CVE漏洞

OGeek|极客世界-中国程序员成长平台 › 门户 › 漏洞›CVE漏洞

RSS

CVE-2021-32021

A denial of service vulnerability in the message broker of BlackBerry Protect for Windows version(s) versions 1574 and earlier could allow an attacker to potentially execute code in the context of a B ...……

作者：菜鸟教程小白 | 时间：2022-2-5 12:32 | 阅读：7 | 回复：0
CVE-2021-32022

A low privileged delete vulnerability using CEF RPC server of BlackBerry Protect for Windows version(s) versions 1574 and earlier could allow an attacker to potentially execute code in the context of ...……

作者：菜鸟教程小白 | 时间：2022-2-5 12:32 | 阅读：5 | 回复：0
CVE-2021-32023

An elevation of privilege vulnerability in the message broker of BlackBerry Protect for Windows version(s) versions 1574 and earlier could allow an attacker to potentially execute code in the context ...……

作者：菜鸟教程小白 | 时间：2022-2-5 12:32 | 阅读：8 | 回复：0
CVE-2021-3572

A flaw was found in python-pip in the way it handled Unicode separators in git references. A remote attacker could possibly use this issue to install a different revision on a repository. The highest ...……

作者：菜鸟教程小白 | 时间：2022-2-5 12:32 | 阅读：11 | 回复：0
CVE-2021-42111

An issue was discovered in the RCDevs OpenOTP app 1.4.13 and 1.4.14 for iOS. If it is installed on a jailbroken device, it is possible to retrieve the PIN code used to access the application. The IOS ...……

作者：菜鸟教程小白 | 时间：2022-2-5 12:32 | 阅读：11 | 回复：0
CVE-2020-23872

A NULL pointer dereference in the function TextPage::restoreState of pdf2xml v2.0 allows attackers to cause a denial of service (DoS).……

作者：菜鸟教程小白 | 时间：2022-2-5 12:32 | 阅读：17 | 回复：0
CVE-2020-23873

pdf2xml v2.0 was discovered to contain a heap-buffer overflow in the function TextPage::dump.……

作者：菜鸟教程小白 | 时间：2022-2-5 12:32 | 阅读：15 | 回复：0
CVE-2020-23874

pdf2xml v2.0 was discovered to contain a heap-buffer overflow in the function TextPage::addAttributsNode.……

作者：菜鸟教程小白 | 时间：2022-2-5 12:32 | 阅读：31 | 回复：0
CVE-2020-23876

pdf2xml v2.0 was discovered to contain a memory leak in the function TextPage::testLinkedText.……

作者：菜鸟教程小白 | 时间：2022-2-5 12:32 | 阅读：30 | 回复：0
CVE-2020-23877

pdf2xml v2.0 was discovered to contain a stack buffer overflow in the component getObjectStream.……

作者：菜鸟教程小白 | 时间：2022-2-5 12:32 | 阅读：6 | 回复：0
CVE-2020-23878

pdf2json v0.71 was discovered to contain a stack buffer overflow in the component XRef::fetch.……

作者：菜鸟教程小白 | 时间：2022-2-5 12:32 | 阅读：14 | 回复：0
CVE-2021-3927

vim is vulnerable to Heap-based Buffer Overflow……

作者：菜鸟教程小白 | 时间：2022-2-5 12:31 | 阅读：20 | 回复：0
CVE-2021-3928

vim is vulnerable to Use of Uninitialized Variable……

作者：菜鸟教程小白 | 时间：2022-2-5 12:31 | 阅读：16 | 回复：0
CVE-2021-39413

Multiple Cross Site Scripting (XSS) vulnerabilities exits in SEO Panel v4.8.0 via the (1) to_time parameter in (a) backlinks.php, (b) analytics.php, (c) log.php, (d) overview.php, (e) pagespeed.php, ( ...……

