CVE漏洞

OGeek|极客世界-中国程序员成长平台 › 门户 › 漏洞›CVE漏洞

RSS

CVE-2021-1434

A vulnerability in the CLI of Cisco IOS XE SD-WAN Software could allow an authenticated, local attacker to overwrite arbitrary files in the underlying file system. This vulnerability is due to insuffi ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:53 | 阅读：29 | 回复：0
CVE-2021-1435

A vulnerability in the web UI of Cisco IOS XE Software could allow an authenticated, remote attacker to inject arbitrary commands that can be executed as the root user. This vulnerability is due to in ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:53 | 阅读：27 | 回复：0
CVE-2021-1436

A vulnerability in the CLI of Cisco IOS XE SD-WAN Software could allow an authenticated, local attacker to conduct path traversal attacks and obtain read access to sensitive files on an affected syste ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:53 | 阅读：19 | 回复：0
CVE-2021-1437

A vulnerability in the FlexConnect Upgrade feature of Cisco Aironet Series Access Points Software could allow an unauthenticated, remote attacker to obtain confidential information from an affected de ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:53 | 阅读：23 | 回复：0
CVE-2021-1439

A vulnerability in the multicast DNS (mDNS) gateway feature of Cisco Aironet Series Access Points Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) conditio ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:53 | 阅读：22 | 回复：0
CVE-2021-1441

A vulnerability in the hardware initialization routines of Cisco IOS XE Software for Cisco 1100 Series Industrial Integrated Services Routers and Cisco ESR6300 Embedded Series Routers could allow an a ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:53 | 阅读：30 | 回复：0
CVE-2021-1442

A vulnerability in a diagnostic command for the Plug-and-Play (PnP) subsystem of Cisco IOS XE Software could allow an authenticated, local attacker to elevate privileges to the level of an Administrat ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:53 | 阅读：36 | 回复：0
CVE-2021-1443

A vulnerability in the web UI of Cisco IOS XE Software could allow an authenticated, remote attacker to execute arbitrary code with root privileges on the underlying operating system of an affected de ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:53 | 阅读：12 | 回复：0
CVE-2021-1446

A vulnerability in the DNS application layer gateway (ALG) functionality used by Network Address Translation (NAT) in Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:53 | 阅读：20 | 回复：0
CVE-2021-1449

A vulnerability in the boot logic of Cisco Access Points Software could allow an authenticated, local attacker to execute unsigned code at boot time. The vulnerability is due to an improper check that ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:53 | 阅读：17 | 回复：0
CVE-2021-1451

A vulnerability in the Easy Virtual Switching System (VSS) feature of Cisco IOS XE Software for Cisco Catalyst 4500 Series Switches and Cisco Catalyst 4500-X Series Switches could allow an unauthentic ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:53 | 阅读：22 | 回复：0
CVE-2021-1452

A vulnerability in the ROM Monitor (ROMMON) of Cisco IOS XE Software for Cisco Catalyst IE3200, IE3300, and IE3400 Rugged Series Switches, Cisco Catalyst IE3400 Heavy Duty Series Switches, and Cisco E ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:53 | 阅读：20 | 回复：0
CVE-2021-1453

A vulnerability in the software image verification functionality of Cisco IOS XE Software for the Cisco Catalyst 9000 Family of switches could allow an unauthenticated, physical attacker to execute un ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:53 | 阅读：15 | 回复：0
CVE-2021-1454

Multiple vulnerabilities in the CLI of Cisco IOS XE SD-WAN Software could allow an authenticated, local attacker to access the underlying operating system with root privileges. These vulnerabilities a ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:53 | 阅读：15 | 回复：0
CVE-2021-1460

A vulnerability in the Cisco IOx Application Framework of Cisco 809 Industrial Integrated Services Routers (Industrial ISRs), Cisco 829 Industrial ISRs, Cisco CGR 1000 Compute Module, and Cisco IC3000 ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:53 | 阅读：14 | 回复：0
CVE-2021-1469

Multiple vulnerabilities in Cisco Jabber for Windows, Cisco Jabber for MacOS, and Cisco Jabber for mobile platforms could allow an attacker to execute arbitrary programs on the underlying operating sy ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:53 | 阅读：24 | 回复：0
CVE-2021-1471

Multiple vulnerabilities in Cisco Jabber for Windows, Cisco Jabber for MacOS, and Cisco Jabber for mobile platforms could allow an attacker to execute arbitrary programs on the underlying operating sy ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:53 | 阅读：23 | 回复：0
CVE-2020-26279

go-ipfs is an open-source golang implementation of IPFS which is a global, versioned, peer-to-peer filesystem. In go-ipfs before version 0.8.0-rc1, it is possible for path traversal to occur with DAGs ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:53 | 阅读：18 | 回复：0
CVE-2020-26283

go-ipfs is an open-source golang implementation of IPFS which is a global, versioned, peer-to-peer filesystem. In go-ipfs before version 0.8.0, control characters are not escaped from console output. ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:53 | 阅读：18 | 回复：0
CVE-2020-7853

An outbound read/write vulnerability exists in XPLATFORM that does not check offset input ranges, allowing out-of-range data to be read. An attacker can exploit arbitrary code execution.……

