当前节点:cve
时间节点
2022年5月26日 19:34最新CVE
VersionVault Express exposes sensitive information that an attacker can use to impersonate the server or eavesdrop on communications with the server.

VersionVault Express 公开敏感信息,攻击者可以使用这些信息模拟服务器或窃听与服务器的通信。
2022年5月26日 19:34最新CVE
User generated PPKG file for Bulk Enroll may have unencrypted sensitive information exposed.

用户为大量注册生成的 PPKG 文件可能公开了未加密的敏感信息。
2022年5月26日 19:34最新CVE
Philips Interoperability Solution XDS versions 2.5 through 3.11 and 2018-1 through 2021-1 are vulnerable to clear text transmission of sensitive information when configured to use LDAP via TLS and where the domain controller returns LDAP referrals, which may allow an attacker to remotely read LDAP system credentials.

飞利浦互操作性解决方案 XDS 版本2.5到3.11和2018-1到2021-1在配置为通过 TLS 使用 LDAP 时,敏感信息的明文传输很容易受到攻击,而且网域控制器服务器返回 LDAP 引用,这可能允许攻击者远程读取 LDAP 系统凭证。
2022年5月26日 19:34最新CVE
When a non-existent resource is requested, the LCDS LAquis SCADA application (version 4.3.1.1011 and prior) returns error messages which may allow reflected cross-site scripting.

当请求一个不存在的资源时,LCDS LAquis SCADA 应用程序(版本4.3.1.1011和更早版本)返回允许反射跨网站脚本的错误消息。
2022年5月26日 19:34最新CVE
The affected Baker Hughes Bentley Nevada products (3500 System 1 6.x, Part No. 3060/00 versions 6.98 and prior, 3500 System 1, Part No. 3071/xx & 3072/xx versions 21.1 HF1 and prior, 3500 Rack Configuration, Part No. 129133-01 versions 6.4 and prior, and 3500/22M Firmware, Part No. 288055-01 versions 5.05 and prior) utilize a weak encryption algorithm for storage and transmission of sensitive data, which may allow an attacker to more easily obtain credentials used for access.

受影响的 Baker Hughes Bentley Nevada 产品(3500 System 16.x,Part no. 3060/00 versions 6.98 and prior,3500 System 1,Part no. 3071/xx & 3072/xx versions 21.1 HF1 and prior,3500 Rack Configuration,Part no. 129133-01 verification 6.4 and prior,and 3500/22M,Part no. 288055-01 versions 5.05 and prior)使用弱加密算法存储和传输敏感数据,这可能使攻击者更容易获得用于访问的凭证。
2022年5月26日 19:34最新CVE
A cross-site request forgery (CSRF) vulnerability has been reported to affect QNAP device running Proxy Server. If exploited, this vulnerability allows remote attackers to inject malicious code. We have already fixed this vulnerability in the following versions of Proxy Server: QTS 4.5.x: Proxy Server 1.4.2 ( 2021/12/30 ) and later QuTS hero h5.0.0: Proxy Server 1.4.3 ( 2022/01/18 ) and later QuTScloud c4.5.6: Proxy Server 1.4.2 ( 2021/12/30 ) and later

据报道,运行代理服务器的 QNAP 设备受到了一个跨站请求伪造安全漏洞的影响。如果被利用,这个漏洞允许远程攻击者注入恶意代码。我们已经在以下版本的代理服务器中修复了这个漏洞: QTS 4.5。X: Proxy Server 1.4.2(2021/12/30)和后来的 QuTS hero h5.0.0: Proxy Server 1.4.3(2022/01/18)和后来的 QuTScloud c4.5.6: Proxy Server 1.4.2(2021/12/30)和后来的 QuTScloud c4.5.6
2022年5月26日 19:34最新CVE
Nokia Broadcast Message Center through 11.1.0 allows an authenticated user to perform a Boolean Blind SQL Injection attack on the endpoint /owui/block/send-receive-updates (for the Manage Alerts page) via the extIdentifier HTTP POST parameter. This allows an attacker to obtain the database user, database name, and database version information, and potentially database data.

