CVE漏洞

OGeek|极客世界-中国程序员成长平台 › 门户 › 漏洞›CVE漏洞

RSS

CVE-2021-40031

There is a Null pointer dereference vulnerability in the camera module in smartphones. Successful exploitation of this vulnerability may affect service integrity.……

作者：菜鸟教程小白 | 时间：2022-6-22 22:00 | 阅读：16 | 回复：0
CVE-2021-40032

The bone voice ID TA has a vulnerability in information management,Successful exploitation of this vulnerability may affect data confidentiality.……

作者：菜鸟教程小白 | 时间：2022-6-22 22:00 | 阅读：15 | 回复：0
CVE-2021-40035

There is a Buffer overflow vulnerability due to a boundary error with the Samba server in the file management module in smartphones. Successful exploitation of this vulnerability may affect function s ...……

作者：菜鸟教程小白 | 时间：2022-6-22 22:00 | 阅读：12 | 回复：0
CVE-2021-40037

There is a Vulnerability of accessing resources using an incompatible type (type confusion) in the MPTCP subsystem in smartphones. Successful exploitation of this vulnerability may cause the system to ...……

作者：菜鸟教程小白 | 时间：2022-6-22 22:00 | 阅读：13 | 回复：0
CVE-2021-40038

There is a Double free vulnerability in the AOD module in smartphones. Successful exploitation of this vulnerability may affect service integrity.……

作者：菜鸟教程小白 | 时间：2022-6-22 22:00 | 阅读：17 | 回复：0
CVE-2021-40039

There is a Null pointer dereference vulnerability in the camera module in smartphones. Successful exploitation of this vulnerability may affect service integrity.……

作者：菜鸟教程小白 | 时间：2022-6-22 22:00 | 阅读：20 | 回复：0
CVE-2021-40041

There is a Cross-Site Scripting(XSS) vulnerability in HUAWEI WS318n product when processing network settings. Due to insufficient validation of user input, a local authenticated attacker could exploit ...……

作者：菜鸟教程小白 | 时间：2022-6-22 22:00 | 阅读：18 | 回复：0
CVE-2021-42392

The org.h2.util.JdbcUtils.getConnection method of the H2 database takes as parameters the class name of the driver and URL of the database. An attacker may pass a JNDI driver name and a URL leading to ...……

作者：菜鸟教程小白 | 时间：2022-6-22 22:00 | 阅读：19 | 回复：0
CVE-2021-42748

In Beaver Builder through 2.5.0.3, attackers can bypass the visibility controls protection mechanism via the REST API.……

作者：菜鸟教程小白 | 时间：2022-6-22 22:00 | 阅读：22 | 回复：0
CVE-2021-42749

In Beaver Themer, attackers can bypass conditional logic controls (for hiding content) when viewing the post archives. Exploitation requires that a Themer layout is applied to the archives, and that t ...……

作者：菜鸟教程小白 | 时间：2022-6-22 22:00 | 阅读：19 | 回复：0
CVE-2021-43579

A stack-based buffer overflow in image_load_bmp() in HTMLDOC = 1.9.13 results in remote code execution if the victim converts an HTML document linking to a crafted BMP file.……

作者：菜鸟教程小白 | 时间：2022-6-22 22:00 | 阅读：23 | 回复：0
CVE-2021-44024

A link following denial-of-service vulnerability in Trend Micro Apex One (on-prem and SaaS) and Trend Micro Worry-Free Business Security (10.0 SP1 and Services) could allow a local attacker to overwri ...……

作者：菜鸟教程小白 | 时间：2022-6-22 22:00 | 阅读：21 | 回复：0
CVE-2021-44528

A open redirect vulnerability exists in Action Pack = 6.0.0 that could allow an attacker to craft a X-Forwarded-Host headers in combination with certain allowed host formats can cause the Host Authori ...……

作者：菜鸟教程小白 | 时间：2022-6-22 22:00 | 阅读：27 | 回复：0
CVE-2021-45003

Laundry Booking Management System 1.0 (Latest) and previous versions are affected by a remote code execution (RCE) vulnerability in profile.php through the image parameter that can execute a webshell ...……

作者：菜鸟教程小白 | 时间：2022-6-22 22:00 | 阅读：23 | 回复：0
CVE-2021-45231

A link following privilege escalation vulnerability in Trend Micro Apex One (on-prem and SaaS) and Trend Micro Worry-Free Business Security (10.0 SP1 and Services) could allow a local attacker to crea ...……

作者：菜鸟教程小白 | 时间：2022-6-22 22:00 | 阅读：23 | 回复：0
CVE-2021-45334

Sourcecodester Online Thesis Archiving System 1.0 is vulnerable to SQL Injection. An attacker can bypass admin authentication and gain access to admin panel using SQL Injection……

作者：菜鸟教程小白 | 时间：2022-6-22 22:00 | 阅读：24 | 回复：0
CVE-2021-45440

A unnecessary privilege vulnerability in Trend Micro Apex One and Trend Micro Worry-Free Business Security 10.0 SP1 (on-prem versions only) could allow a local attacker to abuse an impersonation privi ...……

作者：菜鸟教程小白 | 时间：2022-6-22 22:00 | 阅读：22 | 回复：0
CVE-2021-45441

A origin validation error vulnerability in Trend Micro Apex One (on-prem and SaaS) could allow a local attacker drop and manipulate a specially crafted file to issue commands over a certain pipe and e ...……

作者：菜鸟教程小白 | 时间：2022-6-22 22:00 | 阅读：33 | 回复：0
CVE-2021-45442

A link following denial-of-service vulnerability in Trend Micro Worry-Free Business Security (on prem only) could allow a local attacker to overwrite arbitrary files in the context of SYSTEM. This is ...……

