CVE漏洞

OGeek|极客世界-中国程序员成长平台 › 门户 › 漏洞›CVE漏洞

RSS

CVE-2021-37002

There is a Memory out-of-bounds access vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause malicious code to be executed.……

作者：菜鸟教程小白 | 时间：2022-2-5 12:17 | 阅读：57 | 回复：0
CVE-2018-14640

** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Notes: none.……

作者：菜鸟教程小白 | 时间：2022-2-5 12:17 | 阅读：51 | 回复：0
CVE-2018-1105

** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none.……

作者：菜鸟教程小白 | 时间：2022-2-5 12:17 | 阅读：54 | 回复：0
CVE-2021-37254

In M-Files Web product with versions before 20.10.9524.1 and 20.10.9445.0, a remote attacker could use a flaw to obtain unauthenticated access to 3rd party component license key information on server.……

作者：菜鸟教程小白 | 时间：2022-2-5 12:17 | 阅读：52 | 回复：0
CVE-2021-3576

Execution with Unnecessary Privileges vulnerability in Bitdefender Endpoint Security Tools, Total Security allows a local attacker to elevate to 'NT AUTHORITY\System. Impersonation enables the ser ...……

作者：菜鸟教程小白 | 时间：2022-2-5 12:17 | 阅读：49 | 回复：0
CVE-2021-3579

Incorrect Default Permissions vulnerability in the bdservicehost.exe and Vulnerability.Scan.exe components as used in Bitdefender Endpoint Security Tools for Windows, Total Security allows a local att ...……

作者：菜鸟教程小白 | 时间：2022-2-5 12:17 | 阅读：56 | 回复：0
CVE-2021-3823

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in the UpdateServer component of Bitdefender GravityZone allows an attacker to execute arbitrary co ...……

作者：菜鸟教程小白 | 时间：2022-2-5 12:17 | 阅读：51 | 回复：0
CVE-2020-22312

A cross-site scripting (XSS) vulnerability was discovered in the OJ/admin-tool /cal_scores.php function of HZNUOJ v1.0.……

作者：菜鸟教程小白 | 时间：2022-2-5 12:17 | 阅读：78 | 回复：0
CVE-2021-41728

Cross Site Scripting (XSS) vulnerability exists in Sourcecodester News247 CMS 1.0 via the search function in articles.……

作者：菜鸟教程小白 | 时间：2022-2-5 12:17 | 阅读：55 | 回复：0
CVE-2020-7875

DEXT5 Upload 5.0.0.117 and earlier versions contain a vulnerability, which could allow remote attacker to download and execute remote file by setting the argument, variable in the activeX module. This ...……

作者：菜鸟教程小白 | 时间：2022-2-5 12:17 | 阅读：69 | 回复：0
CVE-2021-22044

In Spring Cloud OpenFeign 3.0.0 to 3.0.4, 2.2.0.RELEASE to 2.2.9.RELEASE, and older unsupported versions, applications using type-level `@RequestMapping`annotations over Feign client interfaces, can b ...……

作者：菜鸟教程小白 | 时间：2022-2-5 12:17 | 阅读：59 | 回复：0
CVE-2021-22047

In Spring Data REST versions 3.4.0 - 3.4.13, 3.5.0 - 3.5.5, and older unsupported versions, HTTP resources implemented by custom controllers using a configured base API path and a controller type-leve ...……

作者：菜鸟教程小白 | 时间：2022-2-5 12:17 | 阅读：39 | 回复：0
CVE-2021-22096

In Spring Framework versions 5.3.0 - 5.3.10, 5.2.0 - 5.2.17, and older unsupported versions, it is possible for a user to provide malicious input to cause the insertion of additional log entries.……

作者：菜鸟教程小白 | 时间：2022-2-5 12:17 | 阅读：45 | 回复：0
CVE-2021-22097

In Spring AMQP versions 2.2.0 - 2.2.18 and 2.3.0 - 2.3.10, the Spring AMQP Message object, in its toString() method, will deserialize a body for a message with content type application/x-java-serializ ...……