Nokia Broadcast Message Center through 11.1.0允许经过身份验证的用户通过 extIdentifier HTTP POST 参数对端点/owui/block/send-receive-updates (对于 Manage Alerts 页面)执行布尔盲 SQL 注入攻击。这允许攻击者获取数据库用户、数据库名称和数据库版本信息,以及潜在的数据库数据。
2022年5月26日 19:34最新CVE
A vulnerability was found in Angular up to 11.0.4/11.1.0-next.2. It has been classified as problematic. Affected is the handling of comments. The manipulation leads to cross site scripting. It is possible to launch the attack remotely but it might require an authentication first. Upgrading to version 11.0.5 and 11.1.0-next.3 is able to address this issue. The name of the patch is ba8da742e3b243e8f43d4c63aa842b44e14f2b09. It is recommended to upgrade the affected component.

在 Angular 高达11.0.4/11.1.0-next. 2中发现了一个漏洞。它被归类为有问题的。受影响的是评论的处理。操纵导致了跨网站脚本。可以远程发起攻击,但可能需要首先进行身份验证。升级到11.0.5和11.1.0-next. 3就可以解决这个问题。这个补丁的名字是 ba8da742e3b243e8f43d4c63aa842b44e14f2b09。建议升级受影响的组件。
2022年5月26日 19:34最新CVE
Docker Desktop 4.3.0 has Incorrect Access Control.

桌面4.3.0的访问控制不正确。
2022年5月26日 19:34最新CVE
radareorg radare2 version 5.5.2 is vulnerable to NULL Pointer Dereference via libr/bin/p/bin_symbols.c binary symbol parser.

Radare.org radare2 version 5.5.2通过 libr/bin/p/bin _ symbolists. c 二进制符号解析器易受 NULL 指针解引用攻击。
2022年5月26日 19:34最新CVE
A vulnerability was found in logrotate in how the state file is created. The state file is used to prevent parallel executions of multiple instances of logrotate by acquiring and releasing a file lock. When the state file does not exist, it is created with world-readable permission, allowing an unprivileged user to lock the state file, stopping any rotation. This flaw affects logrotate versions before 3.20.0.

在如何创建状态文件的 logrotate 中发现一个漏洞。状态文件用于通过获取和释放文件锁来防止并行执行多个 logrotate 实例。当状态文件不存在时,将使用全局可读的权限创建它,允许非特权用户锁定状态文件,停止任何旋转。这个缺陷会影响3.20.0之前的 logrotate 版本。
2022年5月26日 19:34最新CVE
An issue was discovered in the Linux Kernel from 4.18 to 4.19, an improper update of sock reference in TCP pacing can lead to memory/netns leak, which can be used by remote clients.

Linux 内核在4.18到4.19之间发现了一个问题,TCP 调速中袜子引用的不正确更新可能导致内存/netns 泄漏,远程客户机可以使用这个漏洞。
2022年5月26日 19:34最新CVE
Exposure of Sensitive Information to an Unauthorized Actor in GitHub repository jgraph/drawio prior to 18.1.2.

18.1.2之前 GitHub 知识库 jgraph/drawio 中的敏感信息暴露给未经授权的参与者。
2022年5月26日 19:34最新CVE
Out-of-bounds Read in GitHub repository vim/vim prior to 8.2.

在8.2之前在 GitHub 存储库 vim/vim 中读取。
2022年5月26日 19:34最新CVE
SQL Injection in GitHub repository camptocamp/terraboard prior to 2.2.0.

2.2.0之前 GitHub 知识库中的 SQL 注入。
2022年5月26日 19:34最新CVE
A Missing Encryption of Sensitive Data vulnerability in SUSE Rancher, Rancher allows attackers on the network to read and change network data due to missing encryption of data transmitted via the network when a cluster is created from an RKE template with the CNI value overridden This issue affects: SUSE Rancher Rancher versions prior to 2.5.14; Rancher versions prior to 2.6.5.

