• 设为首页
  • 点击收藏
  • 手机版
    手机扫一扫访问
    迪恩网络手机版
  • 关注官方公众号
    微信扫一扫关注
    迪恩网络公众号

CVE漏洞

RSS
  • CVE-2021-30318
    CVE-2021-30318
    Improper validation of input when provisioning the HDCP key can lead to memory corruption in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industria ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:10 | 回复:0
  • CVE-2021-30322
    CVE-2021-30322
    Possible out of bounds write due to improper validation of number of GPIOs configured in an internal parameters array in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consum ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:11 | 回复:0
  • CVE-2021-30323
    CVE-2021-30323
    Improper validation of maximum size of data write to EFS file can lead to memory corruption in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobil ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:12 | 回复:0
  • CVE-2021-30324
    CVE-2021-30324
    Possible out of bound write due to lack of boundary check for the maximum size of buffer when sending a DCI packet to remote process in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Sn ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:12 | 回复:0
  • CVE-2021-30325
    CVE-2021-30325
    Possible out of bound access of DCI resources due to lack of validation process and resource allocation in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snap ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:14 | 回复:0
  • CVE-2021-30326
    CVE-2021-30326
    Possible assertion due to improper size validation while processing the DownlinkPreemption IE in an RRC Reconfiguration/RRC Setup message in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivit ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:16 | 回复:0
  • CVE-2021-35068
    CVE-2021-35068
    Lack of null check while freeing the device information buffer in the Bluetooth HFP protocol can lead to a NULL pointer dereference in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Sna ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:16 | 回复:0
  • CVE-2021-35069
    CVE-2021-35069
    Improper validation of data length received from DMA buffer can lead to memory corruption. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industri ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:19 | 回复:0
  • CVE-2021-35074
    CVE-2021-35074
    Possible integer overflow due to improper fragment datatype while calculating number of fragments in a request message in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdrago ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:21 | 回复:0
  • CVE-2021-35075
    CVE-2021-35075
    Possible null pointer dereference due to lack of WDOG structure validation during registration in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:19 | 回复:0
  • CVE-2021-35077
    CVE-2021-35077
    Possible use after free scenario in compute offloads to DSP while multiple calls spawn a dynamic process in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Sna ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:18 | 回复:0
  • CVE-2021-44521
    CVE-2021-44521
    When running Apache Cassandra with the following configuration: enable_user_defined_functions: true enable_scripted_user_defined_functions: true enable_user_defined_functions_threads: false it is poss ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:22 | 回复:0
  • CVE-2021-46355
    CVE-2021-46355
    OCS Inventory 2.9.1 is affected by Cross Site Scripting (XSS). To exploit the vulnerability, the attacker needs to manipulate the name of some device on your computer, such as a printer, replacing the ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:23 | 回复:0
  • CVE-2022-0560
    CVE-2022-0560
    Open Redirect in Packagist microweber/microweber prior to 1.2.11.……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:23 | 回复:0
  • CVE-2022-24112
    CVE-2022-24112
    An attacker can abuse the batch-requests plugin to send requests to bypass the IP restriction of Admin API. A default configuration of Apache APISIX (with default API key) is vulnerable to remote code ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:24 | 回复:0
  • CVE-2022-24289
    CVE-2022-24289
    Hessian serialization is a network protocol that supports object-based transmission. Apache Cayenne's optional Remote Object Persistence (ROP) feature is a web services-based technology that provi ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:27 | 回复:0
  • CVE-2021-38679
    CVE-2021-38679
    An improper authentication vulnerability has been reported to affect QNAP NAS running Kazoo Server. If exploited, this vulnerability allows attackers to compromise the security of the system. We have ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:33 | 回复:0
  • CVE-2021-45402
    CVE-2021-45402
    The check_alu_op() function in kernel/bpf/verifier.c in the Linux kernel through v5.16-rc5 did not properly update bounds while handling the mov32 instruction, which allows local users to obtain poten ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:46 | 回复:0
  • CVE-2020-13668
    CVE-2020-13668
    Access Bypass vulnerability in Drupal Core allows for an attacker to leverage the way that HTML is rendered for affected forms in order to exploit the vulnerability. This issue affects: Drupal Core 8. ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:31 | 回复:0
  • CVE-2020-13669
    CVE-2020-13669
    Cross-site Scripting (XSS) vulnerability in ckeditor of Drupal Core allows attacker to inject XSS. This issue affects: Drupal Core 8.8.x versions prior to 8.8.10.; 8.9.x versions prior to 8.9.6; 9.0.x ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:28 | 回复:0
  • CVE-2020-13670
    CVE-2020-13670
