CVE漏洞

OGeek|极客世界-中国程序员成长平台 › 门户 › 漏洞›CVE漏洞

RSS

CVE-2021-26324

A bug with the SEV-ES TMR may lead to a potential loss of memory integrity for SNP-active VMs.……

作者：菜鸟教程小白 | 时间：2022-6-23 09:34 | 阅读：66 | 回复：0
CVE-2021-26332

Failure to verify SEV-ES TMR is not in MMIO space, SEV-ES FW could result in a potential loss of integrity or availability.……

作者：菜鸟教程小白 | 时间：2022-6-23 09:34 | 阅读：35 | 回复：0
CVE-2021-26352

Insufficient bound checks in System Management Unit (SMU) PCIe Hot Plug table may result in access/updates from/to invalid address space that could result in denial of service.……

作者：菜鸟教程小白 | 时间：2022-6-23 09:34 | 阅读：34 | 回复：0
CVE-2021-26353

Due to a mishandled error, it is possible to leave the DRTM UApp in a partially initialized state, which can result in unchecked memory writes when the UApp handles subsequent mailbox commands.……

作者：菜鸟教程小白 | 时间：2022-6-23 09:34 | 阅读：34 | 回复：0
CVE-2021-26370

Improper validation of destination address in SVC_LOAD_FW_IMAGE_BY_INSTANCE and SVC_LOAD_BINARY_BY_ATTRIB in a malicious UApp or ABL may allow an attacker to overwrite arbitrary bootloader memory with ...……

作者：菜鸟教程小白 | 时间：2022-6-23 09:34 | 阅读：30 | 回复：0
CVE-2021-26390

A malicious or compromised UApp or ABL may coerce the bootloader into corrupting arbitrary memory potentially leading to loss of integrity of data.……

作者：菜鸟教程小白 | 时间：2022-6-23 09:34 | 阅读：34 | 回复：0
CVE-2021-26408

Insufficient validation of elliptic curve points in SEV-legacy firmware may compromise SEV-legacy guest migration potentially resulting in loss of guest's integrity or confidentiality.……

作者：菜鸟教程小白 | 时间：2022-6-23 09:34 | 阅读：21 | 回复：0
CVE-2021-43010

In Safedog Apache v4.0.30255, attackers can bypass this product for SQL injection. Attackers can bypass access to sensitive data.……

作者：菜鸟教程小白 | 时间：2022-6-23 09:34 | 阅读：22 | 回复：0
CVE-2021-46771

Insufficient validation of addresses in AMD Secure Processor (ASP) firmware system call may potentially lead to arbitrary code execution by a compromised user application.……

作者：菜鸟教程小白 | 时间：2022-6-23 09:34 | 阅读：17 | 回复：0
CVE-2022-0947

A vulnerability in ABB ARG600 Wireless Gateway series that could allow an attacker to exploit the vulnerability by remotely connecting to the serial port gateway, and/or protocol converter, depending ...……

作者：菜鸟教程小白 | 时间：2022-6-23 09:34 | 阅读：23 | 回复：0
CVE-2022-23676

A remote execution of arbitrary code vulnerability was discovered in ArubaOS-Switch Devices version(s): ArubaOS-Switch 15.xx.xxxx: All versions; ArubaOS-Switch 16.01.xxxx: All versions; ArubaOS-Switch ...……

作者：菜鸟教程小白 | 时间：2022-6-23 09:34 | 阅读：21 | 回复：0
CVE-2022-23677

A remote execution of arbitrary code vulnerability was discovered in ArubaOS-Switch Devices version(s): ArubaOS-Switch 15.xx.xxxx: All versions; ArubaOS-Switch 16.01.xxxx: All versions; ArubaOS-Switch ...……

作者：菜鸟教程小白 | 时间：2022-6-23 09:34 | 阅读：23 | 回复：0
CVE-2022-28986

LMS Doctor Simple 2 Factor Authentication Plugin For Moodle Affected: 2021072900 has an Insecure direct object references (IDOR) vulnerability, which allows remote attackers to update sensitive record ...……

