• 设为首页
  • 点击收藏
  • 手机版
    手机扫一扫访问
    迪恩网络手机版
  • 关注官方公众号
    微信扫一扫关注
    迪恩网络公众号
登陆 注册
OGeek|极客世界-中国程序员成长平台 门户 漏洞CVE漏洞

CVE漏洞

RSS
  • CVE-2022-36902
    CVE-2022-36902
    Jenkins Dynamic Extended Choice Parameter Plugin 1.0.1 and earlier does not escape several fields of Moded Extended Choice parameters, resulting in a stored cross-site scripting (XSS) vulnerability ex ...……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:19 | 阅读:574 | 回复:0
  • CVE-2022-36903
    CVE-2022-36903
    A missing permission check in Jenkins Repository Connector Plugin 2.2.0 and earlier allows attackers with Overall/Read permission to enumerate credentials IDs of credentials stored in Jenkins.……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:19 | 阅读:532 | 回复:0
  • CVE-2022-36904
    CVE-2022-36904
    Jenkins Repository Connector Plugin 2.2.0 and earlier does not perform a permission check in a method implementing form validation, allowing attackers with Overall/Read permission to check for the exi ...……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:19 | 阅读:523 | 回复:0
  • CVE-2022-36905
    CVE-2022-36905
    Jenkins Maven Metadata Plugin for Jenkins CI server Plugin 2.2 and earlier does not perform URL validation for the Repository Base URL of List maven artifact versions parameters, resulting in a stored ...……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:19 | 阅读:790 | 回复:0
  • CVE-2022-36906
    CVE-2022-36906
    A cross-site request forgery (CSRF) vulnerability in Jenkins OpenShift Deployer Plugin 1.2.0 and earlier allows attackers to connect to an attacker-specified URL using attacker-specified username and ...……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:19 | 阅读:505 | 回复:0
  • CVE-2022-36907
    CVE-2022-36907
    A missing permission check in Jenkins OpenShift Deployer Plugin 1.2.0 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified URL using attacker-specified usernam ...……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:19 | 阅读:621 | 回复:0
  • CVE-2022-36908
    CVE-2022-36908
    A cross-site request forgery (CSRF) vulnerability in Jenkins OpenShift Deployer Plugin 1.2.0 and earlier allows attackers to check for the existence of an attacker-specified file path on the Jenkins c ...……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:19 | 阅读:603 | 回复:0
  • CVE-2022-36909
    CVE-2022-36909
    A missing permission check in Jenkins OpenShift Deployer Plugin 1.2.0 and earlier allows attackers with Overall/Read permission to check for the existence of an attacker-specified file path on the Jen ...……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:19 | 阅读:500 | 回复:0
  • CVE-2022-36910
    CVE-2022-36910
    Jenkins Lucene-Search Plugin 370.v62a5f618cd3a and earlier does not perform a permission check in several HTTP endpoints, allowing attackers with Overall/Read permission to reindex the database and to ...……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:19 | 阅读:512 | 回复:0
  • CVE-2022-36911
    CVE-2022-36911
    A cross-site request forgery (CSRF) vulnerability in Jenkins Openstack Heat Plugin 1.5 and earlier allows attackers to connect to an attacker-specified URL.……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:19 | 阅读:545 | 回复:0
  • CVE-2022-36912
    CVE-2022-36912
    A missing permission check in Jenkins Openstack Heat Plugin 1.5 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified URL.……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:19 | 阅读:595 | 回复:0
  • CVE-2022-36913
    CVE-2022-36913
    Jenkins Openstack Heat Plugin 1.5 and earlier does not perform permission checks in methods implementing form validation, allowing attackers with Overall/Read permission to check for the existence of ...……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:19 | 阅读:838 | 回复:0
  • CVE-2022-36914
    CVE-2022-36914
    Jenkins Files Found Trigger Plugin 1.5 and earlier does not perform a permission check in a method implementing form validation, allowing attackers with Overall/Read permission to check for the existe ...……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:19 | 阅读:775 | 回复:0
  • CVE-2022-29923
    CVE-2022-29923
    Authenticated (admin or higher user role) Reflected Cross-Site Scripting (XSS) vulnerability in ThingsForRestaurants Quick Restaurant Reservations plugin = 1.4.1 at WordPress.……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:18 | 阅读:581 | 回复:0
  • CVE-2022-31160
    CVE-2022-31160
    jQuery UI is a curated set of user interface interactions, effects, widgets, and themes built on top of jQuery. Versions prior to 1.13.2 are potentially vulnerable to cross-site scripting. Initializin ...……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:18 | 阅读:612 | 回复:0
  • CVE-2022-34586
    CVE-2022-34586
    itsourcecode Advanced School Management System v1.0 is vulnerable to SQL Injection via the grade parameter at /school/view/student_grade_wise.php.……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:18 | 阅读:415 | 回复:0
  • CVE-2022-34588
    CVE-2022-34588
    itsourcecode Advanced School Management System v1.0 is vulnerable to SQL Injection via the grade parameter at /school/view/timetable_insert_form.php.……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:18 | 阅读:576 | 回复:0
  • CVE-2022-34590
    CVE-2022-34590
    Hospital Management System v1.0 was discovered to contain a SQL injection vulnerability via the editid parameter in /HMS/admin.php.……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:18 | 阅读:444 | 回复:0
  • CVE-2020-36557
    CVE-2020-36557
    A race condition in the Linux kernel before 5.6.2 between the VT_DISALLOCATE ioctl and closing/opening of ttys could lead to a use-after-free.……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:18 | 阅读:373 | 回复:0
  • CVE-2020-36558
    CVE-2020-36558
