请选择 进入手机版 | 继续访问电脑版
  • 设为首页
  • 点击收藏
  • 手机版
    手机扫一扫访问
    迪恩网络手机版
  • 关注官方公众号
    微信扫一扫关注
    公众号

漏洞

RSS

下级分类:

  • CVE-2022-33994
    CVE-2022-33994
    The Gutenberg plugin through 13.7.3 for WordPress allows stored XSS by the Contributor role via an SVG document to the Insert from URL feature. NOTE: the XSS payload does not execute in the context of ...……
    作者:菜鸟教程小白 | 时间:2022-8-12 22:21 | 阅读:80 | 回复:0
  • CVE-2022-36336
    CVE-2022-36336
    A link following vulnerability in the scanning function of Trend Micro Apex One and Worry-Free Business Security agents could allow a local attacker to escalate privileges on affected installations. T ...……
    作者:菜鸟教程小白 | 时间:2022-8-12 22:21 | 阅读:80 | 回复:0
  • CVE-2022-35234
    CVE-2022-35234
    Trend Micro Security 2021 and 2022 (Consumer) is vulnerable to an Out-Of-Bounds Read Information Disclosure Vulnerability that could allow an attacker to read sensitive information from other memory l ...……
    作者:菜鸟教程小白 | 时间:2022-8-12 22:21 | 阅读:82 | 回复:0
  • CVE-2022-33158
    CVE-2022-33158
    Trend Micro VPN Proxy Pro version 5.2.1026 and below contains a vulnerability involving some overly permissive folders in a key directory which could allow a local attacker to obtain privilege escalat ...……
    作者:菜鸟教程小白 | 时间:2022-8-12 22:21 | 阅读:85 | 回复:0
  • CVE-2022-30083
    CVE-2022-30083
    EllieGrid Android Application version 3.4.1 is vulnerable to Code Injection. The application appears to evaluate user input as code (remote).……
    作者:菜鸟教程小白 | 时间:2022-8-12 22:21 | 阅读:79 | 回复:0
  • CVE-2021-27785
    CVE-2021-27785
    HCL Commerce's Remote Store server could allow a local attacker to obtain sensitive personal information. The vulnerability requires the victim to first perform a particular operation on the websi ...……
    作者:菜鸟教程小白 | 时间:2022-8-12 22:21 | 阅读:84 | 回复:0
  • CVE-2022-34531
    CVE-2022-34531
    DedeCMS v5.7.95 was discovered to contain a remote code execution (RCE) vulnerability via the component mytag_ main.php.……
    作者:菜鸟教程小白 | 时间:2022-8-12 22:21 | 阅读:80 | 回复:0
  • CVE-2022-34528
    CVE-2022-34528
    D-Link DSL-3782 v1.03 and below was discovered to contain a stack overflow via the function getAttrValue.……
    作者:菜鸟教程小白 | 时间:2022-8-12 22:21 | 阅读:78 | 回复:0
  • CVE-2022-34527
    CVE-2022-34527
    D-Link DSL-3782 v1.03 and below was discovered to contain a command injection vulnerability via the function byte_4C0160.……
    作者:菜鸟教程小白 | 时间:2022-8-12 22:21 | 阅读:75 | 回复:0
  • CVE-2022-34526
    CVE-2022-34526
    A stack overflow was discovered in the _TIFFVGetField function of Tiffsplit v4.4.0. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted TIFF file.……
    作者:菜鸟教程小白 | 时间:2022-8-12 22:21 | 阅读:73 | 回复:0
  • CVE-2022-34496
    CVE-2022-34496
    Hiby R3 PRO firmware v1.5 to v1.7 was discovered to contain a file upload vulnerability via the file upload feature.……
    作者:菜鸟教程小白 | 时间:2022-8-12 22:21 | 阅读:78 | 回复:0
  • CVE-2022-36447
    CVE-2022-36447
    An inflation issue was discovered in Chia Network CAT1 Standard 1.0.0. Previously minted tokens minted on the Chia blockchain using the CAT1 standard can be inflated to an arbitrary extent by any hold ...……
    作者:菜鸟教程小白 | 时间:2022-8-12 22:21 | 阅读:73 | 回复:0
  • CVE-2022-2324
    CVE-2022-2324
    Improperly Implemented Security Check vulnerability in the SonicWall Hosted Email Security leads to bypass of Capture ATP security service in the appliance. This vulnerability impacts 10.0.17.7319 and ...……
    作者:菜鸟教程小白 | 时间:2022-8-12 22:21 | 阅读:76 | 回复:0
  • CVE-2022-22280
    CVE-2022-22280
    Improper Neutralization of Special Elements used in an SQL Command leading to Unauthenticated SQL Injection vulnerability, impacting SonicWall GMS 9.3.1-SP2-Hotfix1, Analytics On-Prem 2.5.0.3-2520 and ...……
    作者:菜鸟教程小白 | 时间:2022-8-12 22:21 | 阅读:71 | 回复:0
  • CVE-2022-2323
    CVE-2022-2323
