands for Gestionnaire Libre de Parc Informatique and it is a Free Asset and IT Management Software package. In GLPI before verison 9.5.4, there is a vulnerability ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 09:41 | 阅读:64 | 回复:0
  • CVE-2021-27839
    CVE漏洞
    CVE-2021-27839
    A CSV injection vulnerability found in Online Invoicing System (OIS) 4.3 and below can be exploited by users to perform malicious actions such as redirecting admins to unknown or harmful websites, or ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 09:41 | 阅读:81 | 回复:0
  • CVE-2021-22884
    CVE漏洞
    CVE-2021-22884
    Node.js before 10.24.0, 12.21.0, 14.16.0, and 15.10.0 is vulnerable to DNS rebinding attacks as the whitelist includes “localhost6”. When “localhost6” is not present in /etc/hosts, it is just an o ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 09:41 | 阅读:84 | 回复:0
  • CVE-2021-22883
    CVE漏洞
    CVE-2021-22883
    Node.js before 10.24.0, 12.21.0, 14.16.0, and 15.10.0 is vulnerable to a denial of service attack when too many connection attempts with an 'unknownProtocol' are established. This leads to a l ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 09:41 | 阅读:61 | 回复:0
  • CVE-2021-22878
    CVE漏洞
    CVE-2021-22878
    Nextcloud Server prior to 20.0.6 is vulnerable to reflected cross-site scripting (XSS) due to lack of sanitization in `OC.Notification.show`.……
    作者:菜鸟教程小白 | 时间:2022-2-5 09:41 | 阅读:71 | 回复:0
  • CVE-2021-22877
    CVE漏洞
    CVE-2021-22877
    A missing user check in Nextcloud prior to 20.0.6 inadvertently populates a user's own credentials for other users external storage configuration when not already configured yet.……
    作者:菜鸟教程小白 | 时间:2022-2-5 09:41 | 阅读:56 | 回复:0
  • CVE-2021-22681
    CVE漏洞
    CVE-2021-22681
    Rockwell Automation Studio 5000 Logix Designer Versions 21 and later, and RSLogix 5000 Versions 16 through 20 use a key to verify Logix controllers are communicating with Rockwell Automation CompactLo ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 09:41 | 阅读:70 | 回复:0
  • CVE-2021-22188
    CVE漏洞
    CVE-2021-22188
    An issue has been discovered in GitLab affecting all versions starting with 13.0. Confidential issue titles in Gitlab were readable by an unauthorised user via branch logs.……
    作者:菜鸟教程小白 | 时间:2022-2-5 09:41 | 阅读:72 | 回复:0
  • CVE-2021-22182
    CVE漏洞
    CVE-2021-22182
    An issue has been discovered in GitLab affecting all versions starting with 13.7. GitLab was vulnerable to a stored XSS in merge request.……
    作者:菜鸟教程小白 | 时间:2022-2-5 09:41 | 阅读:68 | 回复:0
  • CVE-2021-21978
    CVE漏洞
    CVE-2021-21978
    VMware View Planner 4.x prior to 4.6 Security Patch 1 contains a remote code execution vulnerability. Improper input validation and lack of authorization leading to arbitrary file upload in logupload ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 09:41 | 阅读:76 | 回复:0
  • CVE-2020-8296
    CVE漏洞
    CVE-2020-8296
    Nextcloud Server prior to 20.0.0 stores passwords in a recoverable format even when external storage is not configured.……
    作者:菜鸟教程小白 | 时间:2022-2-5 09:41 | 阅读:80 | 回复:0
  • CVE-2020-29047
    CVE漏洞
    CVE-2020-29047
    The wp-hotel-booking plugin through 1.10.2 for WordPress allows remote attackers to execute arbitrary code because of an unserialize operation on the thimpress_hotel_booking_1 cookie in load in includ ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 09:41 | 阅读:70 | 回复:0
  • CVE-2020-28597
    CVE漏洞
    CVE-2020-28597
    A predictable seed vulnerability exists in the password reset functionality of Epignosis EfrontPro 5.2.21. By predicting the seed it is possible to generate the correct password reset 1-time token. An ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 09:41 | 阅读:52 | 回复:0
  • CVE-2020-28591
    CVE漏洞
    CVE-2020-28591
    An out-of-bounds read vulnerability exists in the AMF File AMFParserContext::endElement() functionality of Slic3r libslic3r 1.3.0 and Master Commit 92abbc42. A specially crafted AMF file can lead to i ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 09:41 | 阅读:66 | 回复:0
  • CVE-2020-13558
    CVE漏洞
    CVE-2020-13558
    A code execution vulnerability exists in the AudioSourceProviderGStreamer functionality of Webkit WebKitGTK 2.30.1. A specially crafted web page can lead to a use after free.……
    作者:菜鸟教程小白 | 时间:2022-2-5 09:41 | 阅读:67 | 回复:0
  • CVE-2021-27927
    CVE漏洞
    CVE-2021-27927
    In Zabbix from 4.0.x before 4.0.28rc1, 5.0.0alpha1 before 5.0.10rc1, 5.2.x before 5.2.6rc1, and 5.4.0alpha1 before 5.4.0beta2, the CControllerAuthenticationUpdate controller lacks a CSRF protection me ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 09:41 | 阅读:64 | 回复:0
  • CVE-2021-22683
    CVE漏洞
    CVE-2021-22683
    Fatek FvDesigner Version 1.5.76 and prior is vulnerable to an out-of-bounds write while processing project files, allowing an attacker to craft a special project file that may permit arbitrary code ex ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 09:41 | 阅读:69 | 回复:0
