CVE漏洞

OGeek|极客世界-中国程序员成长平台 › 门户 › 漏洞›CVE漏洞

RSS

CVE-2021-0428

In getSimSerialNumber of TelephonyManager.java, there is a possible way to read a trackable identifier due to a missing permission check. This could lead to local information disclosure with User exec ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:32 | 阅读：21 | 回复：0
CVE-2021-0429

In pollOnce of ALooper.cpp, there is possible memory corruption due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interacti ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:32 | 阅读：16 | 回复：0
CVE-2021-0430

In rw_mfc_handle_read_op of rw_mfc.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution via a malicious NFC packet with no additional exe ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:32 | 阅读：19 | 回复：0
CVE-2021-0431

In avrc_msg_cback of avrc_api.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure to a paired device with no additional execution ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:32 | 阅读：24 | 回复：0
CVE-2021-0432

In ClearPullerCacheIfNecessary and ForceClearPullerCache of StatsPullerManager.cpp, there is a possible use-after-free due to a race condition. This could lead to local escalation of privilege with no ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:32 | 阅读：16 | 回复：0
CVE-2021-0433

In onCreate of DeviceChooserActivity.java, there is a possible way to bypass user consent when pairing a Bluetooth device due to a tapjacking/overlay attack. This could lead to local escalation of pri ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:32 | 阅读：37 | 回复：0
CVE-2021-0435

In avrc_proc_vendor_command of avrc_api.cc, there is a possible leak of heap data due to uninitialized data. This could lead to remote information disclosure with no additional execution privileges ne ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:32 | 阅读：11 | 回复：0
CVE-2021-0436

In CryptoPlugin::decrypt of CryptoPlugin.cpp, there is a possible out of bounds read due to integer overflow. This could lead to local information disclosure with no additional execution privileges ne ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:32 | 阅读：9 | 回复：0
CVE-2021-0437

In setPlayPolicy of DrmPlugin.cpp, there is a possible double free. This could lead to local escalation of privilege in a privileged process with no additional execution privileges needed. User intera ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:32 | 阅读：11 | 回复：0
CVE-2021-0438

In several functions of InputDispatcher.cpp, WindowManagerService.java, and related files, there is a possible tapjacking attack due to an incorrect FLAG_OBSCURED value. This could lead to local escal ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:32 | 阅读：16 | 回复：0
CVE-2021-0439

In setPowerModeWithHandle of com_android_server_power_PowerManagerService.cpp, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege w ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:32 | 阅读：17 | 回复：0
CVE-2021-0442

In updateInfo of android_hardware_input_InputApplicationHandle.cpp, there is a possible control of code flow due to a use after free. This could lead to local escalation of privilege with no additiona ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:32 | 阅读：16 | 回复：0
CVE-2021-0443

In several functions of ScreenshotHelper.java and related files, there is a possible incorrectly saved screenshot due to a race condition. This could lead to local information disclosure across user p ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:32 | 阅读：16 | 回复：0
CVE-2021-0444

In onActivityResult of QuickContactActivity.java, there is an unnecessary return of an intent. This could lead to local information disclosure of contact data with no additional execution privileges n ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:32 | 阅读：21 | 回复：0
CVE-2021-0445

In start of WelcomeActivity.java, there is a possible residual profile due to a confused deputy. This could lead to local escalation of privilege with no additional execution privileges needed. User i ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:32 | 阅读：20 | 回复：0
CVE-2021-0446

In ImportVCardActivity, there is a possible way to bypass user consent due to a tapjacking/overlay attack. This could lead to local escalation of privilege with User execution privileges needed. User ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:32 | 阅读：19 | 回复：0
CVE-2021-0468

In LK, there is a possible escalation of privilege due to an insecure default value. This could lead to local escalation of privilege for an attacker who has physical access to the device with no addi ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:32 | 阅读：18 | 回复：0
CVE-2021-0471

In decrypt_1_2 of CryptoPlugin.cpp, there is a possible out of bounds read due to an integer overflow. This could lead to local information disclosure with no additional execution privileges needed. U ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:32 | 阅读：8 | 回复：0
CVE-2021-21482

SAP NetWeaver Master Data Management, versions - 710, 710.750, allows a malicious unauthorized user with access to the MDM Server subnet to find the password using a brute force method. If successful, ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:32 | 阅读：16 | 回复：0
CVE-2021-21483

Under certain conditions SAP Solution Manager, version - 720, allows a high privileged attacker to get access to sensitive information which has a direct serious impact beyond the exploitable componen ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:32 | 阅读：21 | 回复：0
CVE-2021-21485

An unauthorized attacker may be able to entice an administrator to invoke telnet commands of an SAP NetWeaver Application Server for Java that allow the attacker to gain NTLM hashes of a privileged us ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:32 | 阅读：27 | 回复：0
CVE-2021-21492