在 SUSE Rancher 中,一个缺失的敏感数据加密漏洞允许攻击者读取和改变网络数据,因为当一个集群从一个 RKE 模板创建并且 CNI 值被重写时,通过网络传输的数据缺失了加密。
2022年5月26日 19:34最新CVE
Tableau is aware of a broken access control vulnerability present in Tableau Server affecting Tableau Server customers using Local Identity Store for managing users. The vulnerability allows a malicious site administrator to change passwords for users in different sites hosted on the same Tableau Server, resulting in the potential for unauthorized access to data.Tableau Server versions affected are:2020.4.16, 2021.1.13, 2021.2.10, 2021.3.9, 2021.4.4 and earlierNote: All future releases of Tableau Server will address this security issue. Versions that are no longer supported are not tested and may be vulnerable.

Tableau 意识到 Tableau Server 中存在一个访问控制漏洞,这个漏洞影响到使用 Local Identity Store 管理用户的 Tableau Server 客户。该漏洞允许恶意站点管理员更改驻留在同一 Tableau Server 上的不同站点的用户的密码,从而可能导致对数据的未经授权的访问。受影响的 Tableau 服务器版本是: 2020.4.16,2021.1.13,2021.2.10,2021.3.9,2021.4.4和 earlierNote: 所有将来发布的 Tableau Server 都将解决这个安全问题。不再支持的版本不会被测试,并且可能会受到攻击。
2022年5月26日 19:34最新CVE
TrueStack Direct Connect 1.4.7 has Incorrect Access Control.

TrueStack Direct Connect 1.4.7的访问控制不正确。
2022年5月26日 19:34最新CVE
A denial of service vulnerability exists in the OAS Engine SecureConfigValues functionality of Open Automation Software OAS Platform V16.00.0112. A specially-crafted network request can lead to loss of communications. An attacker can send a network request to trigger this vulnerability.

在开放自动化软件 OAS 平台 V16.00.0112的 OAS 引擎安全/配置/值功能中存在分布式拒绝服务攻击/值漏洞。特制的网络请求可能导致通信丢失。攻击者可以发送网络请求来触发此漏洞。
2022年5月26日 19:34最新CVE
An external config control vulnerability exists in the OAS Engine SecureAddSecurity functionality of Open Automation Software OAS Platform V16.00.0112. A specially-crafted series of network requests can lead to the creation of a custom Security Group. An attacker can send a sequence of requests to trigger this vulnerability.

开放自动化软件 OAS 平台 V16.00.0112的 OAS 引擎 secureadsecurity 功能中存在一个外部配置控制漏洞。一系列特殊的网络请求可以导致创建自定义安全组。攻击者可以发送一系列请求来触发此漏洞。
2022年5月26日 19:34最新CVE
An information disclosure vulnerability exists in the OAS Engine SecureTransferFiles functionality of Open Automation Software OAS Platform V16.00.0112. A specially-crafted series of network requests can lead to arbitrary file read. An attacker can send a sequence of requests to trigger this vulnerability.

开放自动化软件 OAS 平台 V16.00.0112的 OAS 引擎安全传输文件功能中存在信息披露漏洞。一系列特制的网络请求可能导致任意的文件读取。攻击者可以发送一系列请求来触发此漏洞。
2022年5月26日 19:34最新CVE
A cleartext transmission of sensitive information vulnerability exists in the OAS Engine configuration communications functionality of Open Automation Software OAS Platform V16.00.0112. A targeted network sniffing attack can lead to a disclosure of sensitive information. An attacker can sniff network traffic to trigger this vulnerability.

敏感信息的明文传输漏洞存在于开放自动化软件 OAS 平台 V16.00.0112的 OAS engine configuration/美洲国家组织通信功能中。有针对性的网络嗅探攻击可能导致敏感信息的泄露。攻击者可以嗅探网络流量来触发此漏洞。
2022年5月26日 19:34最新CVE
A file write vulnerability exists in the OAS Engine SecureTransferFiles functionality of Open Automation Software OAS Platform V16.00.0112. A specially-crafted series of network requests can lead to remote code execution. An attacker can send a sequence of requests to trigger this vulnerability.

文件写入漏洞存在于开放自动化软件 OAS 平台 V16.00.0112的 OAS 引擎 SecureTransferFiles 功能中。一系列特制的网络请求可以导致远程代码执行。攻击者可以发送一系列请求来触发此漏洞。
2022年5月26日 19:34最新CVE
An external config control vulnerability exists in the OAS Engine SecureAddUser functionality of Open Automation Software OAS Platform V16.00.0112. A specially-crafted series of network requests can lead to the creation of an OAS user account. An attacker can send a sequence of requests to trigger this vulnerability.