    A race condition in the Linux kernel before 5.5.7 involving VT_RESIZEX could lead to a NULL pointer dereference and general protection fault.……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:18 | 阅读:354 | 回复:0
  • CVE-2022-20857
    CVE-2022-20857
    Multiple vulnerabilities in Cisco Nexus Dashboard could allow an unauthenticated, remote attacker to execute arbitrary commands, read or upload container image files, or perform a cross-site request f ...……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:18 | 阅读:395 | 回复:0
  • CVE-2022-20858
    CVE-2022-20858
    Multiple vulnerabilities in Cisco Nexus Dashboard could allow an unauthenticated, remote attacker to execute arbitrary commands, read or upload container image files, or perform a cross-site request f ...……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:18 | 阅读:368 | 回复:0
  • CVE-2022-20860
    CVE-2022-20860
    A vulnerability in the SSL/TLS implementation of Cisco Nexus Dashboard could allow an unauthenticated, remote attacker to alter communications with associated controllers or view sensitive information ...……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:18 | 阅读:381 | 回复:0
  • CVE-2022-20861
    CVE-2022-20861
    Multiple vulnerabilities in Cisco Nexus Dashboard could allow an unauthenticated, remote attacker to execute arbitrary commands, read or upload container image files, or perform a cross-site request f ...……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:18 | 阅读:342 | 回复:0
  • CVE-2022-20873
    CVE-2022-20873
    Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to execute arbitrary code ...……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:18 | 阅读:527 | 回复:0
  • CVE-2022-20874
    CVE-2022-20874
    Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to execute arbitrary code ...……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:18 | 阅读:411 | 回复:0
  • CVE-2022-20875
    CVE-2022-20875
    Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to execute arbitrary code ...……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:18 | 阅读:330 | 回复:0
  • CVE-2022-20876
    CVE-2022-20876
    Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to execute arbitrary code ...……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:18 | 阅读:432 | 回复:0
  • CVE-2022-20877
    CVE-2022-20877
    Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to execute arbitrary code ...……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:18 | 阅读:381 | 回复:0
  • CVE-2022-20878
    CVE-2022-20878
    Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to execute arbitrary code ...……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:18 | 阅读:512 | 回复:0
  • CVE-2022-20879
    CVE-2022-20879
    Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to execute arbitrary code ...……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:18 | 阅读:397 | 回复:0
  • CVE-2022-20880
    CVE-2022-20880
    Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to execute arbitrary code ...……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:18 | 阅读:387 | 回复:0
  • CVE-2022-22555
    CVE-2022-22555
    Dell EMC PowerStore, contains an OS command injection Vulnerability. A locally authenticated attacker could potentially exploit this vulnerability, leading to the execution of arbitrary OS commands on ...……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:18 | 阅读:855 | 回复:0
  • CVE-2022-31146
    CVE-2022-31146
    Wasmtime is a standalone runtime for WebAssembly. There is a bug in the Wasmtime's code generator, Cranelift, where functions using reference types may be incorrectly missing metadata required for ...……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:18 | 阅读:308 | 回复:0
  • CVE-2022-31151
    CVE-2022-31151
    Authorization headers are cleared on cross-origin redirect. However, cookie headers which are sensitive headers and are official headers found in the spec, remain uncleared. There are active users usi ...……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:18 | 阅读:386 | 回复:0
  • CVE-2022-31171
    CVE-2022-31171
    ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2022-31159. Reason: This candidate is a reservation duplicate of CVE-2022-31159. Notes: All CVE users should reference CVE-2022-31159 ins ...……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:18 | 阅读:383 | 回复:0
  • CVE-2022-31234
    CVE-2022-31234
    Dell EMC PowerStore, contain(s) an Improper Restriction of Excessive Authentication Attempts Vulnerability in PowerStore Manager GUI. A remote unauthenticated attacker could potentially exploit this v ...……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:18 | 阅读:477 | 回复:0
  • CVE-2022-32498
    CVE-2022-32498
    Dell EMC PowerStore, Versions prior to v3.0.0.0 contain a DLL Hijacking vulnerability in PSTCLI. A local attacker can potentially exploit this vulnerability to execute arbitrary code, escalate privile ...……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:18 | 阅读:458 | 回复:0
  • CVE-2022-33923
    CVE-2022-33923
    Dell PowerStore, versions prior to 3.0.0.0, contains an OS Command Injection vulnerability in PowerStore T environment. A locally authenticated attacker could potentially exploit this vulnerability, l ...……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:18 | 阅读:1436 | 回复:0
  • CVE-2022-34367
    CVE-2022-34367
    Dell EMC Data Protection Central versions 19.1, 19.2, 19.3, 19.4, 19.5, 19.6, contain(s) a Cross-Site Request Forgery Vulnerability. A(n) remote unauthenticated attacker could potentially exploit this ...……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:18 | 阅读:439 | 回复:0

关注我们

极客给你想要的成长

关注极客中国获取最新资讯

加入Q群 官方微博
热门推荐
More+
专题导读
More+
热门话题
More+
阅读排行榜

扫描微信二维码

查看手机版网站

随时了解更新最新资讯

139-2527-9053

在线客服(服务时间 9:00~18:00)

在线QQ客服
地址:深圳市南山区西丽大学城创智工业园
电邮:jeky_zhao#qq.com
移动电话:139-2527-9053

Powered by 互联科技 X3.4© 2001-2213 极客世界.|Sitemap