    Improper neutralization of special elements used in a user input allows an authenticated malicious user to perform remote code execution in the host system. This vulnerability impacts SonicWall Switch ...……
    作者:菜鸟教程小白 | 时间:2022-8-12 22:21 | 阅读:75 | 回复:0
  • CVE-2022-27866
    CVE-2022-27866
    A maliciously crafted TIFF file when consumed through DesignReview.exe application can be forced to read beyond allocated boundaries when parsing the TIFF file. This vulnerability in conjunction with ...……
    作者:菜鸟教程小白 | 时间:2022-8-12 22:21 | 阅读:77 | 回复:0
  • CVE-2022-27865
    CVE-2022-27865
    A maliciously crafted TGA or PCX file may be used to write beyond the allocated buffer through DesignReview.exe application while parsing TGA and PCX files. This vulnerability may be exploited to exec ...……
    作者:菜鸟教程小白 | 时间:2022-8-12 22:21 | 阅读:71 | 回复:0
  • CVE-2022-27864
    CVE-2022-27864
    A Double Free vulnerability allows remote attackers to execute arbitrary code through DesignReview.exe application on PDF files within affected installations. User interaction is required to exploit t ...……
    作者:菜鸟教程小白 | 时间:2022-8-12 22:21 | 阅读:69 | 回复:0
  • CVE-2022-36378
    CVE-2022-36378
    Authenticated (author or higher user role) Stored Cross-Site Scripting (XSS) vulnerability in PluginlySpeaking Floating Div plugin = 3.0 at WordPress.……
    作者:菜鸟教程小白 | 时间:2022-8-12 22:21 | 阅读:65 | 回复:0
  • CVE-2022-2414
    CVE-2022-2414
    Access to external entities when parsing XML documents can lead to XML external entity (XXE) attacks. This flaw allows a remote attacker to potentially retrieve the content of arbitrary files by sendi ...……
    作者:菜鸟教程小白 | 时间:2022-8-12 22:21 | 阅读:63 | 回复:0
  • CVE-2022-23004
    CVE-2022-23004
    When computing a shared secret or point multiplication on the NIST P-256 curve using a public key with an X coordinate of zero, an error is returned from the library, and an invalid unreduced value is ...……
    作者:菜鸟教程小白 | 时间:2022-8-12 22:21 | 阅读:63 | 回复:0
  • CVE-2022-23003
    CVE-2022-23003
    When computing a shared secret or point multiplication on the NIST P-256 curve that results in an X coordinate of zero, the resulting output is not properly reduced modulo the P-256 field prime and is ...……
    作者:菜鸟教程小白 | 时间:2022-8-12 22:21 | 阅读:71 | 回复:0
  • CVE-2022-23002
    CVE-2022-23002
    When compressing or decompressing a point on the NIST P-256 elliptic curve with an X coordinate of zero, the resulting output is not properly reduced modulo the P-256 field prime and is invalid. The r ...……
    作者:菜鸟教程小白 | 时间:2022-8-12 22:21 | 阅读:67 | 回复:0
  • CVE-2022-23001
    CVE-2022-23001
    When compressing or decompressing elliptic curve points using the Sweet B library, an incorrect choice of sign bit is used. An attacker with user level privileges and no other user's assistance ca ...……
    作者:菜鸟教程小白 | 时间:2022-8-12 22:21 | 阅读:67 | 回复:0
  • CVE-2022-35632
    CVE-2022-35632
    The Velociraptor GUI contains an editor suggestion feature that can display the description field of a VQL function, plugin or artifact. This field was not properly sanitized and can lead to cross-sit ...……
    作者:菜鸟教程小白 | 时间:2022-8-12 22:21 | 阅读:70 | 回复:0
  • CVE-2022-35631
    CVE-2022-35631
    On MacOS and Linux, it may be possible to perform a symlink attack by replacing this predictable file name with a symlink to another file and have the Velociraptor client overwrite the other file. Thi ...……
    作者:菜鸟教程小白 | 时间:2022-8-12 22:21 | 阅读:72 | 回复:0
  • CVE-2022-35630
    CVE-2022-35630
    A cross-site scripting (XSS) issue in generating a collection report made it possible for malicious clients to inject JavaScript code into the static HTML file. This issue was resolved in Velociraptor ...……
    作者:菜鸟教程小白 | 时间:2022-8-12 22:21 | 阅读:66 | 回复:0
  • CVE-2022-35629
    CVE-2022-35629
