TON 安全漏洞

TON is a blockchain software developed under open source. Versions of TON prior to v2024.09 contained security vulnerabilities. These vulnerabilities stemmed from improper handling of external parameters, which could allow attackers to exploit the system through specially crafted Continuation...

CVE-2021-22397

There is a privilege escalation vulnerability in Huawei ManageOne 8.0.0. External parameters of some files are lack of verification when they are be called. Attackers can exploit this vulnerability by performing these files to cause privilege escalation attack. This can compromise normal service...

SUSE CVE-2022-39327

Azure CLI is the command-line interface for Microsoft Azure. In versions previous to 2.40.0, Azure CLI contains a vulnerability for potential code injection. Critical scenarios are where a hosting machine runs an Azure CLI command where parameter values have been provided by an external source. T...

CVE-2021-22397

There is a privilege escalation vulnerability in Huawei ManageOne 8.0.0. External parameters of some files are lack of verification when they are be called. Attackers can exploit this vulnerability by performing these files to cause privilege escalation attack. This can compromise normal service...

Privilege escalation

There is a privilege escalation vulnerability in Huawei ManageOne 8.0.0. External parameters of some files are lack of verification when they are be called. Attackers can exploit this vulnerability by performing these files to cause privilege escalation attack. This can compromise normal service...

Huawei Manageone 输入验证错误漏洞

Huawei Manageone is a cloud data center management solution from Huawei of China. huawei ManageOne is vulnerable due to a lack of checksum when the program uses certain parameters from external files. An attacker could use the vulnerability to construct a malicious file to achieve elevation of...

Wind River Systems VxWorks Parameter Injection Vulnerability (CNVD-2019-25707)

Wind River Systems VxWorks is an embedded real-time operating system RTOS from Wind River Systems. A parameter injection vulnerability exists in Wind River Systems VxWorks. The vulnerability arises from a network system or product that does not properly filter special characters in parameters...

j2ee external parameters of the reference implementation, The steering functions caused by the security Directory Access bypass security issue-vulnerability warning-the black bar safety net

j2ee external parameter references a URL for steering forward function to cause the security Directory Access bypass security issues with! //Recently issued a vulnerability, let me produce one doubts. Today just to achieve a bit of URL jump, find the problem cause is actually very simple. First...