  • CVE-2021-22670
    CVE漏洞
    CVE-2021-22670
    An uninitialized pointer may be exploited in Fatek FvDesigner Version 1.5.76 and prior while the application is processing project files, allowing an attacker to craft a special project file that may ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 09:41 | 阅读:79 | 回复:0
  • CVE-2021-22666
    CVE漏洞
    CVE-2021-22666
    Fatek FvDesigner Version 1.5.76 and prior is vulnerable to a stack-based buffer overflow while project files are being processed, allowing an attacker to craft a special project file that may permit a ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 09:41 | 阅读:70 | 回复:0
  • CVE-2021-22662
    CVE漏洞
    CVE-2021-22662
    A use after free issue has been identified in Fatek FvDesigner Version 1.5.76 and prior in the way the application processes project files, allowing an attacker to craft a special project file that ma ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 09:41 | 阅读:74 | 回复:0
  • CVE-2021-22638
    CVE漏洞
    CVE-2021-22638
    Fatek FvDesigner Version 1.5.76 and prior is vulnerable to an out-of-bounds read while processing project files, allowing an attacker to craft a special project file that may permit arbitrary code exe ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 09:41 | 阅读:51 | 回复:0
  • CVE-2021-21979
    CVE漏洞
    CVE-2021-21979
    In Bitnami Containers, all Laravel container versions prior to: 6.20.0-debian-10-r107 for Laravel 6, 7.30.1-debian-10-r108 for Laravel 7 and 8.5.11-debian-10-r0 for Laravel 8, the file /tmp/app/.env i ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 09:41 | 阅读:56 | 回复:0
  • CVE-2021-20442
    CVE漏洞
    CVE-2021-20442
    IBM Security Verify Bridge contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound authentication, outbound communication to external components, or ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 09:41 | 阅读:56 | 回复:0
  • CVE-2021-20441
    CVE漏洞
    CVE-2021-20441
    IBM Security Verify Bridge uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 196617.……
    作者:菜鸟教程小白 | 时间:2022-2-5 09:41 | 阅读:56 | 回复:0
  • CVE-2021-20233
    CVE漏洞
    CVE-2021-20233
    A flaw was found in grub2 in versions prior to 2.06. Setparam_prefix() in the menu rendering code performs a length calculation on the assumption that expressing a quoted single quote will require 3 c ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 09:41 | 阅读:73 | 回复:0
  • CVE-2021-20225
    CVE漏洞
    CVE-2021-20225
    A flaw was found in grub2 in versions prior to 2.06. The option parser allows an attacker to write past the end of a heap-allocated buffer by calling certain commands with a large number of specific s ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 09:41 | 阅读:67 | 回复:0
  • CVE-2021-20076
    CVE漏洞
    CVE-2021-20076
    Tenable.sc and Tenable.sc Core versions 5.13.0 through 5.17.0 were found to contain a vulnerability that could allow an authenticated, unprivileged user to perform Remote Code Execution (RCE) on the T ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 09:41 | 阅读:84 | 回复:0
  • CVE-2020-27779
    CVE漏洞
    CVE-2020-27779
    A flaw was found in grub2 in versions prior to 2.06. The cutmem command does not honor secure boot locking allowing an privileged attacker to remove address ranges from memory creating an opportunity ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 09:41 | 阅读:57 | 回复:0
  • CVE-2020-27749
    CVE漏洞
    CVE-2020-27749
    A flaw was found in grub2 in versions prior to 2.06. Variable names present are expanded in the supplied command line into their corresponding variable contents, using a 1kB stack buffer for temporary ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 09:41 | 阅读:48 | 回复:0
  • CVE-2020-25647
    CVE漏洞
    CVE-2020-25647
    A flaw was found in grub2 in versions prior to 2.06. During USB device initialization, descriptors are read with very little bounds checking and assumes the USB device is providing sane values. If pro ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 09:41 | 阅读:52 | 回复:0
  • CVE-2020-25632
    CVE漏洞
    CVE-2020-25632
    A flaw was found in grub2 in versions prior to 2.06. The rmmod implementation allows the unloading of a module used as a dependency without checking if any other dependent module is still loaded leadi ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 09:41 | 阅读:61 | 回复:0
  • CVE-2020-14372
    CVE漏洞
    CVE-2020-14372
    A flaw was found in grub2 in versions prior to 2.06, where it incorrectly enables the usage of the ACPI command when Secure Boot is enabled. This flaw allows an attacker with privileged access to craf ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 09:41 | 阅读:65 | 回复:0

关注我们

极客给你想要的成长

关注极客中国获取最新资讯

加入Q群 官方微博
热门推荐
More+
专题导读
More+
热门话题
More+
阅读排行榜

扫描微信二维码

查看手机版网站

随时了解更新最新资讯

139-2527-9053

在线客服(服务时间 9:00~18:00)

在线QQ客服
地址:深圳市南山区西丽大学城创智工业园
电邮:jeky_zhao#qq.com
移动电话:139-2527-9053

Powered by 互联科技 X3.4© 2001-2213 极客世界.|Sitemap