作者：菜鸟教程小白 | 时间：2022-2-5 12:31 | 阅读：29 | 回复：0
CVE-2021-39416

Multiple Cross Site Scripting (XSS) vulnerabilities exists in Remote Clinic v2.0 in (1) patients/register-patient.php via the (a) Contact, (b) Email, (c) Weight, (d) Profession, (e) ref_contact, (f) a ...……

作者：菜鸟教程小白 | 时间：2022-2-5 12:31 | 阅读：35 | 回复：0
CVE-2021-42543

The affected application uses specific functions that could be abused through a crafted project file, which could lead to code execution, system reboot, and system shutdown.……

作者：菜鸟教程小白 | 时间：2022-2-5 12:31 | 阅读：20 | 回复：0
CVE-2021-42698

Project files are stored memory objects in the form of binary serialized data that can later be read and deserialized again to instantiate the original objects in memory. Malicious manipulation of the ...……

作者：菜鸟教程小白 | 时间：2022-2-5 12:31 | 阅读：26 | 回复：0
CVE-2021-42699

The affected product is vulnerable to cookie information being transmitted as cleartext over HTTP. An attacker can capture network traffic, obtain the user’s cookie and take over the account.……

作者：菜鸟教程小白 | 时间：2022-2-5 12:31 | 阅读：40 | 回复：0
CVE-2021-42701

An attacker could prepare a specially crafted project file that, if opened, would attempt to connect to the cloud and trigger a man in the middle (MiTM) attack. This could allow an attacker to obtain ...……

作者：菜鸟教程小白 | 时间：2022-2-5 12:31 | 阅读：34 | 回复：0
CVE-2020-23565

Irfanview v4.53 allows attackers to execute arbitrary code via a crafted JPEG 2000 file. Related to a Data from Faulting Address controls Branch Selection starting at JPEG2000!ShowPlugInSaveOptions_W+ ...……

作者：菜鸟教程小白 | 时间：2022-2-5 12:31 | 阅读：25 | 回复：0
CVE-2020-23566

Irfanview v4.53 was discovered to contain an infinity loop via JPEG2000!ShowPlugInSaveOptions_W+0x1ecd8.……

作者：菜鸟教程小白 | 时间：2022-2-5 12:31 | 阅读：9 | 回复：0
CVE-2020-23567

Irfanview v4.53 allows attackers to to cause a denial of service (DoS) via a crafted JPEG 2000 file. Related to Integer Divide By Zero starting at JPEG2000!ShowPlugInSaveOptions_W+0x00000000000082ea……

作者：菜鸟教程小白 | 时间：2022-2-5 12:31 | 阅读：12 | 回复：0
CVE-2021-29753

IBM Business Automation Workflow 18. 19, 20, 21, and IBM Business Process Manager 8.5 and d8.6 transmits or stores authentication credentials, but it uses an insecure method that is susceptible to una ...……

作者：菜鸟教程小白 | 时间：2022-2-5 12:31 | 阅读：13 | 回复：0
CVE-2021-35368

OWASP ModSecurity Core Rule Set 3.1.x before 3.1.2, 3.2.x before 3.2.1, and 3.3.x before 3.3.2 is affected by a Request Body Bypass via a trailing pathname.……

作者：菜鸟教程小白 | 时间：2022-2-5 12:31 | 阅读：15 | 回复：0
CVE-2021-42837

An issue was discovered in Talend Data Catalog before 7.3-20210930. After setting up SAML/OAuth, authentication is not correctly enforced on the native login page. Any valid user from the SAML/OAuth p ...……

作者：菜鸟教程小白 | 时间：2022-2-5 12:31 | 阅读：12 | 回复：0
CVE-2021-43404

An issue was discovered in FusionPBX before 4.5.30. The FAX file name may have risky characters.……

作者：菜鸟教程小白 | 时间：2022-2-5 12:31 | 阅读：19 | 回复：0
CVE-2021-43405

An issue was discovered in FusionPBX before 4.5.30. The fax_extension may have risky characters (it is not constrained to be numeric).……

作者：菜鸟教程小白 | 时间：2022-2-5 12:31 | 阅读：23 | 回复：0
CVE-2021-43406

An issue was discovered in FusionPBX before 4.5.30. The fax_post_size may have risky characters (it is not constrained to preset values).……