开放自动化软件 OAS 平台 V16.00.0112的 OAS 引擎 securereaduser 功能中存在一个外部配置控制漏洞。一系列特别设计的网络请求可以导致创建办公室自动化系统用户账户。攻击者可以发送一系列请求来触发此漏洞。
2022年5月26日 19:34最新CVE
An improper authentication vulnerability exists in the REST API functionality of Open Automation Software OAS Platform V16.00.0121. A specially-crafted series of HTTP requests can lead to unauthenticated use of the REST API. An attacker can send a series of HTTP requests to trigger this vulnerability.

在开放自动化软件 OAS 平台 V16.00.0121的 REST API 功能中存在一个不正确的身份验证漏洞。一系列特殊的 HTTP 请求可能导致未经身份验证的 restapi 的使用。攻击者可以发送一系列 HTTP 请求来触发此漏洞。
2022年5月26日 19:34最新CVE
HashiCorp go-getter before 2.0.2 allows Command Injection.

2.0.2之前的 HashiCorp go-getter 允许命令注入。
2022年5月26日 19:34最新CVE
An information disclosure vulnerability exists in the OAS Engine SecureBrowseFile functionality of Open Automation Software OAS Platform V16.00.0112. A specially-crafted network request can lead to a disclosure of sensitive information. An attacker can send a network request to trigger this vulnerability.

OAS 开放自动化软件 OAS 平台 V16.00.0112的 OAS 引擎安全浏览文件功能中存在信息披露漏洞。一个特别设计的网络请求可能导致敏感信息的泄露。攻击者可以发送网络请求来触发此漏洞。
2022年5月26日 19:34最新CVE
Gibbon v23 does not generate a new session ID cookie after a user authenticates, making the application vulnerable to session fixation.

在用户进行身份验证后,Gibbon v23不会生成新的会话 ID cookie,这使得应用程序易受会话固定的攻击。
2022年5月26日 19:34最新CVE
In Archibus Web Central before 26.2, multiple SQL Injection vulnerabilities occur in dwr/call/plaincall/workflow.runWorkflowRule.dwr. Through the injection of arbitrary SQL statements, a potential attacker can modify query syntax and perform unauthorized (and unexpected) operations against the remote database. This is fixed in all recent versions, such as version 26.2.

在26.2之前的 Archibus Web Central 中,dwr/call/plaincall/workflow.runWorkflowRule.dwr 中存在多个 SQL 注入漏洞。通过注入任意 SQL 语句,潜在的攻击者可以修改查询语法,并对远程数据库执行未经授权的(和意外的)操作。这在所有最新版本中都是固定的,比如26.2版本。
2022年5月26日 19:34最新CVE
A Denial-of-Service (DoS) vulnerability was discovered in F-Secure Atlant and in certain WithSecure products whereby the scanning the aemobile component can crash the scanning engine. The exploit can be triggered remotely by an attacker.

在 F-Secure Atlant 和某些安全产品中发现了拒绝服务(DoS)漏洞,通过这种漏洞扫描移动电话组件可以使扫描引擎崩溃。攻击者可以远程触发该漏洞。
2022年5月26日 19:34最新CVE
Guzzle is a PHP HTTP client. Guzzle prior to versions 6.5.6 and 7.4.3 contains a vulnerability with the cookie middleware. The vulnerability is that it is not checked if the cookie domain equals the domain of the server which sets the cookie via the Set-Cookie header, allowing a malicious server to set cookies for unrelated domains. The cookie middleware is disabled by default, so most library consumers will not be affected by this issue. Only those who manually add the cookie middleware to the handler stack or construct the client with ['cookies' => true] are affected. Moreover, those who do not use the same Guzzle client to call multiple domains and have disabled redirect forwarding are not affected by this vulnerability. Guzzle versions 6.5.6 and 7.4.3 contain a patch for this issue. As a workaround, turn off the cookie middleware.