作者：菜鸟教程小白 | 时间：2022-6-23 09:34 | 阅读：24 | 回复：0
CVE-2021-39670

In setStream of WallpaperManager.java, there is a possible way to cause a permanent DoS due to improper input validation. This could lead to local denial of service with User execution privileges need ...……

作者：菜鸟教程小白 | 时间：2022-6-23 09:34 | 阅读：26 | 回复：0
CVE-2021-39700

In the policies of adbd.te, there was a logic error which caused the CTS Listening Ports Test to report invalid results. This could lead to local information disclosure with no additional execution pr ...……

作者：菜鸟教程小白 | 时间：2022-6-23 09:34 | 阅读：30 | 回复：0
CVE-2022-1209

The Ultimate Member plugin for WordPress is vulnerable to open redirects due to insufficient validation on supplied URLs in the social fields of the Profile Page, which makes it possible for attackers ...……

作者：菜鸟教程小白 | 时间：2022-6-23 09:34 | 阅读：30 | 回复：0
CVE-2022-1442

The Metform WordPress plugin is vulnerable to sensitive information disclosure due to improper access control in the ~/core/forms/action.php file which can be exploited by an unauthenticated attacker ...……

作者：菜鸟教程小白 | 时间：2022-6-23 09:34 | 阅读：35 | 回复：0
CVE-2022-1453

The RSVPMaker plugin for WordPress is vulnerable to unauthenticated SQL Injection due to missing SQL escaping and parameterization on user supplied data passed to a SQL query in the rsvpmaker-util.php ...……

作者：菜鸟教程小白 | 时间：2022-6-23 09:34 | 阅读：40 | 回复：0
CVE-2022-1463

The Booking Calendar plugin for WordPress is vulnerable to PHP Object Injection via the shortcode in versions up to, and including, 9.1. This could be exploited by subscriber-level users and above to ...……

作者：菜鸟教程小白 | 时间：2022-6-23 09:34 | 阅读：59 | 回复：0
CVE-2022-1476

The All-in-One WP Migration plugin for WordPress is vulnerable to arbitrary file deletion via directory traversal due to insufficient file validation via the ~/lib/model/class-ai1wm-backups.php file, ...……

作者：菜鸟教程小白 | 时间：2022-6-23 09:34 | 阅读：69 | 回复：0
CVE-2022-1505

The RSVPMaker plugin for WordPress is vulnerable to unauthenticated SQL Injection due to missing SQL escaping and parameterization on user supplied data passed to a SQL query in the rsvpmaker-api-endp ...……

作者：菜鸟教程小白 | 时间：2022-6-23 09:34 | 阅读：82 | 回复：0
CVE-2022-1567

The WP-JS plugin for WordPress contains a script called wp-js.php with the function wp_js_admin, that accepts unvalidated user input and echoes it back to the user. This can be used for reflected Cros ...……

作者：菜鸟教程小白 | 时间：2022-6-23 09:34 | 阅读：142 | 回复：0
CVE-2022-20004

In checkSlicePermission of SliceManagerService.java, it is possible to access any slice URI due to improper input validation. This could lead to local escalation of privilege with no additional execut ...……

作者：菜鸟教程小白 | 时间：2022-6-23 09:34 | 阅读：389 | 回复：0
CVE-2022-20005

In validateApkInstallLocked of PackageInstallerSession.java, there is a way to force a mismatch between running code and a parsed APK . This could lead to local escalation of privilege with User execu ...……

作者：菜鸟教程小白 | 时间：2022-6-23 09:34 | 阅读：146 | 回复：0
CVE-2022-20006

In several functions of KeyguardServiceWrapper.java and related files,, there is a possible way to briefly view what's under the lockscreen due to a race condition. This could lead to local escala ...……

作者：菜鸟教程小白 | 时间：2022-6-23 09:34 | 阅读：70 | 回复：0
CVE-2022-20007

In startActivityForAttachedApplicationIfNeeded of RootWindowContainer.java, there is a possible way to overlay an app that believes it's still in the foreground, when it is not, due to a race cond ...……

