CVE漏洞

OGeek|极客世界-中国程序员成长平台 › 门户 › 漏洞›CVE漏洞

RSS

CVE-2021-34755

Multiple vulnerabilities in the CLI of Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local attacker to execute arbitrary commands with root privileges. For more informati ...……

作者：菜鸟教程小白 | 时间：2022-2-5 12:16 | 阅读：27 | 回复：0
CVE-2021-34756

Multiple vulnerabilities in the CLI of Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local attacker to execute arbitrary commands with root privileges. For more informati ...……

作者：菜鸟教程小白 | 时间：2022-2-5 12:16 | 阅读：37 | 回复：0
CVE-2021-34761

A vulnerability in Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local attacker to overwrite or append arbitrary data to system files using root-level privileges. The att ...……

作者：菜鸟教程小白 | 时间：2022-2-5 12:16 | 阅读：31 | 回复：0
CVE-2021-34762

A vulnerability in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an authenticated, remote attacker to perform a directory traversal attack on an af ...……

作者：菜鸟教程小白 | 时间：2022-2-5 12:16 | 阅读：32 | 回复：0
CVE-2021-34763

Multiple vulnerabilities in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an attacker to execute a cross-site scripting (XSS) attack or an open red ...……

作者：菜鸟教程小白 | 时间：2022-2-5 12:16 | 阅读：42 | 回复：0
CVE-2021-34764

Multiple vulnerabilities in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an attacker to execute a cross-site scripting (XSS) attack or an open red ...……

作者：菜鸟教程小白 | 时间：2022-2-5 12:16 | 阅读：39 | 回复：0
CVE-2021-34781

A vulnerability in the processing of SSH connections for multi-instance deployments of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial o ...……

作者：菜鸟教程小白 | 时间：2022-2-5 12:16 | 阅读：36 | 回复：0
CVE-2021-34783

A vulnerability in the software-based SSL/TLS message handler of Cisco Adaptive Security Appliance (ASA) Software and Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote att ...……

作者：菜鸟教程小白 | 时间：2022-2-5 12:16 | 阅读：44 | 回复：0
CVE-2021-34787

A vulnerability in the identity-based firewall (IDFW) rule processing feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unaut ...……

作者：菜鸟教程小白 | 时间：2022-2-5 12:16 | 阅读：39 | 回复：0
CVE-2021-34790

Multiple vulnerabilities in the Application Level Gateway (ALG) for the Network Address Translation (NAT) feature of Cisco Adaptive Security Appliance (ASA) Software and Firepower Threat Defense (FTD) ...……

作者：菜鸟教程小白 | 时间：2022-2-5 12:16 | 阅读：38 | 回复：0
CVE-2021-34791

Multiple vulnerabilities in the Application Level Gateway (ALG) for the Network Address Translation (NAT) feature of Cisco Adaptive Security Appliance (ASA) Software and Firepower Threat Defense (FTD) ...……

作者：菜鸟教程小白 | 时间：2022-2-5 12:16 | 阅读：52 | 回复：0
CVE-2021-34792

A vulnerability in the memory management of Cisco Adaptive Security Appliance (ASA) Software and Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a deni ...……

作者：菜鸟教程小白 | 时间：2022-2-5 12:16 | 阅读：56 | 回复：0
CVE-2021-34793

A vulnerability in the TCP Normalizer of Cisco Adaptive Security Appliance (ASA) Software and Firepower Threat Defense (FTD) Software operating in transparent mode could allow an unauthenticated, remo ...……

作者：菜鸟教程小白 | 时间：2022-2-5 12:16 | 阅读：43 | 回复：0
CVE-2021-34794

A vulnerability in the Simple Network Management Protocol version 3 (SNMPv3) access control functionality of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) S ...……

作者：菜鸟教程小白 | 时间：2022-2-5 12:16 | 阅读：38 | 回复：0
CVE-2021-40114

Multiple Cisco products are affected by a vulnerability in the way the Snort detection engine processes ICMP traffic that could allow an unauthenticated, remote attacker to cause a denial of service ( ...……

作者：菜鸟教程小白 | 时间：2022-2-5 12:16 | 阅读：43 | 回复：0
CVE-2021-40116

Multiple Cisco products are affected by a vulnerability in Snort rules that could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device.The vulne ...……

作者：菜鸟教程小白 | 时间：2022-2-5 12:16 | 阅读：35 | 回复：0
CVE-2021-40117

A vulnerability in SSL/TLS message handler for Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cau ...……

作者：菜鸟教程小白 | 时间：2022-2-5 12:16 | 阅读：36 | 回复：0
CVE-2021-40118

A vulnerability in the web services interface of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to t ...……

作者：菜鸟教程小白 | 时间：2022-2-5 12:16 | 阅读：44 | 回复：0
CVE-2021-40125

A vulnerability in the Internet Key Exchange Version 2 (IKEv2) implementation of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an authe ...……

作者：菜鸟教程小白 | 时间：2022-2-5 12:16 | 阅读：36 | 回复：0
CVE-2020-21250

CSZ CMS v1.2.4 was discovered to contain an arbitrary file upload vulnerability in the component /core/MY_Security.php.……

作者：菜鸟教程小白 | 时间：2022-2-5 12:16 | 阅读：36 | 回复：0
CVE-2021-1115

NVIDIA GPU Display Driver for Windows contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for private IOCTLs, where an attacker with local unprivileged system access may cause a N ...……

