CVE漏洞

OGeek|极客世界-中国程序员成长平台 › 门户 › 漏洞›CVE漏洞

RSS

CVE-2021-1788

A use after free issue was addressed with improved memory management. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, tvOS 14.4, watchOS ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:29 | 阅读：21 | 回复：0
CVE-2021-1789

A type confusion issue was addressed with improved state handling. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, tvOS 14.4, watchOS 7.3 ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:29 | 阅读：18 | 回复：0
CVE-2021-1791

An out-of-bounds read issue existed that led to the disclosure of kernel memory. This was addressed with improved input validation. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:29 | 阅读：15 | 回复：0
CVE-2021-1792

An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, watchOS 7.3, tvOS 14.4 ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:29 | 阅读：17 | 回复：0
CVE-2021-22865

An improper access control vulnerability was identified in GitHub Enterprise Server that allowed access tokens generated from a GitHub App's web authentication flow to read private repository meta ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:29 | 阅读：17 | 回复：0
CVE-2020-11923

An issue was discovered in WiZ Colors A60 1.14.0. API credentials are locally logged.……

作者：菜鸟教程小白 | 时间：2022-2-5 10:29 | 阅读：17 | 回复：0
CVE-2020-11924

An issue was discovered in WiZ Colors A60 1.14.0. Wi-Fi credentials are stored in cleartext in flash memory, which presents an information-disclosure risk for a discarded or resold device.……

作者：菜鸟教程小白 | 时间：2022-2-5 10:29 | 阅读：24 | 回复：0
CVE-2021-1753

An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, iOS 14.4 and iPadOS 14 ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:29 | 阅读：15 | 回复：0
CVE-2021-1761

This issue was addressed with improved checks. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, watchOS 7.3, tvOS 14.4, iOS 14.4 and iPadO ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:29 | 阅读：5 | 回复：0
CVE-2021-1790

An out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave. Processing a maliciou ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:29 | 阅读：8 | 回复：0
CVE-2021-1793

This issue was addressed with improved checks. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, watchOS 7.3, tvOS 14.4, iOS 14.4 and iPadO ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:29 | 阅读：5 | 回复：0
CVE-2021-1794

An out-of-bounds read was addressed with improved input validation. This issue is fixed in iOS 14.4 and iPadOS 14.4. A remote attacker may be able to cause arbitrary code execution.……

作者：菜鸟教程小白 | 时间：2022-2-5 10:29 | 阅读：14 | 回复：0
CVE-2021-1795

An out-of-bounds write was addressed with improved input validation. This issue is fixed in iOS 14.4 and iPadOS 14.4. A remote attacker may be able to cause arbitrary code execution.……

作者：菜鸟教程小白 | 时间：2022-2-5 10:29 | 阅读：10 | 回复：0
CVE-2021-1796

An out-of-bounds write was addressed with improved input validation. This issue is fixed in iOS 14.4 and iPadOS 14.4. A remote attacker may be able to cause arbitrary code execution.……

作者：菜鸟教程小白 | 时间：2022-2-5 10:29 | 阅读：5 | 回复：0
CVE-2021-1797

The issue was addressed with improved permissions logic. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, watchOS 7.3, tvOS 14.4, iOS 14.4 ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:29 | 阅读：6 | 回复：0
CVE-2021-1799

A port redirection issue was addressed with additional port validation. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, tvOS 14.4, watchO ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:29 | 阅读：5 | 回复：0
CVE-2021-1800

A path handling issue was addressed with improved validation. This issue is fixed in Xcode 12.4. A malicious application may be able to access arbitrary files on the host device while running an app t ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:29 | 阅读：12 | 回复：0
CVE-2021-1801

This issue was addressed with improved iframe sandbox enforcement. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, watchOS 7.3, tvOS 14.4 ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:29 | 阅读：19 | 回复：0
CVE-2021-1802

A logic issue was addressed with improved state management. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave. A local attacker may be able ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:29 | 阅读：23 | 回复：0
CVE-2021-1803

The issue was addressed with improved permissions logic. This issue is fixed in macOS Big Sur 11.0.1. A local application may be able to enumerate the user's iCloud documents.……

作者：菜鸟教程小白 | 时间：2022-2-5 10:29 | 阅读：16 | 回复：0
CVE-2021-1805

An out-of-bounds write was addressed with improved input validation. This issue is fixed in macOS Big Sur 11.2.1, macOS Catalina 10.15.7 Supplemental Update, macOS Mojave 10.14.6 Security Update 2021- ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:29 | 阅读：26 | 回复：0
CVE-2021-1806

A race condition was addressed with additional validation. This issue is fixed in macOS Big Sur 11.2.1, macOS Catalina 10.15.7 Supplemental Update, macOS Mojave 10.14.6 Security Update 2021-002. An ap ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:29 | 阅读：21 | 回复：0
CVE-2021-1818

