CVE漏洞

OGeek|极客世界-中国程序员成长平台 › 门户 › 漏洞›CVE漏洞

RSS

CVE-2022-20881

Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to execute arbitrary code ...……

作者：菜鸟教程小白 | 时间：2022-7-29 17:18 | 阅读：500 | 回复：0
CVE-2022-20882

Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to execute arbitrary code ...……

作者：菜鸟教程小白 | 时间：2022-7-29 17:18 | 阅读：387 | 回复：0
CVE-2022-20883

Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to execute arbitrary code ...……

作者：菜鸟教程小白 | 时间：2022-7-29 17:18 | 阅读：429 | 回复：0
CVE-2022-20884

Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to execute arbitrary code ...……

作者：菜鸟教程小白 | 时间：2022-7-29 17:18 | 阅读：463 | 回复：0
CVE-2022-32556

An issue was discovered in Couchbase Server before 7.0.4. A private key is leaked to the log files with certain crashes.……

作者：菜鸟教程小白 | 时间：2022-7-29 17:18 | 阅读：561 | 回复：0
CVE-2022-20885

Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to execute arbitrary code ...……

作者：菜鸟教程小白 | 时间：2022-7-29 17:18 | 阅读：447 | 回复：0
CVE-2022-20886

Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to execute arbitrary code ...……

作者：菜鸟教程小白 | 时间：2022-7-29 17:18 | 阅读：374 | 回复：0
CVE-2022-20887

Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to execute arbitrary code ...……

作者：菜鸟教程小白 | 时间：2022-7-29 17:18 | 阅读：380 | 回复：0
CVE-2022-20888

Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to execute arbitrary code ...……

作者：菜鸟教程小白 | 时间：2022-7-29 17:18 | 阅读：391 | 回复：0
CVE-2022-20889

Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to execute arbitrary code ...……

作者：菜鸟教程小白 | 时间：2022-7-29 17:18 | 阅读：337 | 回复：0
CVE-2022-20890

Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to execute arbitrary code ...……

作者：菜鸟教程小白 | 时间：2022-7-29 17:18 | 阅读：393 | 回复：0
CVE-2022-0902

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal'), Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability in flo ...……

作者：菜鸟教程小白 | 时间：2022-7-29 17:18 | 阅读：402 | 回复：0
CVE-2022-28860

An authentication downgrade in the server in Citilog 8.0 allows an attacker (in a man in the middle position between the server and its smart camera Axis M1125) to achieve HTTP access to the camera.……

作者：菜鸟教程小白 | 时间：2022-7-29 17:18 | 阅读：384 | 回复：0
CVE-2022-28861

The server in Citilog 8.0 allows an attacker (in a man in the middle position between the server and its smart camera Axis M1125) to see FTP credentials in a cleartext HTTP traffic. These can be used ...……

作者：菜鸟教程小白 | 时间：2022-7-29 17:18 | 阅读：359 | 回复：0
CVE-2022-28877

This vulnerability allows local user to delete arbitrary file in the system and bypassing security protection which can be abused for local privilege escalation on affected F-Secure WithSecure window ...……

作者：菜鸟教程小白 | 时间：2022-7-29 17:18 | 阅读：1651 | 回复：0
CVE-2022-30628

It was possible to download all receipts without authentication. Must first access the API https://XXXX.supersmart.me/services/v4/customer/signin to get a TOKEN. Then you can then access the API that ...……

作者：菜鸟教程小白 | 时间：2022-7-29 17:18 | 阅读：402 | 回复：0
CVE-2022-32289

Cross-Site Request Forgery (CSRF) vulnerability in Sygnoos Popup Builder plugin = 4.1.0 at WordPress leading to popup status change.……

作者：菜鸟教程小白 | 时间：2022-7-29 17:18 | 阅读：440 | 回复：0
CVE-2022-32430

An access control issue in Lin CMS Spring Boot v0.2.1 allows attackers to access the backend information and functions within the application.……

作者：菜鸟教程小白 | 时间：2022-7-29 17:18 | 阅读：480 | 回复：0
CVE-2022-34767

Web page which wizardpwd.asp ALLNET Router model WR0500AC is prone to Authorization bypass vulnerability – the password, located at admin allows changing the http://wizardpwd.asp/cgi-bin. Does not va ...……

作者：菜鸟教程小白 | 时间：2022-7-29 17:18 | 阅读：346 | 回复：0
CVE-2022-36313

An issue was discovered in the file-type package before 16.5.4 and 17.x before 17.1.3 for Node.js. A malformed MKV file could cause the file type detector to get caught in an infinite loop. This would ...……

作者：菜鸟教程小白 | 时间：2022-7-29 17:18 | 阅读：364 | 回复：0
CVE-2022-28666

Broken Access Control vulnerability in YIKES Inc. Custom Product Tabs for WooCommerce plugin = 1.7.7 at WordPress leading to yikes-the-content-toggle option update.……

