查看最近更新的CVE列表 (113253)

CVE-2017-9966(发布:2018-01-01 22:29:00)NM
CVSS7.1

[原文]An Improper Access Control issue was discovered in Schneider Electric Pelco VideoXpert Enterprise all versions prior to 2.1. By replacing certain files, an authorized user can obtain system privileges and the inserted code would execute at an elevated privilege level.

CVE-2017-9965(发布:2018-01-01 22:29:00)NM
CVSS5.0

[原文]A Path Traversal issue was discovered in Schneider Electric Pelco VideoXpert Enterprise all versions prior to 2.1. Using a directory traversal attack, an unauthorized person can view web server files.

CVE-2018-5711(发布:2018-01-16 00:00:00)M
CVSSN/A

[原文]gd_gif_in.c in the GD Graphics Library (aka libgd), as used in PHP before 5.6.33, 7.0.x before 7.0.27, 7.1.x before 7.1.13, and 7.2.x before 7.2.1, has an integer signedness error that leads to an infinite loop via a crafted GIF file, as demonstrated by a call to the imagecreatefromgif or imagecreatefromstring PHP function. This is related to GetCode_ and gdImageCreateFromGifCtx.

CVE-2018-5712(发布:2018-01-16 00:00:00)M
CVSSN/A

[原文]An issue was discovered in PHP before 5.6.33, 7.0.x before 7.0.27, 7.1.x before 7.1.13, and 7.2.x before 7.2.1. There is Reflected XSS on the PHAR 404 error page via the URI of a request for a .phar file.

CVE-2018-5703(发布:2018-01-16 00:00:00)M
CVSSN/A

[原文]The tcp_v6_syn_recv_sock function in net/ipv6/tcp_ipv6.c in the Linux kernel through 4.14.11 allows attackers to cause a denial of service (slab out-of-bounds write) or possibly have unspecified other impact via vectors involving TLS.

CVE-2018-5704(发布:2018-01-16 00:00:00)M
CVSSN/A

[原文]Open On-Chip Debugger (OpenOCD) 0.10.0 does not block attempts to use HTTP POST for sending data to 127.0.0.1 port 4444, which allows remote attackers to conduct cross-protocol scripting attacks, and consequently execute arbitrary commands, via a crafted web site.

首页上一页12345678下一页尾页 第3页 / 共18876页

关于SCAP中文社区

SCAP中文社区是国内第一个以SCAP为主题的中文开放社区。了解更多信息,请查阅[关于本站]

版权声明

CVE/CWE/OVAL均为MITRE公司的注册商标,它们的官方数据源均保存在MITRE公司的相关网站