SAP NetWeaver Application Server Java(HTTP Service), versions - 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50, does not sufficiently validate logon group in URLs, resulting in a content spoofing vulnerabil ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:32 | 阅读：10 | 回复：0
CVE-2021-21784

An out-of-bounds write vulnerability exists in the JPG format SOF marker processing of Accusoft ImageGear 19.8. A specially crafted malformed file can lead to memory corruption. An attacker can provid ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:32 | 阅读：11 | 回复：0
CVE-2021-22716

A CWE-269: Improper Privilege Management vulnerability exists in C-Bus Toolkit (V1.15.7 and prior) that could allow a remote code execution when an unprivileged user modifies a file.……

作者：菜鸟教程小白 | 时间：2022-2-5 10:32 | 阅读：6 | 回复：0
CVE-2021-22717

A CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability exists in C-Bus Toolkit (V1.15.7 and prior) that could allow a remote code execution when ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:32 | 阅读：17 | 回复：0
CVE-2021-22718

A CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability exists in C-Bus Toolkit (V1.15.7 and prior) that could allow a remote code execution when ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:32 | 阅读：6 | 回复：0
CVE-2021-22719

A CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability exists in C-Bus Toolkit (V1.15.7 and prior) that could allow a remote code execution when ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:32 | 阅读：18 | 回复：0
CVE-2021-22720

A CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability exists in C-Bus Toolkit (V1.15.7 and prior) that could allow a remote code execution when ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:32 | 阅读：11 | 回复：0
CVE-2021-23276

Eaton Intelligent Power Manager (IPM) prior to 1.69 is vulnerable to authenticated SQL injection. A malicious user can send a specially crafted packet to exploit the vulnerability. Successful exploita ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:32 | 阅读：18 | 回复：0
CVE-2021-23277

Eaton Intelligent Power Manager (IPM) prior to 1.69 is vulnerable to unauthenticated eval injection vulnerability. The software does not neutralize code syntax from users before using in the dynamic e ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:32 | 阅读：8 | 回复：0
CVE-2021-23278

Eaton Intelligent Power Manager (IPM) prior to 1.69 is vulnerable to authenticated arbitrary file delete vulnerability induced due to improper input validation at server/maps_srv.js with action remove ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:32 | 阅读：7 | 回复：0
CVE-2021-23279

Eaton Intelligent Power Manager (IPM) prior to 1.69 is vulnerable to unauthenticated arbitrary file delete vulnerability induced due to improper input validation in meta_driver_srv.js class with saveD ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:32 | 阅读：9 | 回复：0
CVE-2021-23280

Eaton Intelligent Power Manager (IPM) prior to 1.69 is vulnerable to authenticated arbitrary file upload vulnerability. IPM’s maps_srv.js allows an attacker to upload a malicious NodeJS file using up ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:32 | 阅读：11 | 回复：0
CVE-2021-23281

Eaton Intelligent Power Manager (IPM) prior to 1.69 is vulnerable to unauthenticated remote code execution vulnerability. IPM software does not sanitize the date provided via coverterCheckList action ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:32 | 阅读：7 | 回复：0
CVE-2021-27598

SAP NetWeaver AS JAVA (Customer Usage Provisioning Servlet), versions - 7.31, 7.40, 7.50, allows an attacker to read some statistical data like product version, traffic, timestamp etc. because of miss ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:32 | 阅读：5 | 回复：0
CVE-2021-27600

SAP Manufacturing Execution (System Rules), versions - 15.1, 15.2, 15.3, 15.4, allows an authorized attacker to embed malicious code into HTTP parameter and send it to the server because SAP Manufactu ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:32 | 阅读：9 | 回复：0
CVE-2021-27601

SAP NetWeaver AS Java (Applications based on HTMLB for Java) allows a basic-level authorized attacker to store a malicious file on the server. When a victim tries to open this file, it results in a Cr ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:32 | 阅读：22 | 回复：0
CVE-2021-27602

SAP Commerce, versions - 1808, 1811, 1905, 2005, 2011, Backoffice application allows certain authorized users to create source rules which are translated to drools rule when published to certain modul ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:32 | 阅读：11 | 回复：0
CVE-2021-27603

An RFC enabled function module SPI_WAIT_MILLIS in SAP NetWeaver AS ABAP, versions - 731, 740, 750, allows to keep a work process busy for any length of time. An attacker could call this function modul ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:32 | 阅读：21 | 回复：0
CVE-2020-11255

Denial of service while processing RTCP packets containing multiple SDES reports due to memory for last SDES packet is freed and rest of the memory is leaked in Snapdragon Auto, Snapdragon Compute, Sn ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:31 | 阅读：9 | 回复：0