作者：菜鸟教程小白 | 时间：2022-2-5 12:31 | 阅读：20 | 回复：0
CVE-2021-41195

TensorFlow is an open source platform for machine learning. In affected versions the implementation of `tf.math.segment_*` operations results in a `CHECK`-fail related abort (and denial of service) if ...……

作者：菜鸟教程小白 | 时间：2022-2-5 12:31 | 阅读：19 | 回复：0
CVE-2021-41196

TensorFlow is an open source platform for machine learning. In affected versions the Keras pooling layers can trigger a segfault if the size of the pool is 0 or if a dimension is negative. This is due ...……

作者：菜鸟教程小白 | 时间：2022-2-5 12:31 | 阅读：27 | 回复：0
CVE-2021-41197

TensorFlow is an open source platform for machine learning. In affected versions TensorFlow allows tensor to have a large number of dimensions and each dimension can be as large as desired. However, t ...……

作者：菜鸟教程小白 | 时间：2022-2-5 12:31 | 阅读：21 | 回复：0
CVE-2021-41198

TensorFlow is an open source platform for machine learning. In affected versions if `tf.tile` is called with a large input argument then the TensorFlow process will crash due to a `CHECK`-failure caus ...……

作者：菜鸟教程小白 | 时间：2022-2-5 12:31 | 阅读：35 | 回复：0
CVE-2021-41199

TensorFlow is an open source platform for machine learning. In affected versions if `tf.image.resize` is called with a large input argument then the TensorFlow process will crash due to a `CHECK`-fail ...……

作者：菜鸟教程小白 | 时间：2022-2-5 12:31 | 阅读：30 | 回复：0
CVE-2021-41200

TensorFlow is an open source platform for machine learning. In affected versions if `tf.summary.create_file_writer` is called with non-scalar arguments code crashes due to a `CHECK`-fail. The fix will ...……

作者：菜鸟教程小白 | 时间：2022-2-5 12:31 | 阅读：14 | 回复：0
CVE-2021-41201

TensorFlow is an open source platform for machine learning. In affeced versions during execution, `EinsumHelper::ParseEquation()` is supposed to set the flags in `input_has_ellipsis` vector and `*outp ...……

作者：菜鸟教程小白 | 时间：2022-2-5 12:31 | 阅读：10 | 回复：0
CVE-2021-41210

TensorFlow is an open source platform for machine learning. In affected versions the shape inference functions for `SparseCountSparseOutput` can trigger a read outside of bounds of heap allocated arra ...……

作者：菜鸟教程小白 | 时间：2022-2-5 12:31 | 阅读：22 | 回复：0
CVE-2021-3774

Meross Smart Wi-Fi 2 Way Wall Switch (MSS550X), on its 3.1.3 version and before, creates an open Wi-Fi Access Point without the required security measures in its initial setup. This could allow a remo ...……

作者：菜鸟教程小白 | 时间：2022-2-5 12:31 | 阅读：16 | 回复：0
CVE-2021-41203

TensorFlow is an open source platform for machine learning. In affected versions an attacker can trigger undefined behavior, integer overflows, segfaults and `CHECK`-fail crashes if they can change sa ...……

作者：菜鸟教程小白 | 时间：2022-2-5 12:31 | 阅读：13 | 回复：0
CVE-2021-41204

TensorFlow is an open source platform for machine learning. In affected versions during TensorFlow's Grappler optimizer phase, constant folding might attempt to deep copy a resource tensor. This r ...……

作者：菜鸟教程小白 | 时间：2022-2-5 12:31 | 阅读：22 | 回复：0
CVE-2021-41205

TensorFlow is an open source platform for machine learning. In affected versions the shape inference functions for the `QuantizeAndDequantizeV*` operations can trigger a read outside of bounds of heap ...……

作者：菜鸟教程小白 | 时间：2022-2-5 12:31 | 阅读：16 | 回复：0