• 设为首页
  • 点击收藏
  • 手机版
    手机扫一扫访问
    迪恩网络手机版
  • 关注官方公众号
    微信扫一扫关注
    迪恩网络公众号

CVE漏洞

RSS
  • CVE-2021-22796
    CVE-2021-22796
    A CWE-287: Improper Authentication vulnerability exists that could allow remote code execution when a malicious file is uploaded. Affected Product: C-Bus Toolkit (V1.15.9 and prior), C-Gate Server (V2 ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:17 | 回复:0
  • CVE-2021-22798
    CVE-2021-22798
    A CWE-522: Insufficiently Protected Credentials vulnerability exists that could cause Sensitive data such as login credentials being exposed when a Network is sniffed. Affected Product: Conext? ComBox ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:14 | 回复:0
  • CVE-2021-22800
    CVE-2021-22800
    A CWE-20: Improper Input Validation vulnerability exists that could cause a Denial of Service when a crafted packet is sent to the controller over network port 1105/TCP. Affected Product: Modicon M218 ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:17 | 回复:0
  • CVE-2021-22801
    CVE-2021-22801
    A CWE-269: Improper Privilege Management vulnerability exists that could cause an arbitrary command execution when the software is configured with specially crafted event actions. Affected Product: Co ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:15 | 回复:0
  • CVE-2021-22802
    CVE-2021-22802
    A CWE-120: Buffer Copy without Checking Size of Input vulnerability exists that could result in remote code execution due to missing length check on user supplied data, when a constructed message is r ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:14 | 回复:0
  • CVE-2021-22803
    CVE-2021-22803
    A CWE-434: Unrestricted Upload of File with Dangerous Type vulnerability exists that could lead to remote code execution through a number of paths, when an attacker, writes arbitrary files to folders ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:12 | 回复:0
  • CVE-2021-22804
    CVE-2021-22804
    A CWE-22: Improper Limitation of a Pathname to a Restricted Directory vulnerability exists that could cause disclosure of arbitrary files being read in the context of the user running IGSS, due to mis ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:12 | 回复:0
  • CVE-2021-22805
    CVE-2021-22805
    A CWE-306: Missing Authentication for Critical Function vulnerability exists that could cause deletion of arbitrary files in the context of the user running IGSS due to lack of validation of network m ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:9 | 回复:0
  • CVE-2021-22806
    CVE-2021-22806
    A CWE-669: Incorrect Resource Transfer Between Spheres vulnerability exists that could cause data exfiltration and unauthorized access when accessing a malicious website. Affected Product: spaceLYnk ( ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:8 | 回复:0
  • CVE-2021-22823
    CVE-2021-22823
    A CWE-306: Missing Authentication for Critical Function vulnerability exists that could cause deletion of arbitrary files in the context of the user running IGSS due to lack of validation of network m ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:8 | 回复:0
  • CVE-2021-22824
    CVE-2021-22824
    A CWE-120: Buffer Copy without Checking Size of Input vulnerability exists that could result in denial of service, due to missing length check on user-supplied data from a constructed message received ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:8 | 回复:0
  • CVE-2021-31932
    CVE-2021-31932
    Nokia BTS TRS web console FTM_W20_FP2_2019.08.16_0010 allows Authentication Bypass. A malicious unauthenticated user can get access to all the functionalities exposed via the web panel, circumventing ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:8 | 回复:0
  • CVE-2021-34235
    CVE-2021-34235
    Tokheim Profleet DiaLOG 11.005.02 is affected by SQL Injection. The component is the Field__UserLogin parameter on the logon page.……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:8 | 回复:0
  • CVE-2021-39616
    CVE-2021-39616
    Summary:Product: AndroidVersions: Android SoCAndroid ID: A-204686438……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:9 | 回复:0
  • CVE-2021-39619
    CVE-2021-39619
    In updatePackageMappingsData of UsageStatsService.java, there is a possible way to bypass security and privacy settings of app usage due to an unusual root cause. This could lead to local escalation o ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:11 | 回复:0
  • CVE-2021-39631
    CVE-2021-39631
    In clear_data_dlg_text of strings.xml, there is a possible situation when Clear storage functionality sets up the wrong security/privacy expectations due to a misleading message. This could lead to lo ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:8 | 回复:0
  • CVE-2021-39635
    CVE-2021-39635
    ims_ex is a vendor system service used to manage VoLTE in unisoc devices?But it does not verify the caller's permissions?so that normal apps (No phone permissions) can obtain some VoLTE sensitive ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:8 | 回复:0
  • CVE-2021-39658
    CVE-2021-39658
    ismsEx service is a vendor service in unisoc equipment?ismsEx service is an extension of sms system service?but it does not check the permissions of the caller?resulting in permission leaks?Third-part ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:8 | 回复:0
  • CVE-2021-39662
    CVE-2021-39662
    In checkUriPermission of MediaProvider.java , there is a possible way to gain access to the content of media provider collections due to a missing permission check. This could lead to local escalation ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:7 | 回复:0
  • CVE-2021-39663
    CVE-2021-39663
    In openFileAndEnforcePathPermissionsHelper of MediaProvider.java, there is a possible bypass of a permissions check due to a confused deputy. This could lead to local escalation of privilege with User ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:7 | 回复:0