Guzzle 是一个 PHP HTTP 客户端。在版本6.5.6和7.4.3之前的 Guzzle 包含了 cookie 中间件的一个漏洞。漏洞在于,如果 cookie 域等于通过 Set-Cookie 头设置 cookie 的服务器的域,则不会检查 cookie 域,从而允许恶意服务器为不相关的域设置 cookie。默认情况下,cookie 中间件是
2022年5月26日 19:34最新CVE
XWiki Platform Flamingo Theme UI is a tool that allows customization and preview of any Flamingo-based skin. Starting with versions 6.2.4 and 6.3-rc-1, a possible cross-site scripting vector is present in the `FlamingoThemesCode.WebHomeSheet` wiki page related to the "newThemeName" form field. The issue is patched in versions 12.10.11, 14.0-rc-1, 13.4.7, and 13.10.3. The easiest available workaround is to edit the wiki page `FlamingoThemesCode.WebHomeSheet` (with wiki editor) according to the suggestion provided in the GitHub Security Advisory.

XWiki 平台 Flamingo 主题 UI 是一个允许定制和预览任何基于 Flamingo 的皮肤的工具。从6.2.4和6.3-rc-1版本开始,一个可能的跨网站脚本向量出现在 FlamingoThemesCode 中。与“ newThemeName”表单字段相关的 webhomessheet 维基页面。这个问题在12.10.11、14.0-rc-1、13.4.7和13.10.3版本中得到了修补。最简单的解决方法是编辑 wiki 页面 FlamingoThemesCode。根据 GitHub 安全咨询中提供的建议,使用 wiki 编辑器编写 WebHomeSheet。
2022年5月26日 19:34最新CVE
XWiki Platform Wiki UI Main Wiki is a package for managing subwikis. Starting with version 5.3-milestone-2, XWiki Platform Wiki UI Main Wiki contains a possible cross-site scripting vector in the `WikiManager.JoinWiki ` wiki page related to the "requestJoin" field. The issue is patched in versions 12.10.11, 14.0-rc-1, 13.4.7, and 13.10.3. The easiest available workaround is to edit the wiki page `WikiManager.JoinWiki` (with wiki editor) according to the suggestion provided in the GitHub Security Advisory.

XWiki 平台 Wiki UI Main Wiki 是一个用于管理 subwikis 的包。从5.3-milestone-2版本开始,XWiki 平台 UI Main Wiki 在‘ WikiManager’中包含了一个可能的跨网站脚本。与“ requestJoin”字段相关的 JoinWiki 页面。这个问题在12.10.11、14.0-rc-1、13.4.7和13.10.3版本中得到了修补。最简单的方法就是编辑 wiki 页面 WikiManager。(带有 wiki 编辑器)根据 GitHub Security Advisory 中提供的建议。
2022年5月26日 19:34最新CVE
XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. Starting with version 8.3-rc-1 and prior to versions 12.10.3 and 14.0, one can ask for any file located in the classloader using the template API and a path with ".." in it. The issue is patched in versions 14.0 and 13.10.3. There is no easy workaround for this issue.

XWiki 平台是一个通用的 wiki 平台,为构建在其上的应用程序提供运行时服务。从8.3-rc-1版本开始,在12.10.3和14.0版本之前,可以使用模板 API 和一个带有”的路径请求类加载器中的任何文件。."在里面。这个问题在14.0和13.10.3版本中得到了修补。这个问题没有简单的解决办法。
2022年5月26日 19:34最新CVE
sharp is an application for Node.js image processing. Prior to version 0.30.5, there is a possible vulnerability in logic that is run only at `npm install` time when installing versions of `sharp` prior to the latest v0.30.5. If an attacker has the ability to set the value of the `PKG_CONFIG_PATH` environment variable in a build environment then they might be able to use this to inject an arbitrary command at `npm install` time. This is not part of any runtime code, does not affect Windows users at all, and is unlikely to affect anyone that already cares about the security of their build environment. This problem is fixed in version 0.30.5.