作者：菜鸟教程小白 | 时间：2022-2-5 09:53 | 阅读：17 | 回复：0
CVE-2021-1220

Multiple vulnerabilities in the web UI of Cisco IOS XE Software could allow an authenticated, remote attacker with read-only privileges to cause the web UI software to become unresponsive and consume ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:53 | 阅读：16 | 回复：0
CVE-2021-1281

A vulnerability in CLI management in Cisco IOS XE SD-WAN Software could allow an authenticated, local attacker to access the underlying operating system as the root user. This vulnerability is due to ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:53 | 阅读：25 | 回复：0
CVE-2021-1352

A vulnerability in the DECnet Phase IV and DECnet/OSI protocol processing of Cisco IOS XE Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on an ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:53 | 阅读：27 | 回复：0
CVE-2021-1356

Multiple vulnerabilities in the web UI of Cisco IOS XE Software could allow an authenticated, remote attacker with read-only privileges to cause the web UI software to become unresponsive and consume ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:53 | 阅读：24 | 回复：0
CVE-2021-1371

A vulnerability in the role-based access control of Cisco IOS XE SD-WAN Software could allow an authenticated, local attacker with read-only privileges to obtain administrative privileges by using the ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:53 | 阅读：23 | 回复：0
CVE-2021-1373

A vulnerability in the Control and Provisioning of Wireless Access Points (CAPWAP) protocol processing of Cisco IOS XE Wireless Controller Software for the Cisco Catalyst 9000 Family Wireless Controll ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:53 | 阅读：20 | 回复：0
CVE-2021-1374

A vulnerability in the web-based management interface of Cisco IOS XE Wireless Controller software for the Catalyst 9000 Family of switches could allow an authenticated, remote attacker to conduct a c ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:53 | 阅读：28 | 回复：0
CVE-2021-1375

Multiple vulnerabilities in the fast reload feature of Cisco IOS XE Software running on Cisco Catalyst 3850, Cisco Catalyst 9300, and Cisco Catalyst 9300L Series Switches could allow an authenticated, ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:53 | 阅读：30 | 回复：0
CVE-2021-1376

Multiple vulnerabilities in the fast reload feature of Cisco IOS XE Software running on Cisco Catalyst 3850, Cisco Catalyst 9300, and Cisco Catalyst 9300L Series Switches could allow an authenticated, ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:53 | 阅读：36 | 回复：0
CVE-2021-1381

A vulnerability in Cisco IOS XE Software could allow an authenticated, local attacker with high privileges or an unauthenticated attacker with physical access to the device to open a debugging console ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:53 | 阅读：20 | 回复：0
CVE-2021-1411

Multiple vulnerabilities in Cisco Jabber for Windows, Cisco Jabber for MacOS, and Cisco Jabber for mobile platforms could allow an attacker to execute arbitrary programs on the underlying operating sy ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:53 | 阅读：24 | 回复：0
CVE-2021-1417

Multiple vulnerabilities in Cisco Jabber for Windows, Cisco Jabber for MacOS, and Cisco Jabber for mobile platforms could allow an attacker to execute arbitrary programs on the underlying operating sy ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:53 | 阅读：29 | 回复：0
CVE-2021-1418

Multiple vulnerabilities in Cisco Jabber for Windows, Cisco Jabber for MacOS, and Cisco Jabber for mobile platforms could allow an attacker to execute arbitrary programs on the underlying operating sy ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:53 | 阅读：25 | 回复：0
CVE-2021-1423

A vulnerability in the implementation of a CLI command in Cisco Aironet Access Points (AP) could allow an authenticated, local attacker to overwrite files in the flash memory of the device. This vulne ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:53 | 阅读：34 | 回复：0
CVE-2021-21385

Mifos-Mobile Android Application for MifosX is an Android Application built on top of the MifosX Self-Service platform. Mifos-Mobile before commit e505f62 disables HTTPS hostname verification of its H ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:53 | 阅读：32 | 回复：0
CVE-2021-21386

APKLeaks is an open-source project for scanning APK file for URIs, endpoints secrets. APKLeaks prior to v2.0.3 allows remote attackers to execute arbitrary OS commands via package name inside applica ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:53 | 阅读：21 | 回复：0
CVE-2020-7852

DaviewIndy has a Heap-based overflow vulnerability, triggered when the user opens a malformed ex.j2c format file that is mishandled by Daview.exe. Attackers could exploit this and arbitrary code execu ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:53 | 阅读：28 | 回复：0
CVE-2021-20679

Fuji Xerox multifunction devices and printers (DocuCentre-VII C7773/C6673/C5573/C4473/C3373/C3372/C2273, DocuCentre-VII C7788/C6688/C5588, ApeosPort-VII C7773/C6673/C5573/C4473/C3373/C3372 C2273, Apeo ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:53 | 阅读：64 | 回复：0
CVE-2021-26715

The OpenID Connect server implementation for MITREid Connect through 1.3.3 contains a Server Side Request Forgery (SSRF) vulnerability. The vulnerability arises due to unsafe usage of the logo_uri par ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:53 | 阅读：25 | 回复：0
CVE-2021-29156

ForgeRock OpenAM before 13.5.1 allows LDAP injection via the Webfinger protocol. For example, an unauthenticated attacker can perform character-by-character retrieval of password hashes, or retrieve a ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:53 | 阅读：31 | 回复：0