    Due to a bug in the handling of the communication between the client and server, it was possible for one client, already registered with their own client ID, to send messages to the server claiming to ...……
    作者:菜鸟教程小白 | 时间:2022-8-12 22:21 | 阅读:71 | 回复:0
  • CVE-2022-33881
    CVE-2022-33881
    Parsing a maliciously crafted PRT file can force Autodesk AutoCAD 2023 to read beyond allocated boundaries. This vulnerability in conjunction with other vulnerabilities could lead to code execution in ...……
    作者:菜鸟教程小白 | 时间:2022-8-12 22:21 | 阅读:73 | 回复:0
  • CVE-2022-2579
    CVE-2022-2579
    A vulnerability, which was classified as problematic, was found in SourceCodester Garage Management System 1.0. Affected is an unknown function of the file /php_action/createUser.php. The manipulation ...……
    作者:菜鸟教程小白 | 时间:2022-8-12 22:21 | 阅读:71 | 回复:0
  • CVE-2022-2578
    CVE-2022-2578
    A vulnerability, which was classified as critical, has been found in SourceCodester Garage Management System 1.0. This issue affects some unknown processing of the file /php_action/createUser.php. The ...……
    作者:菜鸟教程小白 | 时间:2022-8-12 22:21 | 阅读:47 | 回复:0
  • CVE-2022-2577
    CVE-2022-2577
    A vulnerability classified as critical was found in SourceCodester Garage Management System 1.0. This vulnerability affects unknown code of the file /edituser.php. The manipulation of the argument id ...……
    作者:菜鸟教程小白 | 时间:2022-8-12 22:21 | 阅读:47 | 回复:0
  • CVE-2022-27873
    CVE-2022-27873
    An attacker can force the victim’s device to perform arbitrary HTTP requests in WAN through a malicious SVG file being parsed by Autodesk Fusion 360’s document parser. The vulnerability exists in th ...……
    作者:菜鸟教程小白 | 时间:2022-8-12 22:21 | 阅读:43 | 回复:0
  • CVE-2016-4981
    CVE-2016-4981
    ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2016-4982. Reason: This candidate is a duplicate of CVE-2016-4982. Notes: All CVE users should reference CVE-2016-4982 instead of this ca ...……
    作者:菜鸟教程小白 | 时间:2022-8-12 22:21 | 阅读:45 | 回复:0
  • CVE-2022-36123
    CVE-2022-36123
    The Linux kernel before 5.18.13 lacks a certain clear operation for the block starting symbol (.bss). This allows Xen PV guest OS users to cause a denial of service or gain privileges.……
    作者:菜鸟教程小白 | 时间:2022-8-12 22:21 | 阅读:43 | 回复:0
  • CVE-2022-35643
    CVE-2022-35643
    IBM PowerVM VIOS 3.1 could allow a remote attacker to tamper with system configuration or cause a denial of service. IBM X-Force ID: 230956.……
    作者:菜鸟教程小白 | 时间:2022-8-12 22:21 | 阅读:42 | 回复:0
  • CVE-2022-2576
    CVE-2022-2576
    In Eclipse Californium version 2.0.0 to 2.7.2 and 3.0.0-3.5.0 a DTLS resumption handshake falls back to a DTLS full handshake on a parameter mismatch without using a HelloVerifyRequest. Especially, if ...……
    作者:菜鸟教程小白 | 时间:2022-8-12 22:21 | 阅读:45 | 回复:0
  • CVE-2022-1277
    CVE-2022-1277
    Inavitas Solar Log product has an unauthenticated SQL Injection vulnerability.……
    作者:菜鸟教程小白 | 时间:2022-8-12 22:21 | 阅读:42 | 回复:0
  • CVE-2022-24912
    CVE-2022-24912
    The package github.com/runatlantis/atlantis/server/controllers/events before 0.19.7 are vulnerable to Timing Attack in the webhook event validator code, which does not use a constant-time comparison f ...……
    作者:菜鸟教程小白 | 时间:2022-8-12 22:21 | 阅读:43 | 回复:0
  • CVE-2022-1799
    CVE-2022-1799
    Incorrect signature trust exists within Google Play services SDK play-services-basement. A debug version of Google Play services is trusted by the SDK for devices that are non-GMS. We recommend upgrad ...……
    作者:菜鸟教程小白 | 时间:2022-8-12 22:21 | 阅读:46 | 回复:0

关注我们

极客给你想要的成长

关注极客中国获取最新资讯

热门推荐
    热门话题
    阅读排行榜

    扫描微信二维码

    查看手机版网站

    随时了解更新最新资讯

    139-2527-9053

    在线客服(服务时间 9:00~18:00)

    在线QQ客服
    地址:深圳市南山区西丽大学城创智工业园
    电邮:jeky_zhao#qq.com
    移动电话:139-2527-9053

    Powered by 互联科技 X3.4© 2001-2213 极客世界.|Sitemap