是 Node.js 图像处理的一个应用程序。在0.30.5版本之前,在逻辑上存在一个可能的漏洞,这个漏洞只能在安装 sharp 版本的时候运行,在最新的0.30.5版本之前。如果攻击者有能力在构建环境中设置‘ PKG config/path’/环境变量的值,那么他们也许可以在‘ npm 安装时使用这个命令注入任意的命令。这不是任何运行时代码的一部分,根本不影响 Windows 用户,也不太可能影响任何已经关心其构建环境安全性的人。这个问题在0.30.5版本中得到了修复。
2022年5月26日 19:34最新CVE
Nginx NJS v0.7.3 was discovered to contain a stack overflow in the function njs_default_module_loader at /src/njs/src/njs_module.c.

Nginx NJS v0.7.3被发现在/src/NJS/src/NJS _ module.c 函数 NJS _ default _ module _ loader 中包含一个栈溢出。
2022年5月26日 19:34最新CVE
Academy-LMS v4.3 was discovered to contain a stored cross-site scripting (XSS) vulnerability in the SEO panel.

Academy-LMS v4.3被发现在 SEO 面板中包含了一个存储的跨网站脚本漏洞(XSS)。
2022年5月26日 19:34最新CVE
TP-Link TL-WR840N EU v6.20 was discovered to contain insecure protections for its UART console. This vulnerability allows attackers to connect to the UART port via a serial connection and execute commands as the root user without authentication.

TP-Link TL-WR840N EU v6.20被发现对其 UART 控制台包含不安全保护。该漏洞允许攻击者通过串行连接连接到 UART 端口,并在没有身份验证的情况下以 root 用户身份执行命令。
2022年5月26日 19:34最新CVE
Persistent Cross-Site Scripting (XSS) vulnerability in Vsourz Digital's Advanced Contact form 7 DB plugin <= 1.8.7 at WordPress.

的 Advanced Contact form 7 DB plugin < = 1.8.7 at WordPress 中的持久跨网站脚本漏洞。
2022年5月26日 19:34最新CVE
Online Food Ordering System v1.0 was discovered to contain a SQL injection vulnerability via the Search parameter at /online-food-order/food-search.php.

通过 Search 参数/Online-Food-order/Food-Search.php,发现 Online Food Ordering System v1.0包含 SQL 注入漏洞。
2022年5月26日 19:34最新CVE
An arbitrary file upload vulnerability in the Select Image function of Online Food Ordering System v1.0 allows attackers to execute arbitrary code via a crafted PHP file.

在网上订餐系统 v1.0的 Select Image 函数中有一个任意文件上传漏洞,允许攻击者通过一个精心设计的 PHP 文件执行任意代码。
2022年5月26日 19:34最新CVE
HashiCorp go-getter through 2.0.2 does not safely perform downloads (issue 1 of 3).

HashiCorp 2.0.2版本的 go-getter 并不能安全地执行下载(第3期中的第1期)。
2022年5月26日 19:34最新CVE
HashiCorp go-getter through 2.0.2 does not safely perform downloads (issue 2 of 3).

HashiCorp 2.0.2版本的 go-getter 不能安全地执行下载(第2期,第3期)。
2022年5月26日 19:34最新CVE
HashiCorp go-getter through 2.0.2 does not safely perform downloads (issue 3 of 3).

HashiCorp 2.0.2版的 go-getter 不能安全地执行下载(第3期)。
2022年5月26日 19:34最新CVE
In ginadmin through 05-10-2022 the incoming path value is not filtered, resulting in directory traversal.

在 ginadmin 通过05-10-2022传入路径值不过滤,导致目录遍历。
2022年5月26日 19:34最新CVE
In ginadmin through 05-10-2022, the incoming path value is not filtered, resulting in arbitrary file reading.

在 ginadmin 到05-10-2022中,未过滤传入路径值,导致任意的文件读取。
2022年5月26日 19:34最新CVE
libImaging/TgaRleDecode.c in Pillow 9.1.0 has a heap buffer overflow in the processing of invalid TGA image files.

Pillow 9.1.0中的 libImaging/TgaRleDecode.c 在处理无效的 TGA 图像文件时有堆缓冲区溢出。
2022年5月26日 19:34最新CVE
FriendsofFlarum (FoF) Upload is an extension that handles file uploads intelligently for your forum. If FoF Upload prior to version 1.2.3 is configured to allow the uploading of SVG files (`image/svg+xml`), navigating directly to an SVG file URI could execute arbitrary Javascript code decided by an attacker. This Javascript code could include the execution of HTTP web requests to Flarum, or any other web service. This could allow data to be leaked by an authenticated Flarum user, or, possibly, for data to be modified maliciously. This issue has been patched with v1.2.3, which now sanitizes uploaded SVG files. As a workaround, remove the ability for users to upload SVG files through FoF Upload.