作者：菜鸟教程小白 | 时间：2022-2-5 12:17 | 阅读：48 | 回复：0
CVE-2021-3745

flatcore-cms is vulnerable to Unrestricted Upload of File with Dangerous Type……

作者：菜鸟教程小白 | 时间：2022-2-5 12:17 | 阅读：52 | 回复：0
CVE-2020-10005

A resource exhaustion issue was addressed with improved input validation. This issue is fixed in macOS Big Sur 11.0.1. An attacker in a privileged network position may be able to perform denial of ser ...……

作者：菜鸟教程小白 | 时间：2022-2-5 12:17 | 阅读：44 | 回复：0
CVE-2020-25422

A cross site scripting (XSS) vulnerability in menuedit.php of Mara CMS 7.5 allows attackers to execute arbitrary web scripts or HTML via a crafted payload.……

作者：菜鸟教程小白 | 时间：2022-2-5 12:17 | 阅读：43 | 回复：0
CVE-2020-29629

An out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Big Sur 11.0.1. A malicious application may be able to read restricted memory.……

作者：菜鸟教程小白 | 时间：2022-2-5 12:17 | 阅读：57 | 回复：0
CVE-2020-9897

An out-of-bounds write was addressed with improved input validation. This issue is fixed in iOS 14.2 and iPadOS 14.2, macOS Big Sur 11.0.1. Processing a maliciously crafted PDF may lead to arbitrary c ...……

作者：菜鸟教程小白 | 时间：2022-2-5 12:17 | 阅读：48 | 回复：0
CVE-2021-1821

A logic issue was addressed with improved state management. This issue is fixed in watchOS 7.6, macOS Big Sur 11.5. Visiting a maliciously crafted webpage may lead to a system denial of service.……

作者：菜鸟教程小白 | 时间：2022-2-5 12:17 | 阅读：37 | 回复：0
CVE-2021-30808

This issue was addressed with improved checks. This issue is fixed in tvOS 15, watchOS 8, iOS 15 and iPadOS 15. A malicious application may be able to modify protected parts of the file system.……

作者：菜鸟教程小白 | 时间：2022-2-5 12:17 | 阅读：38 | 回复：0
CVE-2021-30809

A use after free issue was addressed with improved memory management. This issue is fixed in Safari 15, tvOS 15, watchOS 8, iOS 15 and iPadOS 15. Processing maliciously crafted web content may lead to ...……

作者：菜鸟教程小白 | 时间：2022-2-5 12:17 | 阅读：50 | 回复：0
CVE-2021-30813

This issue was addressed with improved checks. This issue is fixed in macOS Monterey 12.0.1. A person with access to a host Mac may be able to bypass the Login Window in Remote Desktop for a locked in ...……

作者：菜鸟教程小白 | 时间：2022-2-5 12:17 | 阅读：54 | 回复：0
CVE-2021-30814

A memory corruption issue was addressed with improved input validation. This issue is fixed in tvOS 15, watchOS 8, iOS 15 and iPadOS 15. Processing a maliciously crafted image may lead to arbitrary co ...……

作者：菜鸟教程小白 | 时间：2022-2-5 12:17 | 阅读：54 | 回复：0
CVE-2021-30816

The issue was addressed with improved permissions logic. This issue is fixed in iOS 15 and iPadOS 15. An attacker with physical access to a device may be able to see private contact information.……

作者：菜鸟教程小白 | 时间：2022-2-5 12:17 | 阅读：48 | 回复：0
CVE-2021-30817

A permissions issue was addressed with improved validation. This issue is fixed in macOS Big Sur 11.5. A malicious application may be able to access data about the accounts the user is using Family Sh ...……

作者：菜鸟教程小白 | 时间：2022-2-5 12:17 | 阅读：48 | 回复：0
CVE-2021-30818

A type confusion issue was addressed with improved state handling. This issue is fixed in iOS 14.8 and iPadOS 14.8, tvOS 15, iOS 15 and iPadOS 15, Safari 15, watchOS 8. Processing maliciously crafted ...……

作者：菜鸟教程小白 | 时间：2022-2-5 12:17 | 阅读：57 | 回复：0
CVE-2021-30821

A memory corruption issue was addressed with improved memory handling. This issue is fixed in macOS Monterey 12.0.1, Security Update 2021-007 Catalina, macOS Big Sur 11.6.1. A malicious application ma ...……

