• 设为首页
  • 点击收藏
  • 手机版
    手机扫一扫访问
    迪恩网络手机版
  • 关注官方公众号
    微信扫一扫关注
    迪恩网络公众号
登陆 注册
描述文字
OGeek|极客世界-中国程序员成长平台 门户 漏洞CVE漏洞

CVE漏洞

RSS
  • CVE-2021-20249
    CVE-2021-20249
    ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none.……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:50 | 阅读:16 | 回复:0
  • CVE-2021-29059
    CVE-2021-29059
    A vulnerability was discovered in IS-SVG version 2.1.0 to 4.2.2 and below where a Regular Expression Denial of Service (ReDOS) occurs if the application is provided and checks a crafted invalid SVG st ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:50 | 阅读:26 | 回复:0
  • CVE-2021-29060
    CVE-2021-29060
    A Regular Expression Denial of Service (ReDOS) vulnerability was discovered in Color-String version 1.5.5 and below which occurs when the application is provided and checks a crafted invalid HWB strin ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:50 | 阅读:12 | 回复:0
  • CVE-2021-0478
    CVE-2021-0478
    In updateDrawable of StatusBarIconView.java, there is a possible permission bypass due to an uncaught exception. This could lead to local escalation of privilege by running foreground services without ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:50 | 阅读:12 | 回复:0
  • CVE-2021-0504
    CVE-2021-0504
    In avrc_pars_browse_rsp of avrc_pars_ct.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure over Bluetooth with no additional exe ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:50 | 阅读:21 | 回复:0
  • CVE-2021-0505
    CVE-2021-0505
    In the Settings app, there is a possible way to disable an always-on VPN due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges nee ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:50 | 阅读:18 | 回复:0
  • CVE-2021-0506
    CVE-2021-0506
    In ActivityPicker.java, there is a possible bypass of user interaction in intent resolution due to a tapjacking/overlay attack. This could lead to local escalation of privilege with User execution pri ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:50 | 阅读:21 | 回复:0
  • CVE-2021-0507
    CVE-2021-0507
    In handle_rc_metamsg_cmd of btif_rc.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution over Bluetooth with no additional execution priv ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:50 | 阅读:14 | 回复:0
  • CVE-2021-0508
    CVE-2021-0508
    In various functions of DrmPlugin.cpp, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:50 | 阅读:7 | 回复:0
  • CVE-2021-0509
    CVE-2021-0509
    In various functions of CryptoPlugin.cpp, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. U ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:50 | 阅读:6 | 回复:0
  • CVE-2021-0510
    CVE-2021-0510
    In decrypt_1_2 of CryptoPlugin.cpp, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:50 | 阅读:10 | 回复:0
  • CVE-2021-0511
    CVE-2021-0511
    In Dex2oat of dex2oat.cc, there is a possible way to inject bytecode into an app due to improper input validation. This could lead to local escalation of privilege with no additional execution privile ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:50 | 阅读:12 | 回复:0
  • CVE-2021-0512
    CVE-2021-0512
    In __hidinput_change_resolution_multipliers of hid-input.c, there is a possible out of bounds write due to a heap buffer overflow. This could lead to local escalation of privilege with no additional e ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:50 | 阅读:18 | 回复:0
  • CVE-2021-0513
    CVE-2021-0513
    In deleteNotificationChannel and related functions of NotificationManagerService.java, there is a possible permission bypass due to improper state validation. This could lead to local escalation of pr ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:50 | 阅读:14 | 回复:0
  • CVE-2021-0516
    CVE-2021-0516
    In p2p_process_prov_disc_req of p2p_pd.c, there is a possible out of bounds read and write due to a use after free. This could lead to remote escalation of privilege with no additional execution privi ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:50 | 阅读:24 | 回复:0
  • CVE-2021-0517
    CVE-2021-0517
    In updateCapabilities of ConnectivityService.java, there is a possible incorrect network state determination due to a logic error in the code. This could lead to biasing of networking tasks to occur o ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:50 | 阅读:29 | 回复:0
  • CVE-2021-0520
    CVE-2021-0520
    In several functions of MemoryFileSystem.cpp and related files, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with no additional executio ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:50 | 阅读:13 | 回复:0
  • CVE-2021-0521
    CVE-2021-0521
    In getAllPackages of PackageManagerService, there is a possible information disclosure due to a missing permission check. This could lead to local information disclosure of cross-user permissions with ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:50 | 阅读:14 | 回复:0
  • CVE-2021-0522
    CVE-2021-0522
    In ConnectionHandler::SdpCb of connection_handler.cc, there is a possible out of bounds read due to a use after free. This could lead to remote information disclosure with no additional execution priv ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:50 | 阅读:20 | 回复:0
  • CVE-2021-0523
    CVE-2021-0523
    In onCreate of WifiScanModeActivity.java, there is a possible way to enable Wi-Fi scanning without user consent due to a tapjacking/overlay attack. This could lead to local escalation of privilege wit ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:50 | 阅读:15 | 回复:0
  • CVE-2021-0525
    CVE-2021-0525
    In memory management driver, there is a possible out of bounds write due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User inte ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:50 | 阅读:10 | 回复:0