FriendsofFlarum (FoF) Upload 是一个可以智能地处理论坛文件上传的扩展。如果 FoF Upload 在版本1.2.3之前被配置为允许上传 SVG 文件(‘ image/SVG + xml’) ,直接导航到 SVG 文件 URI 可以执行攻击者决定的任意 Javascript 代码。这段 Javascript 代码可以包括对 Flarum 或其他任何 web 服务的 HTTP web 请求的执行。这可能导致经过身份验证的 Flarum 用户泄露数据,或者,可能导致数据被恶意修改。这个问题已经用 v1.2.3修复了,现在它可以清理上传的 SVG 文件。作为一种解决方案,移除用户通过 FoF Upload 上传 
2022年5月26日 19:34最新CVE
CVEProject/cve-services is an open source project used to operate the CVE services API. A conditional in `data.js` has potential for production secrets to be written to disk. The affected method writes the generated randomKey to disk if the environment is not development. If this method were called in production, it is possible that it would write the plaintext key to disk. A patch is not available as of time of publication but is anticipated as a "hot fix" for version 1.1.1 and for the 2.x branch.

CVEProject/CVE-services 是一个用于操作 CVE 服务 API 的开源项目。在‘ data.js’中,条件句有可能将生产机密写入磁盘。如果环境不是开发的,受影响的方法将生成的 randomKey 写入磁盘。如果在生产环境中调用此方法,则可能会将明文密钥写入磁盘。补丁在发布时还不可用,但预计将作为1.1.1版本和2.x 分支的“热补丁”。
2022年5月26日 19:34最新CVE
In libjpeg before 1.64, BitStream<false>::Get in bitstream.hpp has an assertion failure that may cause denial of service. This is related to out-of-bounds array access during arithmetically coded lossless scan or arithmetically coded sequential scan.

在1.64之前的 libjpeg 中,BitStream < false > : Get In BitStream.hpp 有一个断言失败,可能导致分布式拒绝服务攻击。这与算术编码的无损扫描或算术编码的顺序扫描期间的越界数组访问有关。
2022年5月26日 19:34最新CVE
MariaDB Server before 10.7 is vulnerable to Denial of Service. In extra/mariabackup/ds_xbstream.cc, when an error occurs (stream_ctxt->dest_file == NULL) while executing the method xbstream_open, the held lock is not released correctly, which allows local users to trigger a denial of service due to the deadlock.

10.7之前的服务器容易受到分布式拒绝服务攻击的攻击。在 extra/mariabackup/ds _ xbstream 中。Cc,当执行 xbstream _ open 方法时发生错误(stream _ ctxt-> dest _ file = = = NULL)时,持有的锁没有正确释放,这允许本地用户触发死锁分布式拒绝服务攻击。
2022年5月26日 19:34最新CVE
MariaDB Server before 10.7 is vulnerable to Denial of Service. In extra/mariabackup/ds_compress.cc, when an error occurs (pthread_create returns a nonzero value) while executing the method create_worker_threads, the held lock is not released correctly, which allows local users to trigger a denial of service due to the deadlock.

10.7之前的服务器容易受到分布式拒绝服务攻击的攻击。在 extra/mariabackup/ds _ compress 中。Cc,当执行 create _ worker _ threads 方法时发生错误(pthread _ create 返回一个非零值) ,持有的锁没有被正确释放,这允许本地用户触发一个死锁分布式拒绝服务攻击。
2022年5月26日 19:34最新CVE
MariaDB Server before 10.7 is vulnerable to Denial of Service. In extra/mariabackup/ds_compress.cc, when an error occurs (i.e., going to the err label) while executing the method create_worker_threads, the held lock thd->ctrl_mutex is not released correctly, which allows local users to trigger a denial of service due to the deadlock.