作者：菜鸟教程小白 | 时间：2022-6-23 09:34 | 阅读：56 | 回复：0
CVE-2022-20008

In mmc_blk_read_single of block.c, there is a possible way to read kernel heap memory due to uninitialized data. This could lead to local information disclosure if reading from an SD card that trigger ...……

作者：菜鸟教程小白 | 时间：2022-6-23 09:34 | 阅读：42 | 回复：0
CVE-2022-20009

In various functions of the USB gadget subsystem, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution p ...……

作者：菜鸟教程小白 | 时间：2022-6-23 09:34 | 阅读：36 | 回复：0
CVE-2022-20010

In l2cble_process_sig_cmd of l2c_ble.cc, there is a possible out of bounds read due to an incorrect bounds check. This could lead to remote information disclosure through Bluetooth with no additional ...……

作者：菜鸟教程小白 | 时间：2022-6-23 09:34 | 阅读：33 | 回复：0
CVE-2022-20011

In getArray of NotificationManagerService.java , there is a possible leak of one user notifications to another due to missing check. This could lead to local information disclosure with no additional ...……

作者：菜鸟教程小白 | 时间：2022-6-23 09:34 | 阅读：28 | 回复：0
CVE-2022-20112

In getAvailabilityStatus of PrivateDnsPreferenceController.java, there is a possible way for a guest user to change private DNS settings due to a permissions bypass. This could lead to local escalatio ...……

作者：菜鸟教程小白 | 时间：2022-6-23 09:34 | 阅读：25 | 回复：0
CVE-2022-20113

In mPreference of DefaultUsbConfigurationPreferenceController.java, there is a possible way to enable file transfer mode due to a logic error in the code. This could lead to local escalation of privil ...……

作者：菜鸟教程小白 | 时间：2022-6-23 09:34 | 阅读：26 | 回复：0
CVE-2022-20114

In placeCall of TelecomManager.java, there is a possible way for an application to keep itself running with foreground service importance due to a permissions bypass. This could lead to local escalati ...……

作者：菜鸟教程小白 | 时间：2022-6-23 09:34 | 阅读：48 | 回复：0
CVE-2022-20115

In broadcastServiceStateChanged of TelephonyRegistry.java, there is a possible way to learn base station information without location permission due to a missing permission check. This could lead to l ...……

作者：菜鸟教程小白 | 时间：2022-6-23 09:34 | 阅读：38 | 回复：0
CVE-2022-20116

In onEntryUpdated of OngoingCallController.kt, it is possible to launch non-exported activities due to intent redirection. This could lead to local escalation of privilege with User execution privileg ...……

作者：菜鸟教程小白 | 时间：2022-6-23 09:34 | 阅读：45 | 回复：0
CVE-2022-27167

Privilege escalation vulnerability in Windows products of ESET, spol. s r.o. allows attacker to exploit Repair and Uninstall features what may lead to arbitrary file deletion. This issue affects: ESET ...……

作者：菜鸟教程小白 | 时间：2022-6-23 09:34 | 阅读：59 | 回复：0
CVE-2022-29391

TOTOLINK N600R V4.3.0cu.7647_B20210106 was discovered to contain a stack overflow via the comment parameter in the function FUN_004200c8.……

作者：菜鸟教程小白 | 时间：2022-6-23 09:34 | 阅读：51 | 回复：0
CVE-2022-29392

TOTOLINK N600R V4.3.0cu.7647_B20210106 was discovered to contain a stack overflow via the comment parameter in the function FUN_00418c24.……

作者：菜鸟教程小白 | 时间：2022-6-23 09:34 | 阅读：103 | 回复：0
CVE-2022-29393

TOTOLINK N600R V4.3.0cu.7647_B20210106 was discovered to contain a stack overflow via the comment parameter in the function FUN_004192cc.……

作者：菜鸟教程小白 | 时间：2022-6-23 09:34 | 阅读：298 | 回复：0
CVE-2022-29394

TOTOLINK N600R V4.3.0cu.7647_B20210106 was discovered to contain a stack overflow via the macAddress parameter in the function FUN_0041b448.……

作者：菜鸟教程小白 | 时间：2022-6-23 09:34 | 阅读：121 | 回复：0