  • CVE-2021-39664
    CVE-2021-39664
    In LoadedPackage::Load of LoadedArsc.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure when parsing an APK file with no additio ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:7 | 回复:0
  • CVE-2021-39665
    CVE-2021-39665
    In checkSpsUpdated of AAVCAssembler.cpp, there is a possible out of bounds read due to a heap buffer overflow. This could lead to remote information disclosure with no additional execution privileges ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:7 | 回复:0
  • CVE-2021-39666
    CVE-2021-39666
    In extract of MediaMetricsItem.h, there is a possible out of bounds read due to improper input validation. This could lead to local information disclosure with no additional execution privileges neede ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:7 | 回复:0
  • CVE-2021-39668
    CVE-2021-39668
    In onActivityViewReady of DetailDialog.kt, there is a possible Intent Redirect due to a confused deputy. This could lead to local escalation of privilege that allows actions performed as the System UI ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:7 | 回复:0
  • CVE-2021-39669
    CVE-2021-39669
    In onCreate of InstallCaCertificateWarning.java, there is a possible way to mislead an user about CA installation circumstances due to a tapjacking/overlay attack. This could lead to local escalation ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:7 | 回复:0
  • CVE-2021-39671
    CVE-2021-39671
    In code generated by aidl_const_expressions.cpp, there is a possible out of bounds read due to uninitialized data. This could lead to information disclosure with no additional execution privileges nee ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:7 | 回复:0
  • CVE-2021-39672
    CVE-2021-39672
    In fastboot, there is a possible secure boot bypass due to a configuration error. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is n ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:7 | 回复:0
  • CVE-2021-39674
    CVE-2021-39674
    In btm_sec_connected and btm_sec_disconnected of btm_sec.cc file , there is a possible use after free. This could lead to local escalation of privilege with User execution privileges needed. User inte ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:7 | 回复:0
  • CVE-2021-39675
    CVE-2021-39675
    In GKI_getbuf of gki_buffer.cc, there is a possible out of bounds write due to a heap buffer overflow. This could lead to remote escalation of privilege with no additional execution privileges needed. ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:7 | 回复:0
  • CVE-2021-39676
    CVE-2021-39676
    In writeThrowable of AndroidFuture.java, there is a possible parcel serialization/deserialization mismatch due to improper input validation. This could lead to local escalation of privilege with no ad ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:7 | 回复:0
  • CVE-2021-39677
    CVE-2021-39677
    In startVideoStream() there is a possibility of an OOB Read in the heap, when the camera buffer is ‘zero’ in size.Product: AndroidVersions: Android-11Android ID: A-205097028……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:7 | 回复:0
  • CVE-2021-39687
    CVE-2021-39687
    In HandleTransactionIoEvent of actuator_driver.cc, there is a possible out of bounds read due to a heap buffer overflow. This could lead to local information disclosure with no additional execution pr ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:7 | 回复:0
  • CVE-2021-39688
    CVE-2021-39688
    In TBD of TBD, there is a possible out of bounds read due to TBD. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exp ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:7 | 回复:0
  • CVE-2021-44111
    CVE-2021-44111
    A Directory Traversal vulnerability exists in S-Cart 6.7 via download in sc-admin/backup.……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:8 | 回复:0
  • CVE-2021-4035
    CVE-2021-4035
    A stored cross site scripting have been identified at the comments in the report creation due to an obsolote version of tinymce editor. In order to exploit this vulnerability, the attackers needs an a ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:8 | 回复:0
  • CVE-2021-4046
    CVE-2021-4046
    The m_txtNom y m_txtCognoms parameters in TCMAN GIM v8.01 allow an attacker to perform persistent XSS attacks. This vulnerability could be used to carry out a number of browser-based attacks including ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:8 | 回复:0
  • CVE-2022-0185
    CVE-2022-0185
    A heap-based buffer overflow flaw was found in the way the legacy_parse_param function in the Filesystem Context functionality of the Linux kernel verified the supplied parameters length. An unprivile ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:8 | 回复:0
  • CVE-2022-0382
    CVE-2022-0382
    An information leak flaw was found due to uninitialized memory in the Linux kernel's TIPC protocol subsystem, in the way a user sends a TIPC datagram to one or more destinations. This flaw allows ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:8 | 回复:0
  • CVE-2022-0483
    CVE-2022-0483
    Local privilege escalation due to insecure folder permissions. The following products are affected: Acronis VSS Doctor (Windows) before build 53……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:8 | 回复:0
  • CVE-2022-0561
    CVE-2022-0561
    Null source pointer passed as an argument to memcpy() function within TIFFFetchStripThing() in tif_dirread.c in libtiff versions from 3.9.0 to 4.3.0 could lead to Denial of Service via crafted TIFF fi ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:8 | 回复:0

关注我们

极客给你想要的成长

关注极客中国获取最新资讯

热门推荐
专题导读
阅读排行榜

扫描微信二维码

查看手机版网站

随时了解更新最新资讯

139-2527-9053

在线客服(服务时间 9:00~18:00)

在线QQ客服
地址:深圳市南山区西丽大学城创智工业园
电邮:jeky_zhao#qq.com
移动电话:139-2527-9053

Powered by 互联科技 X3.4© 2001-2213 极客世界.|Sitemap