作者：菜鸟教程小白 | 时间：2022-2-5 12:16 | 阅读：57 | 回复：0
CVE-2021-1116

NVIDIA GPU Display Driver for Windows contains a vulnerability in the kernel mode layer (nvlddmkm.sys), where a NULL pointer dereference in the kernel, created within user mode code, may lead to a den ...……

作者：菜鸟教程小白 | 时间：2022-2-5 12:16 | 阅读：68 | 回复：0
CVE-2021-1117

Windows contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape, where an attacker through specific configuration and with local unprivileged system access may cause ...……

作者：菜鸟教程小白 | 时间：2022-2-5 12:16 | 阅读：66 | 回复：0
CVE-2021-25219

In BIND 9.3.0 - 9.11.35, 9.12.0 - 9.16.21, and versions 9.9.3-S1 - 9.11.35-S1 and 9.16.8-S1 - 9.16.21-S1 of BIND Supported Preview Edition, as well as release versions 9.17.0 - 9.17.18 of the BIND 9.1 ...……

作者：菜鸟教程小白 | 时间：2022-2-5 12:16 | 阅读：49 | 回复：0
CVE-2021-3901

firefly-iii is vulnerable to Cross-Site Request Forgery (CSRF)……

作者：菜鸟教程小白 | 时间：2022-2-5 12:16 | 阅读：38 | 回复：0
CVE-2021-3903

vim is vulnerable to Heap-based Buffer Overflow……

作者：菜鸟教程小白 | 时间：2022-2-5 12:16 | 阅读：48 | 回复：0
CVE-2021-41191

Roblox-Purchasing-Hub is an open source Roblox product purchasing hub. A security risk in versions 1.0.1 and prior allowed people who have someone's API URL to get product files without an API key ...……

作者：菜鸟教程小白 | 时间：2022-2-5 12:16 | 阅读：38 | 回复：0
CVE-2021-3904

grav is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')……

作者：菜鸟教程小白 | 时间：2022-2-5 12:16 | 阅读：27 | 回复：0
CVE-2021-3906

bookstack is vulnerable to Unrestricted Upload of File with Dangerous Type……

作者：菜鸟教程小白 | 时间：2022-2-5 12:16 | 阅读：29 | 回复：0
CVE-2021-43056

An issue was discovered in the Linux kernel for powerpc before 5.14.15. It allows a malicious KVM guest to crash the host, when the host is running on Power8, due to an arch/powerpc/kvm/book3s_hv_rmha ...……

作者：菜鸟教程小白 | 时间：2022-2-5 12:16 | 阅读：59 | 回复：0
CVE-2021-43057

An issue was discovered in the Linux kernel before 5.14.8. A use-after-free in selinux_ptrace_traceme (aka the SELinux handler for PTRACE_TRACEME) could be used by local attackers to cause memory corr ...……

作者：菜鸟教程小白 | 时间：2022-2-5 12:16 | 阅读：65 | 回复：0
CVE-2019-19810

Zoom Call Recording 6.3.1 from Eleveo is vulnerable to Java Deserialization attacks targeting the inbuilt RMI service. A remote unauthenticated attacker can exploit this vulnerability by sending craft ...……

作者：菜鸟教程小白 | 时间：2022-2-5 12:16 | 阅读：74 | 回复：0
CVE-2021-37748

Multiple buffer overflows in the limited configuration shell (/sbin/gs_config) on Grandstream HT801 devices before 1.0.29 allow remote authenticated users to execute arbitrary code as root via a craft ...……

作者：菜鸟教程小白 | 时间：2022-2-5 12:16 | 阅读：54 | 回复：0
CVE-2021-37915

An issue was discovered on the Grandstream HT801 Analog Telephone Adaptor before 1.0.29.8. From the limited configuration shell, it is possible to set the malicious gdb_debug_server variable. As a res ...……

作者：菜鸟教程小白 | 时间：2022-2-5 12:16 | 阅读：55 | 回复：0
CVE-2021-22278

A certificate validation vulnerability in PCM600 Update Manager allows attacker to get unwanted software packages to be installed on computer which has PCM600 installed.……

作者：菜鸟教程小白 | 时间：2022-2-5 12:16 | 阅读：46 | 回复：0
CVE-2021-22401

There is a Remote DoS vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability can affect service integrity.……

作者：菜鸟教程小白 | 时间：2022-2-5 12:16 | 阅读：39 | 回复：0
CVE-2021-22402

There is a DoS vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause DoS attacks.……

作者：菜鸟教程小白 | 时间：2022-2-5 12:16 | 阅读：28 | 回复：0
CVE-2021-22403

There is a vulnerability of hijacking unverified providers in Huawei Smartphone.Successful exploitation of this vulnerability may allow attackers to hijack the device and forge UIs to induce users to ...……

作者：菜鸟教程小白 | 时间：2022-2-5 12:16 | 阅读：64 | 回复：0
CVE-2021-22404

There is a Directory traversal vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may affect service confidentiality.……

作者：菜鸟教程小白 | 时间：2022-2-5 12:16 | 阅读：42 | 回复：0
CVE-2021-22405

There is a Configuration defects in Huawei Smartphone.Successful exploitation of this vulnerability may affect service availability.……

作者：菜鸟教程小白 | 时间：2022-2-5 12:16 | 阅读：66 | 回复：0