CVE漏洞

OGeek|极客世界-中国程序员成长平台 › 门户 › 漏洞›CVE漏洞

RSS

CVE-2021-27214

A Server-side request forgery (SSRF) vulnerability in the ProductConfig servlet in Zoho ManageEngine ADSelfService Plus through 6013 allows a remote unauthenticated attacker to perform blind HTTP requ ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:46 | 阅读：30 | 回复：0
CVE-2021-27328

Yeastar NeoGate TG400 91.3.0.3 devices are affected by Directory Traversal. An authenticated user can decrypt firmware and can read sensitive information, such as a password or decryption key.……

作者：菜鸟教程小白 | 时间：2022-2-5 09:46 | 阅读：21 | 回复：0
CVE-2021-27351

The Terminate Session feature in the Telegram application through 7.2.1 for Android, and through 2.4.7 for Windows and UNIX, fails to invalidate a recently active session.……

作者：菜鸟教程小白 | 时间：2022-2-5 09:46 | 阅读：16 | 回复：0
CVE-2020-35499

A NULL pointer dereference flaw in Linux kernel versions prior to 5.11 may be seen if sco_sock_getsockopt function in net/bluetooth/sco.c do not have a sanity check for a socket connection, when using ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:46 | 阅读：17 | 回复：0
CVE-2021-20587

Heap-based buffer overflow vulnerability in Mitsubishi Electric FA Engineering Software (C Controller module setting and monitoring tool all versions, CPU Module Logging Configuration Tool versions 1. ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:46 | 阅读：10 | 回复：0
CVE-2021-20588

Improper handling of length parameter inconsistency vulnerability in Mitsubishi Electric FA Engineering Software(C Controller module setting and monitoring tool all versions, CPU Module Logging Config ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:46 | 阅读：23 | 回复：0
CVE-2021-26713

A stack-based buffer overflow in res_rtp_asterisk.c in Sangoma Asterisk before 16.16.1, 17.x before 17.9.2, and 18.x before 18.2.1 and Certified Asterisk before 16.8-cert6 allows an authenticated WebR ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:46 | 阅读：51 | 回复：0
CVE-2020-27785

** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2020-29074. Reason: This candidate is a reservation duplicate of CVE-2020-29074. Notes: All CVE users should reference CVE-2020-29074 ins ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:46 | 阅读：45 | 回复：0
CVE-2020-12668

Jinjava before 2.5.4 allow access to arbitrary classes by calling Java methods on objects passed into a Jinjava context. This could allow for abuse of the application class loader, including Arbitrary ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:46 | 阅读：33 | 回复：0
CVE-2020-12873

An issue was discovered in Alfresco Enterprise Content Management (ECM) before 6.2.1. A user with privileges to edit a FreeMarker template (e.g., a webscript) may execute arbitrary Java code or run ar ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:46 | 阅读：24 | 回复：0
CVE-2020-24392

In voloko twitter-stream 0.1.10, missing TLS hostname validation allows an attacker to perform a man-in-the-middle attack against users of the library (because eventmachine is misused).……

作者：菜鸟教程小白 | 时间：2022-2-5 09:46 | 阅读：23 | 回复：0
CVE-2020-24393

TweetStream 2.6.1 uses the library eventmachine in an insecure way that does not have TLS hostname validation. This allows an attacker to perform a man-in-the-middle attack.……

作者：菜鸟教程小白 | 时间：2022-2-5 09:46 | 阅读：20 | 回复：0
CVE-2020-24617

Mailtrain through 1.24.1 allows SQL Injection in statsClickedSubscribersByColumn in lib/models/campaigns.js via /campaigns/clicked/ajax because variable column names are not properly escaped.……

作者：菜鸟教程小白 | 时间：2022-2-5 09:46 | 阅读：33 | 回复：0
CVE-2020-27997

An issue was discovered in SmartStoreNET before 4.1.0. Lack of Cross Site Request Forgery (CSRF) protection may lead to elevation of privileges (e.g., /admin/customer/create to create an admin account ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:46 | 阅读：29 | 回复：0
CVE-2021-27509

In Visualware MyConnection Server before 11.0b build 5382, each published report is not associated with its own access code.……

作者：菜鸟教程小白 | 时间：2022-2-5 09:46 | 阅读：45 | 回复：0
CVE-2021-3189

The slashify package 1.0.0 for Node.js allows open-redirect attacks, as demonstrated by a localhost:3000///example.com/ substring.……

作者：菜鸟教程小白 | 时间：2022-2-5 09:46 | 阅读：28 | 回复：0
CVE-2020-28248

An integer overflow in the PngImg::InitStorage_() function of png-img before 3.1.0 leads to an under-allocation of heap memory and subsequently an exploitable heap-based buffer overflow when loading a ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:46 | 阅读：36 | 回复：0
CVE-2021-26544

Livy server version 0.7.0-incubating (only) is vulnerable to a cross site scripting issue in the session name. A malicious user could use this flaw to access logs and results of other users' sessi ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:46 | 阅读：72 | 回复：0
CVE-2021-26716

Modules/input/Views/schedule.php in Emoncms through 10.2.7 allows XSS via the node parameter.……