    Information Disclosure vulnerability in file module of Drupal Core allows an attacker to gain access to the file metadata of a permanent private file that they do not have access to by guessing the ID ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:28 | 回复:0
  • CVE-2020-13672
    CVE-2020-13672
    Cross-site Scripting (XSS) vulnerability in Drupal core's sanitization API fails to properly filter cross-site scripting under certain circumstances. This issue affects: Drupal Core 9.1.x versions ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:25 | 回复:0
  • CVE-2020-13673
    CVE-2020-13673
    The Entity Embed module provides a filter to allow embedding entities in content fields. In certain circumstances, the filter could allow an unprivileged user to inject HTML into a page when it is acc ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:23 | 回复:0
  • CVE-2020-13674
    CVE-2020-13674
    The QuickEdit module does not properly validate access to routes, which could allow cross-site request forgery under some circumstances and lead to possible data integrity issues. Sites are only affec ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:23 | 回复:0
  • CVE-2020-13675
    CVE-2020-13675
    Drupal's JSON:API and REST/File modules allow file uploads through their HTTP APIs. The modules do not correctly run all file validation, which causes an access bypass vulnerability. An attacker m ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:22 | 回复:0
  • CVE-2020-13676
    CVE-2020-13676
    The QuickEdit module does not properly check access to fields in some circumstances, which can lead to unintended disclosure of field data. Sites are only affected if the QuickEdit module (which comes ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:27 | 回复:0
  • CVE-2020-13677
    CVE-2020-13677
    Under some circumstances, the Drupal core JSON:API module does not properly restrict access to certain content, which may result in unintended access bypass. Sites that do not have the JSON:API module ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:23 | 回复:0
  • CVE-2020-36062
    CVE-2020-36062
    Dairy Farm Shop Management System v1.0 was discovered to contain hardcoded credentials in the source code which allows attackers access to the control panel if compromised.……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:25 | 回复:0
  • CVE-2021-42940
    CVE-2021-42940
    A Cross Site Scripting (XSS) vulnerability exists in Projeqtor 9.3.1 via /projeqtor/tool/saveAttachment.php, which allows an attacker to upload a SVG file containing malicious JavaScript code.……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:28 | 回复:0
  • CVE-2021-45385
    CVE-2021-45385
    A Null Pointer Dereference vulnerability exits in ffjpeg d5cfd49 (2021-12-06) in bmp_load(). When the size information in metadata of the bmp is out of range, it returns without assign memory buffer t ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:41 | 回复:0
  • CVE-2021-23597
    CVE-2021-23597
    This affects the package fastify-multipart before 5.3.1. By providing a name=constructor property it is still possible to crash the application. **Note:** This is a bypass of CVE-2020-8136 (https://se ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:51 | 回复:0
  • CVE-2021-45386
    CVE-2021-45386
    tcpreplay 4.3.4 has a Reachable Assertion in add_tree_ipv6() at tree.c……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:35 | 回复:0
  • CVE-2021-45387
    CVE-2021-45387
    tcpreplay 4.3.4 has a Reachable Assertion in add_tree_ipv4() at tree.c.……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:37 | 回复:0
  • CVE-2020-14521
    CVE-2020-14521
    Multiple Mitsubishi Electric Factory Automation engineering software products have a malicious code execution vulnerability. A malicious attacker could use this vulnerability to obtain information, mo ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:38 | 回复:0
  • CVE-2020-14523
    CVE-2020-14523
    Multiple Mitsubishi Electric Factory Automation products have a vulnerability that allows an attacker to execute arbitrary code.……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:25 | 回复:0
  • CVE-2021-0524
    CVE-2021-0524
    In isServiceDistractionOptimized of CarPackageManagerService.java, there is a possible disclosure of installed packages due to side channel information disclosure. This could lead to local information ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:17 | 回复:0
  • CVE-2021-22748
    CVE-2021-22748
    A CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability exists that could allow a remote code execution when a file is saved. Affected Product: C ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:19 | 回复:0
  • CVE-2021-22785
    CVE-2021-22785
    A CWE-200: Information Exposure vulnerability exists that could cause sensitive information of files located in the web root directory to leak when an attacker sends a HTTP request to the web server o ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:18 | 回复:0
  • CVE-2021-22787
    CVE-2021-22787
    A CWE-20: Improper Input Validation vulnerability exists that could cause denial of service of the device when an attacker sends a specially crafted HTTP request to the web server of the device. Affec ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:21 | 回复:0
  • CVE-2021-22788
    CVE-2021-22788
    A CWE-787: Out-of-bounds Write vulnerability exists that could cause denial of service when an attacker sends a specially crafted HTTP request to the web server of the device. Affected Product: Modico ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:22 | 回复:0

关注我们

极客给你想要的成长

关注极客中国获取最新资讯

热门推荐
专题导读
阅读排行榜

扫描微信二维码

查看手机版网站

随时了解更新最新资讯

139-2527-9053

在线客服(服务时间 9:00~18:00)

在线QQ客服
地址:深圳市南山区西丽大学城创智工业园
电邮:jeky_zhao#qq.com
移动电话:139-2527-9053

Powered by 互联科技 X3.4© 2001-2213 极客世界.|Sitemap