• 设为首页
  • 点击收藏
  • 手机版
    手机扫一扫访问
    迪恩网络手机版
  • 关注官方公众号
    微信扫一扫关注
    迪恩网络公众号

CVE漏洞

RSS
  • CVE-2022-0562
    CVE-2022-0562
    Null source pointer passed as an argument to memcpy() function within TIFFReadDirectory() in tif_dirread.c in libtiff versions from 4.0 to 4.3.0 could lead to Denial of Service via crafted TIFF file. ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:8 | 回复:0
  • CVE-2022-22291
    CVE-2022-22291
    Logging of excessive data vulnerability in telephony prior to SMR Feb-2022 Release 1 allows privileged attackers to get Cell Location Information through log of user device.……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:8 | 回复:0
  • CVE-2022-22292
    CVE-2022-22292
    Unprotected dynamic receiver in Telecom prior to SMR Feb-2022 Release 1 allows untrusted applications to launch arbitrary activity.……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:9 | 回复:0
  • CVE-2022-23425
    CVE-2022-23425
    Improper input validation in Exynos baseband prior to SMR Feb-2022 Release 1 allows attackers to send arbitrary NAS signaling messages with fake base station.……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:9 | 回复:0
  • CVE-2022-23426
    CVE-2022-23426
    A vulnerability using PendingIntent in DeX Home and DeX for PC prior to SMR Feb-2022 Release 1 allows attackers to access files with system privilege.……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:9 | 回复:0
  • CVE-2022-23427
    CVE-2022-23427
    PendingIntent hijacking vulnerability in KnoxPrivacyNoticeReceiver prior to SMR Feb-2022 Release 1 allows local attackers to access media files without permission via implicit Intent.……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:8 | 回复:0
  • CVE-2022-23428
    CVE-2022-23428
    An improper boundary check in eden_runtime hal service prior to SMR Feb-2022 Release 1 allows arbitrary memory write and code execution.……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:10 | 回复:0
  • CVE-2022-23429
    CVE-2022-23429
    An improper boundary check in audio hal service prior to SMR Feb-2022 Release 1 allows attackers to read invalid memory and it leads to application crash.……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:10 | 回复:0
  • CVE-2022-23431
    CVE-2022-23431
    An improper boundary check in RPMB ldfw prior to SMR Feb-2022 Release 1 allows arbitrary memory write and code execution.……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:10 | 回复:0
  • CVE-2022-23432
    CVE-2022-23432
    An improper input validation in SMC_SRPMB_WSM handler of RPMB ldfw prior to SMR Feb-2022 Release 1 allows arbitrary memory write and code execution.……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:10 | 回复:0
  • CVE-2022-23433
    CVE-2022-23433
    Improper access control vulnerability in Reminder prior to versions 12.3.01.3000 in Android S(12), 12.2.05.6000 in Android R(11) and 11.6.08.6000 in Andoid Q(10) allows attackers to register reminders ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:10 | 回复:0
  • CVE-2022-23434
    CVE-2022-23434
    A vulnerability using PendingIntent in Bixby Vision prior to versions 3.7.60.8 in Android S(12), 3.7.50.6 in Andorid R(11) and below allows attackers to execute privileged action by hijacking and modi ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:9 | 回复:0
  • CVE-2022-23707
    CVE-2022-23707
    An XSS vulnerability was found in Kibana index patterns. Using this vulnerability, an authenticated user with permissions to create index patterns can inject malicious javascript into the index patter ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:9 | 回复:0
  • CVE-2022-23853
    CVE-2022-23853
    The LSP (Language Server Protocol) plugin in KDE Kate before 21.12.2 and KTextEditor before 5.91.0 tries to execute the associated LSP server binary when opening a file of a given type. If this binary ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:13 | 回复:0
  • CVE-2022-23994
    CVE-2022-23994
    An Improper access control vulnerability in StBedtimeModeReceiver in Wear OS 3.0 prior to Firmware update Feb-2022 Release allows untrusted applications to change bedtime mode without a proper permiss ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:14 | 回复:0
  • CVE-2022-23995
    CVE-2022-23995
    Unprotected component vulnerability in StBedtimeModeAlarmReceiver in Wear OS 3.0 prior to Firmware update Feb-2022 Release allows untrusted applications to change bedtime mode without a proper permiss ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:27 | 回复:0
  • CVE-2022-23996
    CVE-2022-23996
    Unprotected component vulnerability in StTheaterModeReceiver in Wear OS 3.0 prior to Firmware update Feb-2022 Release allows untrusted applications to enable bedtime mode without a proper permission.……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:30 | 回复:0
  • CVE-2022-23997
    CVE-2022-23997
    Unprotected component vulnerability in StTheaterModeDurationAlarmReceiver in Wear OS 3.0 prior to Firmware update Feb-2022 Release allows untrusted applications to disable theater mode without a prope ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:27 | 回复:0
  • CVE-2022-23998
    CVE-2022-23998
    Improper access control vulnerability in Camera prior to versions 11.1.02.16 in Android R(11), 10.5.03.77 in Android Q(10) and 9.0.6.68 in Android P(9) allows untrusted applications to take a picture ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:20 | 回复:0
  • CVE-2022-23999
    CVE-2022-23999
    PendingIntent hijacking vulnerability in CpaReceiver prior to SMR Feb-2022 Release 1 allows local attackers to access media files without permission in KnoxPrivacyNoticeReceiver via implicit Intent.……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:11 | 回复:0
  • CVE-2022-24000
    CVE-2022-24000