作者：菜鸟教程小白 | 时间：2022-6-22 22:00 | 阅读：29 | 回复：0
CVE-2021-45856

Accu-Time Systems MAXIMUS 1.0 telnet service suffers from a remote buffer overflow which causes the telnet service to crash……

作者：菜鸟教程小白 | 时间：2022-6-22 22:00 | 阅读：33 | 回复：0
CVE-2021-46045

GPAC 1.0.1 is affected by: Abort failed. The impact is: cause a denial of service (context-dependent).……

作者：菜鸟教程小白 | 时间：2022-6-22 22:00 | 阅读：32 | 回复：0
CVE-2021-46046

A Pointer Derefernce Vulnerbility exists GPAC 1.0.1 the gf_isom_box_size function, which could cause a Denial of Service (context-dependent).……

作者：菜鸟教程小白 | 时间：2022-6-22 22:00 | 阅读：29 | 回复：0
CVE-2021-46047

A Pointer Dereference Vulnerability exists in GPAC 1.0.1 via the gf_hinter_finalize function.……

作者：菜鸟教程小白 | 时间：2022-6-22 22:00 | 阅读：39 | 回复：0
CVE-2021-46048

A Denial of Service vulnerability exists in Binaryen 104 due to an assertion abort in wasm::WasmBinaryBuilder::readFunctions.……

作者：菜鸟教程小白 | 时间：2022-6-22 22:00 | 阅读：33 | 回复：0
CVE-2021-46049

A Pointer Dereference Vulnerability exists in GPAC 1.0.1 via the gf_fileio_check function, which could cause a Denial of Service.……

作者：菜鸟教程小白 | 时间：2022-6-22 22:00 | 阅读：50 | 回复：0
CVE-2021-46050

A Stack Overflow vulnerability exists in Binaryen 103 via the printf_common function.……

作者：菜鸟教程小白 | 时间：2022-6-22 22:00 | 阅读：46 | 回复：0
CVE-2021-46051

A Pointer Dereference Vulnerability exists in GPAC 1.0.1 via the Media_IsSelfContained function, which could cause a Denial of Service. .……

作者：菜鸟教程小白 | 时间：2022-6-22 22:00 | 阅读：64 | 回复：0
CVE-2021-46052

A Denial of Service vulnerability exists in Binaryen 104 due to an assertion abort in wasm::Tuple::validate.……

作者：菜鸟教程小白 | 时间：2022-6-22 22:00 | 阅读：202 | 回复：0
CVE-2021-46053

A Denial of Service vulnerability exists in Binaryen 103. The program terminates with signal SIGKILL.……

作者：菜鸟教程小白 | 时间：2022-6-22 22:00 | 阅读：77 | 回复：0
CVE-2021-46054

A Denial of Service vulnerability exists in Binaryen 104 due to an assertion abort in wasm::WasmBinaryBuilder::visitRethrow(wasm::Rethrow*).……

作者：菜鸟教程小白 | 时间：2022-6-22 22:00 | 阅读：56 | 回复：0
CVE-2021-46055

A Denial of Service vulnerability exists in Binaryen 104 due to an assertion abort in wasm::WasmBinaryBuilder::visitRethrow(wasm::Rethrow*).……

作者：菜鸟教程小白 | 时间：2022-6-22 22:00 | 阅读：43 | 回复：0
CVE-2021-46058

** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none.……

作者：菜鸟教程小白 | 时间：2022-6-22 22:00 | 阅读：41 | 回复：0
CVE-2021-46059

** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none.……

作者：菜鸟教程小白 | 时间：2022-6-22 22:00 | 阅读：50 | 回复：0
CVE-2021-46060

** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none.……

作者：菜鸟教程小白 | 时间：2022-6-22 22:00 | 阅读：43 | 回复：0
CVE-2021-46146

An issue was discovered in MediaWiki before 1.35.5, 1.36.x before 1.36.3, and 1.37.x before 1.37.1. The WikibaseMediaInfo component is vulnerable to XSS via the caption fields for a given media file.……

作者：菜鸟教程小白 | 时间：2022-6-22 22:00 | 阅读：42 | 回复：0
CVE-2021-46147

An issue was discovered in MediaWiki before 1.35.5, 1.36.x before 1.36.3, and 1.37.x before 1.37.1. MassEditRegex allows CSRF.……

作者：菜鸟教程小白 | 时间：2022-6-22 22:00 | 阅读：35 | 回复：0
CVE-2021-46148

An issue was discovered in MediaWiki before 1.35.5, 1.36.x before 1.36.3, and 1.37.x before 1.37.1. Some unprivileged users can view confidential information (e.g., IP addresses and User-Agent headers ...……

作者：菜鸟教程小白 | 时间：2022-6-22 22:00 | 阅读：53 | 回复：0
CVE-2021-46149

An issue was discovered in MediaWiki before 1.35.5, 1.36.x before 1.36.3, and 1.37.x before 1.37.1. A denial of service (resource consumption) can be accomplished by searching for a very long key in a ...……

作者：菜鸟教程小白 | 时间：2022-6-22 22:00 | 阅读：58 | 回复：0
CVE-2021-46150

An issue was discovered in MediaWiki before 1.35.5, 1.36.x before 1.36.3, and 1.37.x before 1.37.1. Special:CheckUserLog allows CheckUser XSS because of date mishandling, as demonstrated by an XSS pay ...……

作者：菜鸟教程小白 | 时间：2022-6-22 22:00 | 阅读：130 | 回复：0
CVE-2021-46163

Kentico Xperience 13.0.44 allows XSS via an XML document to the Media Libraries subsystem.……

作者：菜鸟教程小白 | 时间：2022-6-22 22:00 | 阅读：254 | 回复：0