作者：菜鸟教程小白 | 时间：2022-2-5 12:17 | 阅读：60 | 回复：0
CVE-2021-30823

A logic issue was addressed with improved restrictions. This issue is fixed in macOS Monterey 12.0.1, iOS 14.8 and iPadOS 14.8, tvOS 15, Safari 15, watchOS 8. An attacker in a privileged network posit ...……

作者：菜鸟教程小白 | 时间：2022-2-5 12:17 | 阅读：66 | 回复：0
CVE-2021-30824

A memory corruption issue was addressed with improved state management. This issue is fixed in macOS Monterey 12.0.1, Security Update 2021-007 Catalina, macOS Big Sur 11.6.1. A malicious application m ...……

作者：菜鸟教程小白 | 时间：2022-2-5 12:17 | 阅读：59 | 回复：0
CVE-2021-30831

An out-of-bounds read was addressed with improved input validation. This issue is fixed in tvOS 15, watchOS 8, iOS 15 and iPadOS 15. Processing a maliciously crafted font may result in the disclosure ...……

作者：菜鸟教程小白 | 时间：2022-2-5 12:17 | 阅读：54 | 回复：0
CVE-2021-30833

This issue was addressed with improved checks. This issue is fixed in macOS Monterey 12.0.1. Unpacking a maliciously crafted archive may allow an attacker to write arbitrary files.……

作者：菜鸟教程小白 | 时间：2022-2-5 12:17 | 阅读：44 | 回复：0
CVE-2021-30834

A logic issue was addressed with improved state management. This issue is fixed in iOS 14.8 and iPadOS 14.8, tvOS 15, iOS 15 and iPadOS 15, watchOS 8, Security Update 2021-007 Catalina. Processing a m ...……

作者：菜鸟教程小白 | 时间：2022-2-5 12:17 | 阅读：60 | 回复：0
CVE-2021-30836

An out-of-bounds read was addressed with improved input validation. This issue is fixed in iOS 14.8 and iPadOS 14.8, tvOS 15, watchOS 8, iOS 15 and iPadOS 15. Processing a maliciously crafted audio fi ...……

作者：菜鸟教程小白 | 时间：2022-2-5 12:17 | 阅读：51 | 回复：0
CVE-2021-30840

This issue was addressed with improved checks. This issue is fixed in tvOS 15, watchOS 8, iOS 15 and iPadOS 15. Processing a maliciously crafted dfont file may lead to arbitrary code execution.……

作者：菜鸟教程小白 | 时间：2022-2-5 12:17 | 阅读：60 | 回复：0
CVE-2021-36547

A remote code execution (RCE) vulnerability in the component /codebase/dir.php?type=filenew of Mara v7.5 allows attackers to execute arbitrary commands via a crafted PHP file.……

作者：菜鸟教程小白 | 时间：2022-2-5 12:17 | 阅读：43 | 回复：0
CVE-2021-36548

A remote code execution (RCE) vulnerability in the component /admin/index.php?id=themesaction=edit_templatefilename=blog of Monstra v3.0.4 allows attackers to execute arbitrary commands via a crafted ...……

作者：菜鸟教程小白 | 时间：2022-2-5 12:17 | 阅读：46 | 回复：0
CVE-2021-36550

TikiWiki v21.4 was discovered to contain a cross-site scripting (XSS) vulnerability in the component tiki-browse_categories.php. This vulnerability allows attackers to execute arbitrary web scripts or ...……

作者：菜鸟教程小白 | 时间：2022-2-5 12:17 | 阅读：45 | 回复：0
CVE-2021-36551

TikiWiki v21.4 was discovered to contain a cross-site scripting (XSS) vulnerability in the component tiki-calendar.php. This vulnerability allows attackers to execute arbitrary web scripts or HTML via ...……

作者：菜鸟教程小白 | 时间：2022-2-5 12:17 | 阅读：49 | 回复：0
CVE-2021-41194

FirstUseAuthenticator is a JupyterHub authenticator that helps new users set their password on their first login to JupyterHub. When JupyterHub is used with FirstUseAuthenticator, a vulnerability in v ...……

作者：菜鸟教程小白 | 时间：2022-2-5 12:17 | 阅读：47 | 回复：0