A logic issue was addressed with improved state management. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, watchOS 7.3, tvOS 14.4, iOS 1 ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:29 | 阅读：22 | 回复：0
CVE-2021-1844

A memory corruption issue was addressed with improved validation. This issue is fixed in iOS 14.4.1 and iPadOS 14.4.1, Safari 14.0.3 (v. 14610.4.3.1.7 and 15610.4.3.1.7), watchOS 7.3.2, macOS Big Sur ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:29 | 阅读：14 | 回复：0
CVE-2021-1870

A logic issue was addressed with improved restrictions. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, iOS 14.4 and iPadOS 14.4. A remot ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:29 | 阅读：16 | 回复：0
CVE-2021-1871

A logic issue was addressed with improved restrictions. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, iOS 14.4 and iPadOS 14.4. A remot ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:29 | 阅读：26 | 回复：0
CVE-2021-1879

This issue was addressed by improved management of object lifetimes. This issue is fixed in iOS 12.5.2, iOS 14.4.2 and iPadOS 14.4.2, watchOS 7.3.3. Processing maliciously crafted web content may lead ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:29 | 阅读：21 | 回复：0
CVE-2021-27973

SQL injection exists in Piwigo before 11.4.0 via the language parameter to admin.php?page=languages.……

作者：菜鸟教程小白 | 时间：2022-2-5 10:29 | 阅读：14 | 回复：0
CVE-2021-29660

A Cross-Site Request Forgery (CSRF) vulnerability in en/cfg_setpwd.html in Softing AG OPC Toolbox through 4.10.1.13035 allows attackers to reset the administrative password by inducing the Administrat ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:29 | 阅读：12 | 回复：0
CVE-2021-29661

Softing AG OPC Toolbox through 4.10.1.13035 allows /en/diag_values.html Stored XSS via the ITEMLISTVALUES##ITEMID parameter, resulting in JavaScript payload injection into the trace file. This payload ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:29 | 阅读：20 | 回复：0
CVE-2021-3374

Directory traversal in RStudio Shiny Server before 1.5.16 allows attackers to read the application source code, involving an encoded slash.……

作者：菜鸟教程小白 | 时间：2022-2-5 10:29 | 阅读：24 | 回复：0
CVE-2020-21585

Vulnerability in emlog v6.0.0 allows user to upload webshells via zip plugin module.……

作者：菜鸟教程小白 | 时间：2022-2-5 10:29 | 阅读：14 | 回复：0
CVE-2020-21588

Buffer overflow in Core FTP LE v2.2 allows local attackers to cause a denial or service (crash) via a long string in the Setup-Users-Username editbox.……

作者：菜鸟教程小白 | 时间：2022-2-5 10:29 | 阅读：15 | 回复：0
CVE-2020-21590

Directory traversal in coreframe/app/template/admin/index.php in WUZHI CMS 4.1.0 allows attackers to list files in arbitrary directories via the dir parameter.……

作者：菜鸟教程小白 | 时间：2022-2-5 10:29 | 阅读：15 | 回复：0
CVE-2021-28940

Because of a incorrect escaped exec command in MagpieRSS in 0.72 in the /extlib/Snoopy.class.inc file, it is possible to add a extra command to the curl binary. This creates an issue on the /scripts/m ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:29 | 阅读：25 | 回复：0
CVE-2021-28941

Because of no validation on a curl command in MagpieRSS 0.72 in the /extlib/Snoopy.class.inc file, when you send a request to the /scripts/magpie_debug.php or /scripts/magpie_simple.php page, it's ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:29 | 阅读：13 | 回复：0
CVE-2021-30072

An issue was discovered in prog.cgi on D-Link DIR-878 1.30B08 devices. Because strcat is misused, there is a stack-based buffer overflow that does not require authentication.……

作者：菜鸟教程小白 | 时间：2022-2-5 10:29 | 阅读：11 | 回复：0
CVE-2021-30125

Jamf Pro before 10.28.0 allows XSS related to inventory history, aka PI-009376.……

作者：菜鸟教程小白 | 时间：2022-2-5 10:29 | 阅读：15 | 回复：0
CVE-2021-30126

Lightmeter ControlCenter 1.1.0 through 1.5.x before 1.5.1 allows anyone who knows the URL of a publicly available Lightmeter instance to access application settings, possibly including an SMTP passwor ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:29 | 阅读：11 | 回复：0
CVE-2020-27600

HNAP1/control/SetMasterWLanSettings.php in D-Link D-Link Router DIR-846 DIR-846 A1_100.26 allows remote attackers to execute arbitrary commands via shell metacharacters in the ssid0 or ssid1 parameter ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:29 | 阅读：18 | 回复：0