  • CVE-2021-0526
    CVE-2021-0526
    In memory management driver, there is a possible out of bounds write due to uninitialized data. This could lead to local escalation of privilege with no additional execution privileges needed. User in ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:50 | 阅读:8 | 回复:0
  • CVE-2021-0527
    CVE-2021-0527
    In memory management driver, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User intera ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:50 | 阅读:10 | 回复:0
  • CVE-2021-0528
    CVE-2021-0528
    In memory management driver, there is a possible memory corruption due to a double free. This could lead to local escalation of privilege with no additional execution privileges needed. User interacti ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:50 | 阅读:13 | 回复:0
  • CVE-2021-0529
    CVE-2021-0529
    In memory management driver, there is a possible memory corruption due to improper locking. This could lead to local escalation of privilege with no additional execution privileges needed. User intera ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:50 | 阅读:6 | 回复:0
  • CVE-2021-0530
    CVE-2021-0530
    In memory management driver, there is a possible out of bounds write due to uninitialized data. This could lead to local escalation of privilege with no additional execution privileges needed. User in ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:50 | 阅读:14 | 回复:0
  • CVE-2021-0531
    CVE-2021-0531
    In memory management driver, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User intera ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:50 | 阅读:13 | 回复:0
  • CVE-2021-0532
    CVE-2021-0532
    In memory management driver, there is a possible memory corruption due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User intera ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:50 | 阅读:10 | 回复:0
  • CVE-2021-0533
    CVE-2021-0533
    In memory management driver, there is a possible memory corruption due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User intera ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:50 | 阅读:16 | 回复:0
  • CVE-2021-26461
    CVE-2021-26461
    Apache Nuttx Versions prior to 10.1.0 are vulnerable to integer wrap-around in functions malloc, realloc and memalign. This improper memory assignment can lead to arbitrary memory allocation, resultin ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:50 | 阅读:18 | 回复:0
  • CVE-2020-19510
    CVE-2020-19510
    Textpattern 4.7.3 contains an aribtrary file load via the file_insert function in include/txp_file.php.……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:50 | 阅读:14 | 回复:0
  • CVE-2020-19511
    CVE-2020-19511
    Cross Site Scriptiong vulnerability in Typesetter 5.1 via the !1) className and !2) Description fields in index.php/Admin/Classes,……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:50 | 阅读:13 | 回复:0
  • CVE-2021-21422
    CVE-2021-21422
    mongo-express is a web-based MongoDB admin interface, written with Node.js and express. 1: As mentioned in this issue: https://github.com/mongo-express/mongo-express/issues/577, when the content of a ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:50 | 阅读:12 | 回复:0
  • CVE-2021-32697
    CVE-2021-32697
    neos/forms is an open source framework to build web forms. By crafting a special `GET` request containing a valid form state, a form can be submitted without invoking any validators. Form state is sec ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:50 | 阅读:17 | 回复:0
  • CVE-2020-27511
    CVE-2020-27511
    An issue was discovered in the stripTags and unescapeHTML components in Prototype 1.7.3 where an attacker can cause a Regular Expression Denial of Service (ReDOS) through stripping crafted HTML tags.……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:50 | 阅读:6 | 回复:0
  • CVE-2021-24338
    CVE-2021-24338
    The Pods – Custom Content Types and Fields WordPress plugin before 2.7.27 was vulnerable to an Authenticated Stored Cross-Site Scripting (XSS) security vulnerability within the 'Singular Labe ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:50 | 阅读:9 | 回复:0
  • CVE-2021-24339
    CVE-2021-24339
    The Pods – Custom Content Types and Fields WordPress plugin before 2.7.27 was vulnerable to an Authenticated Stored Cross-Site Scripting (XSS) security vulnerability within the 'Menu Label&#3 ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:50 | 阅读:11 | 回复:0
  • CVE-2021-24361
    CVE-2021-24361
    In the Location Manager WordPress plugin before 2.1.0.10, the AJAX action gd_popular_location_list did not properly sanitise or validate some of its POST parameters, which are then used in a SQL state ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:50 | 阅读:12 | 回复:0
  • CVE-2021-24364
    CVE-2021-24364
    The Jannah WordPress theme before 5.4.4 did not properly sanitize the options JSON parameter in its tie_get_user_weather AJAX action before outputting it back in the page, leading to a Reflected Cross ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:50 | 阅读:14 | 回复:0
  • CVE-2021-24366
    CVE-2021-24366
    The Admin Columns Free WordPress plugin before 4.3 and Admin Columns Pro WordPress plugin before 5.5.1, rendered input on the posted pages with improper input validation on the value passed into the f ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:50 | 阅读:15 | 回复:0

关注我们

极客给你想要的成长

关注极客中国获取最新资讯

加入Q群 官方微博
热门推荐
More+
专题导读
More+
热门话题
More+
阅读排行榜

扫描微信二维码

查看手机版网站

随时了解更新最新资讯

139-2527-9053

在线客服(服务时间 9:00~18:00)

在线QQ客服
地址:深圳市南山区西丽大学城创智工业园
电邮:jeky_zhao#qq.com
移动电话:139-2527-9053

Powered by 互联科技 X3.4© 2001-2213 极客世界.|Sitemap