作者：菜鸟教程小白 | 时间：2022-2-5 09:46 | 阅读：32 | 回复：0
CVE-2021-27513

The module admin_ITSM in EyesOfNetwork 5.3-10 allows remote authenticated users to upload arbitrary .xml.php files because it relies on le filtre userside.……

作者：菜鸟教程小白 | 时间：2022-2-5 09:46 | 阅读：41 | 回复：0
CVE-2021-27514

EyesOfNetwork 5.3-10 uses an integer of between 8 and 10 digits for the session ID, which might be leveraged for brute-force authentication bypass (such as in CVE-2021-27513 exploitation).……

作者：菜鸟教程小白 | 时间：2022-2-5 09:46 | 阅读：34 | 回复：0
CVE-2021-27515

url-parse before 1.5.0 mishandles certain uses of backslash such as http:\/ and interprets the URI as a relative path.……

作者：菜鸟教程小白 | 时间：2022-2-5 09:46 | 阅读：35 | 回复：0
CVE-2021-27516

URI.js (aka urijs) before 1.19.6 mishandles certain uses of backslash such as http:\/ and interprets the URI as a relative path.……

作者：菜鸟教程小白 | 时间：2022-2-5 09:46 | 阅读：22 | 回复：0
CVE-2021-24115

In Botan before 2.17.3, constant-time computations are not used for certain decoding and encoding operations (base32, base58, base64, and hex).……

作者：菜鸟教程小白 | 时间：2022-2-5 09:46 | 阅读：26 | 回复：0
CVE-2021-26119

Smarty before 3.1.39 allows a Sandbox Escape because $smarty.template_object can be accessed in sandbox mode.……

作者：菜鸟教程小白 | 时间：2022-2-5 09:46 | 阅读：32 | 回复：0
CVE-2021-26120

Smarty before 3.1.39 allows code injection via an unexpected function name after a {function name= substring.……

作者：菜鸟教程小白 | 时间：2022-2-5 09:46 | 阅读：33 | 回复：0
CVE-2021-3149

On Netshield NANO 25 10.2.18 devices, /usr/local/webmin/System/manual_ping.cgi allows OS command injection (after authentication by the attacker) because the system C library function is used unsafely ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:46 | 阅读：47 | 回复：0
CVE-2020-35556

An issue was discovered in Acronis Cyber Protect before 15 Update 1 build 26172. Because the local notification service misconfigures CORS, information disclosure can occur.……

作者：菜鸟教程小白 | 时间：2022-2-5 09:46 | 阅读：30 | 回复：0
CVE-2020-35571

An issue was discovered in MantisBT through 2.24.3. In the helper_ensure_confirmed call in manage_custom_field_update.php, the custom field name is not sanitized. This may be problematic depending on ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:46 | 阅读：23 | 回复：0
CVE-2020-35664

An issue was discovered in Acronis Cyber Protect before 15 Update 1 build 26172. There is cross-site scripting (XSS) in the console.……

作者：菜鸟教程小白 | 时间：2022-2-5 09:46 | 阅读：13 | 回复：0
CVE-2020-35681

Django Channels 3.x before 3.0.3 allows remote attackers to obtain sensitive information from a different request scope. The legacy channels.http.AsgiHandler class, used for handling HTTP type request ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:46 | 阅读：18 | 回复：0
CVE-2021-0399

In qtaguid_untag of xt_qtaguid.c, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User i ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:45 | 阅读：95 | 回复：0
CVE-2021-20265

A flaw was found in the way memory resources were freed in the unix_stream_recvmsg function in the Linux kernel when a signal was pending. This flaw allows an unprivileged local user to crash the syst ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:45 | 阅读：67 | 回复：0
CVE-2021-24025

Due to incorrect string size calculations inside the preg_quote function, a large input string passed to the function can trigger an integer overflow leading to a heap overflow. This issue affects HHV ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:45 | 阅读：57 | 回复：0
CVE-2021-24030

The fbgames protocol handler registered as part of Facebook Gameroom does not properly quote arguments passed to the executable. That allows a malicious URL to cause code execution. This issue affects ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:45 | 阅读：70 | 回复：0
CVE-2021-0379

In getUpTo17bits of pvmp3_getbits.cpp, there is a possible out of bounds read due to a heap buffer overflow. This could lead to remote information disclosure with no additional execution privileges ne ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:45 | 阅读：72 | 回复：0
CVE-2021-0380

In onReceive of DcTracker.java, there is a possible way to trigger a provisioning URL and modify other telephony settings due to a missing permission check. This could lead to local escalation of priv ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:45 | 阅读：62 | 回复：0
CVE-2021-0381

In updateNotifications of DeviceStorageMonitorService.java, there is a possible permission bypass due to an unsafe PendingIntent. This could lead to local information disclosure with User execution pr ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:45 | 阅读：88 | 回复：0
CVE-2021-0382

In checkSlicePermission of SliceManagerService.java, there is a possible resource exposure due to an incorrect permission check. This could lead to local information disclosure with no additional exec ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:45 | 阅读：64 | 回复：0
CVE-2021-0383

In done of CaptivePortalLoginActivity.java, there is a confused deputy. This could lead to local escalation of privilege in carrier settings with no additional execution privileges needed. User intera ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:45 | 阅读：88 | 回复：0