10.7之前的服务器容易受到分布式拒绝服务攻击的攻击。在 extra/mariabackup/ds _ compress 中。Cc,当执行方法 create _ worker _ threads 时发生错误(即进入 err 标签)时,保存的 lock thd-> ctrl _ mutex 没有正确释放,这允许本地用户触发死锁分布式拒绝服务攻击。
2022年5月26日 19:34最新CVE
MariaDB Server before 10.7 is vulnerable to Denial of Service. While executing the plugin/server_audit/server_audit.c method log_statement_ex, the held lock lock_bigbuffer is not released correctly, which allows local users to trigger a denial of service due to the deadlock.

10.7之前的服务器容易受到分布式拒绝服务攻击的攻击。在执行 plugin/server _ audit/server _ audit.c method log _ statement _ ex 时,持有的锁锁 bigbuffer 没有正确释放,这使得本地用户由于死锁而触发一个分布式拒绝服务攻击。
2022年5月26日 19:34最新CVE
In SoX 14.4.2, there is a floating-point exception in lsx_aiffstartwrite in aiff.c in libsox.a.

在 SoX 14.4.2中,lsx _ aiffstartwrite 在 libsox.a 的 aiff.c 中有一个浮点异常。
2022年5月26日 19:34最新CVE
In SoX 14.4.2, there is an assertion failure in rate_init in rate.c in libsox.a.

在 SoX 14.4.2中,libsox.a 中 rate.c 中的 rate _ init 中有一个断言失败。
2022年5月25日 23:38最新CVE
A vulnerability was found in Telecommunication Software SAMwin Contact Center Suite 5.1. It has been rated as critical. Affected by this issue is the function getCurrentDBVersion in the library SAMwinLIBVB.dll of the credential handler. Authentication is possible with hard-coded credentials. Upgrading to version 6.2 is able to address this issue. It is recommended to upgrade the affected component.

电信软件 SAMwin 呼叫中心套件5.1中发现了一个漏洞。它已经被评为危急。受此问题影响的是凭据处理程序的库 SAMwinLIBVB.dll 中的函数 getCurrentDBVersion。使用硬编码凭据可以进行身份验证。升级到6.2版本可以解决这个问题。建议升级受影响的组件。
2022年5月25日 23:38最新CVE
A vulnerability classified as critical has been found in Telecommunication Software SAMwin Contact Center Suite 5.1. This affects the function getCurrentDBVersion in the library SAMwinLIBVB.dll of the database handler. The manipulation leads to sql injection. The exploit has been disclosed to the public and may be used. Upgrading to version 6.2 is able to address this issue. It is recommended to upgrade the affected component.

在远程通信软件 SAMwin 呼叫中心套件5.1中发现了一个被归类为关键的漏洞。这将影响数据库处理程序的库 SAMwinLIBVB.dll 中的 getCurrentDBVersion 函数。操作导致 sql 注入。该漏洞已向公众披露,并可能被使用。升级到6.2版本可以解决这个问题。建议升级受影响的组件。
2022年5月25日 23:38最新CVE
A vulnerability classified as critical was found in Telecommunication Software SAMwin Contact Center Suite 5.1. This vulnerability affects the function passwordScramble in the library SAMwinLIBVB.dll of the component Password Handler. Incorrect implementation of a hashing function leads to predictable authentication possibilities. Upgrading to version 6.2 is able to address this issue. It is recommended to upgrade the affected component.

在远程通信软件 SAMwin 呼叫中心套件5.1中发现了一个被归类为关键的漏洞。此漏洞影响组件 Password Handler 的库 SAMwinLIBVB.dll 中的 passwordScramble 函数。哈希函数的不正确实现导致可预测的身份验证可能性。升级到6.2版本可以解决这个问题。建议升级受影响的组件。
2022年5月25日 23:38最新CVE
A vulnerability classified as critical has been found in Cardo Systems Scala Rider Q3. Affected is the file /cardo/api of the Cardo-Updater. Unauthenticated remote code execution with root permissions is possible. Firewalling or disabling the service is recommended.

在 Cardo Systems Scala Rider q3中发现了一个被归类为关键的漏洞。受影响的是文件/cardo/api 的 Cardo-Updater。可以使用根权限执行未经身份验证的远程代码。建议防火墙或禁用服务。