    PendingIntent hijacking vulnerability in DataUsageReminderReceiver prior to SMR Feb-2022 Release 1 allows local attackers to access media files without permission in KnoxPrivacyNoticeReceiver via impl ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:9 | 回复:0
  • CVE-2022-24001
    CVE-2022-24001
    Information disclosure vulnerability in Edge Panel prior to Android S(12) allows physical attackers to access screenshot in clipboard via Edge Panel.……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:8 | 回复:0
  • CVE-2022-24002
    CVE-2022-24002
    Improper Authorization vulnerability in Link Sharing prior to version 12.4.00.3 allows attackers to open protected activity via PreconditionActivity.……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:9 | 回复:0
  • CVE-2022-24003
    CVE-2022-24003
    Exposure of Sensitive Information vulnerability in Bixby Vision prior to version 3.7.50.6 allows attackers to access internal data of Bixby Vision via unprotected intent.……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:9 | 回复:0
  • CVE-2022-24923
    CVE-2022-24923
    Improper access control vulnerability in Samsung SearchWidget prior to versions 2.3.00.6 in China models allows untrusted applications to load arbitrary URL and local files in webview.……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:7 | 回复:0
  • CVE-2022-24924
    CVE-2022-24924
    An improper access control in LiveWallpaperService prior to versions 3.0.9.0 allows to create a specific named system directory without a proper permission.……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:8 | 回复:0
  • CVE-2022-24925
    CVE-2022-24925
    Improper input validation vulnerability in SettingsProvider prior to Android S(12) allows privileged attackers to trigger a permanent denial of service attack on a victim's devices.……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:8 | 回复:0
  • CVE-2022-24926
    CVE-2022-24926
    Improper input validation vulnerability in SmartTagPlugin prior to version 1.2.15-6 allows privileged attackers to trigger a XSS on a victim's devices.……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:10 | 回复:0
  • CVE-2022-24927
    CVE-2022-24927
    Improper privilege management vulnerability in Samsung Video Player prior to version 7.3.15.30 allows attackers to execute video files without permission.……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:11 | 回复:0
  • CVE-2020-26728
    CVE-2020-26728
    A vulnerability was discovered in Tenda AC9 v3.0 V15.03.06.42_multi and Tenda AC9 V1.0 V15.03.05.19(6318)_CN which allows for remote code execution via shell metacharacters in the guestuser field to t ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:11 | 回复:0
  • CVE-2022-22766
    CVE-2022-22766
    Hardcoded credentials are used in specific BD Pyxis products. If exploited, threat actors may be able to gain access to the underlying file system and could potentially exploit application files for i ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:13 | 回复:0
  • CVE-2021-20001
    CVE-2021-20001
    It was discovered, that debian-edu-config, a set of configuration files used for the Debian Edu blend, before 2.12.16 configured insecure permissions for the user web shares (~/public_html), which cou ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:13 | 回复:0
  • CVE-2021-23555
    CVE-2021-23555
    The package vm2 before 3.9.6 are vulnerable to Sandbox Bypass via direct access to host error objects generated by node internals during generation of a stacktraces, which can lead to execution of arb ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:13 | 回复:0
  • CVE-2022-24975
    CVE-2022-24975
    The --mirror documentation for Git through 2.35.1 does not mention the availability of deleted content, aka the GitBleed issue. This could present a security risk if information-disclosure auditing pr ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:13 | 回复:0
  • CVE-2021-46361
    CVE-2021-46361
    An issue in the Freemark Filter of Magnolia CMS v6.2.11 and below allows attackers to bypass security restrictions and execute arbitrary code via a crafted FreeMarker payload.……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:22 | 回复:0
  • CVE-2021-46362
    CVE-2021-46362
    A Server-Side Template Injection (SSTI) vulnerability in the Registration and Forgotten Password forms of Magnolia v6.2.3 and below allows attackers to execute arbitrary code via a crafted payload ent ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:35 | 回复:0
  • CVE-2021-46363
    CVE-2021-46363
    An issue in the Export function of Magnolia v6.2.3 and below allows attackers to perform Formula Injection attacks via crafted CSV/XLS files. These formulas may result in arbitrary code execution on a ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:44 | 回复:0
  • CVE-2021-46364
    CVE-2021-46364
    A vulnerability in the Snake YAML parser of Magnolia CMS v6.2.3 and below allows attackers to execute arbitrary code via a crafted YAML file.……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:28 | 回复:0
  • CVE-2021-46365
    CVE-2021-46365
    An issue in the Export function of Magnolia v6.2.3 and below allows attackers to execute XML External Entity attacks via a crafted XLF file.……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:41 | 回复:0
  • CVE-2021-46366
    CVE-2021-46366
    An issue in the Login page of Magnolia CMS v6.2.3 and below allows attackers to exploit both an Open Redirect vulnerability and Cross-Site Request Forgery (CSRF) in order to brute force and exfiltrate ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:29 | 阅读:34 | 回复:0

关注我们

极客给你想要的成长

关注极客中国获取最新资讯

热门推荐
专题导读
阅读排行榜

扫描微信二维码

查看手机版网站

随时了解更新最新资讯

139-2527-9053

在线客服(服务时间 9:00~18:00)

在线QQ客服
地址:深圳市南山区西丽大学城创智工业园
电邮:jeky_zhao#qq.com
移动电话:139-2527-9053

Powered by 互联科技 X3.4© 2001-2213 极客世界.|Sitemap