作者：菜鸟教程小白 | 时间：2022-7-29 17:18 | 阅读：565 | 回复：0
CVE-2022-30337

Cross-Site Request Forgery (CSRF) vulnerability in JoomUnited WP Meta SEO plugin = 4.4.8 at WordPress allows an attacker to update the social settings.……

作者：菜鸟教程小白 | 时间：2022-7-29 17:18 | 阅读：439 | 回复：0
CVE-2022-35899

There is an unquoted service path in ASUSTeK Aura Ready Game SDK service (GameSDK.exe) 1.0.0.4. This might allow a local user to escalate privileges by creating a %PROGRAMFILES(X86)%\ASUS\GameSDK.exe ...……

作者：菜鸟教程小白 | 时间：2022-7-29 17:18 | 阅读：419 | 回复：0
CVE-2022-28700

Authenticated Arbitrary File Creation via Export function vulnerability in GiveWP's GiveWP plugin = 2.20.2 at WordPress.……

作者：菜鸟教程小白 | 时间：2022-7-29 17:18 | 阅读：331 | 回复：0
CVE-2022-30536

Authenticated Stored Cross-Site Scripting (XSS) vulnerability in Florent Maillefaud's WP Maintenance plugin = 6.0.7 at WordPress.……

作者：菜鸟教程小白 | 时间：2022-7-29 17:18 | 阅读：382 | 回复：0
CVE-2022-31475

Authenticated (custom plugin role) Arbitrary File Read via Export function vulnerability in GiveWP's GiveWP plugin = 2.20.2 at WordPress.……

作者：菜鸟教程小白 | 时间：2022-7-29 17:18 | 阅读：423 | 回复：0
CVE-2022-33198

Unauthenticated WordPress Options Change vulnerability in Biplob Adhikari's Accordions plugin = 2.0.2 at WordPress.……

作者：菜鸟教程小白 | 时间：2022-7-29 17:18 | 阅读：342 | 回复：0
CVE-2022-34487

Unauthenticated Arbitrary Option Update vulnerability in biplob018's Shortcode Addons plugin = 3.0.2 at WordPress.……

作者：菜鸟教程小白 | 时间：2022-7-29 17:18 | 阅读：340 | 回复：0
CVE-2022-20891

Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to execute arbitrary code ...……

作者：菜鸟教程小白 | 时间：2022-7-29 17:18 | 阅读：469 | 回复：0
CVE-2022-0971

Use after free in Blink Layout in Google Chrome on Android prior to 99.0.4844.74 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted ...……

作者：菜鸟教程小白 | 时间：2022-7-29 17:18 | 阅读：358 | 回复：0
CVE-2022-0972

Use after free in Extensions in Google Chrome prior to 99.0.4844.74 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML ...……

作者：菜鸟教程小白 | 时间：2022-7-29 17:18 | 阅读：329 | 回复：0
CVE-2022-0973

Use after free in Safe Browsing in Google Chrome prior to 99.0.4844.74 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.……

作者：菜鸟教程小白 | 时间：2022-7-29 17:18 | 阅读：371 | 回复：0
CVE-2022-0974

Use after free in Splitscreen in Google Chrome on Chrome OS prior to 99.0.4844.74 allowed a remote attacker who convinced a user to engage in specific user interaction to potentially exploit heap corr ...……

作者：菜鸟教程小白 | 时间：2022-7-29 17:18 | 阅读：367 | 回复：0
CVE-2022-0975

Use after free in ANGLE in Google Chrome prior to 99.0.4844.74 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.……

作者：菜鸟教程小白 | 时间：2022-7-29 17:18 | 阅读：339 | 回复：0
CVE-2022-0976

Heap buffer overflow in GPU in Google Chrome prior to 99.0.4844.74 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.……

作者：菜鸟教程小白 | 时间：2022-7-29 17:18 | 阅读：338 | 回复：0
CVE-2022-0977

Use after free in Browser UI in Google Chrome on Chrome OS prior to 99.0.4844.74 allowed a remote attacker who convinced a user to engage in specific user interaction to potentially exploit heap corru ...……

作者：菜鸟教程小白 | 时间：2022-7-29 17:18 | 阅读：304 | 回复：0
CVE-2022-20892

Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to execute arbitrary code ...……

作者：菜鸟教程小白 | 时间：2022-7-29 17:18 | 阅读：332 | 回复：0
CVE-2022-20893

Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to execute arbitrary code ...……

作者：菜鸟教程小白 | 时间：2022-7-29 17:18 | 阅读：300 | 回复：0
CVE-2022-20894

Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to execute arbitrary code ...……

作者：菜鸟教程小白 | 时间：2022-7-29 17:18 | 阅读：427 | 回复：0
CVE-2022-20895

Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to execute arbitrary code ...……

作者：菜鸟教程小白 | 时间：2022-7-29 17:18 | 阅读：408 | 回复：0