CVE漏洞

OGeek|极客世界-中国程序员成长平台 › 门户 › 漏洞›CVE漏洞

RSS

CVE-2021-26932

An issue was discovered in the Linux kernel 3.2 through 5.10.16, as used by Xen. Grant mapping operations often occur in batch hypercalls, where a number of operations are done in a single hypercall, ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:44 | 阅读：89 | 回复：0
CVE-2021-26933

An issue was discovered in Xen 4.9 through 4.14.x. On Arm, a guest is allowed to control whether memory accesses are bypassing the cache. This means that Xen needs to ensure that all writes (such as t ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:44 | 阅读：88 | 回复：0
CVE-2021-26934

An issue was discovered in the Linux kernel 4.18 through 5.10.16, as used by Xen. The backend allocation (aka be-alloc) mode of the drm_xen_front drivers was not meant to be a supported configuration, ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:44 | 阅读：26 | 回复：0
CVE-2021-20653

Calsos CSDJ (CSDJ-B 01.08.00 and earlier, CSDJ-H 01.08.00 and earlier, CSDJ-D 01.08.00 and earlier, and CSDJ-A 03.08.00 and earlier) allows remote attackers to bypass access restriction and to obtain ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:44 | 阅读：19 | 回复：0
CVE-2021-20655

FileZen (V3.0.0 to V4.2.7 and V5.0.0 to V5.0.2) allows a remote attacker with administrator rights to execute arbitrary OS commands via unspecified vectors.……

作者：菜鸟教程小白 | 时间：2022-2-5 09:44 | 阅读：15 | 回复：0
CVE-2020-2501

A stack-based buffer overflow vulnerability has been reported to affect QNAP NAS devices running Surveillance Station. If exploited, this vulnerability allows attackers to execute arbitrary code. QNAP ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:44 | 阅读：18 | 回复：0
CVE-2020-2502

This cross-site scripting vulnerability in Photo Station allows remote attackers to inject malicious code. QANP We have already fixed this vulnerability in the following versions of Photo Station. Pho ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:44 | 阅读：34 | 回复：0
CVE-2021-23339

This affects all versions before 10.1.14 and from 10.2.0 to 10.2.4 of package com.typesafe.akka:akka-http-core. It allows multiple Transfer-Encoding headers.……

作者：菜鸟教程小白 | 时间：2022-2-5 09:44 | 阅读：32 | 回复：0
CVE-2021-23885

Privilege escalation vulnerability in McAfee Web Gateway (MWG) prior to 9.2.8 allows an authenticated user to gain elevated privileges through the User Interface and execute commands on the appliance ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:44 | 阅读：17 | 回复：0
CVE-2021-22856

The CGE property management system contains SQL Injection vulnerabilities. Remote attackers can inject SQL commands into the parameters in Cookie and obtain data in the database without privilege.……

作者：菜鸟教程小白 | 时间：2022-2-5 09:44 | 阅读：23 | 回复：0
CVE-2021-22857

The CGE page with download function contains a Directory Traversal vulnerability. Attackers can use this loophole to download system files arbitrarily.……

作者：菜鸟教程小白 | 时间：2022-2-5 09:44 | 阅读：32 | 回复：0
CVE-2021-22858

Attackers can access the CGE account management function without privilege for permission elevation and execute arbitrary commands or files after obtaining user permissions.……

作者：菜鸟教程小白 | 时间：2022-2-5 09:44 | 阅读：17 | 回复：0
CVE-2021-22553

Any git operation is passed through Jetty and a session is created. No expiry is set for the session and Jetty does not automatically dispose of the session. Over multiple git actions, this can lead t ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:44 | 阅读：17 | 回复：0
CVE-2020-0518

Improper access control in the Intel(R) HD Graphics Control Panel before version 15.40.46.5144 and 15.36.39.5143 may allow an authenticated user to potentially enable denial of service via local acces ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:44 | 阅读：21 | 回复：0
CVE-2020-0521

Insufficient control flow management in some Intel(R) Graphics Drivers before version 15.45.32.5145 may allow an authenticated user to potentially enable escalation of privilege via local access.……

作者：菜鸟教程小白 | 时间：2022-2-5 09:44 | 阅读：21 | 回复：0
CVE-2020-0522

Improper initialization in the firmware for the Intel(R) Ethernet I210 Controller series of network adapters before version 3.30 may allow a privileged user to potentially enable denial of service via ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:44 | 阅读：31 | 回复：0
CVE-2020-0523

Improper access control in the firmware for the Intel(R) Ethernet I210 Controller series of network adapters before version 3.30 may potentially allow a privileged user to enable a denial of service v ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:44 | 阅读：18 | 回复：0
CVE-2020-0524

Improper default permissions in the firmware for the Intel(R) Ethernet I210 Controller series of network adapters before version 3.30 may allow an authenticated user to potentially enable denial of se ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:44 | 阅读：15 | 回复：0
CVE-2020-0525

Improper access control in firmware for the Intel(R) Ethernet I210 Controller series of network adapters before version 3.30 may allow a privileged user to potentially enable denial of service via loc ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:44 | 阅读：32 | 回复：0
CVE-2020-0544

Insufficient control flow management in the kernel mode driver for some Intel(R) Graphics Drivers before version 15.36.39.5145 may allow an authenticated user to potentially enable escalation of privi ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:44 | 阅读：25 | 回复：0
CVE-2020-12339

Insufficient control flow management in the API for the Intel(R) Collaboration Suite for WebRTC before version 4.3.1 may allow an authenticated user to potentially enable escalation of privilege via n ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:44 | 阅读：32 | 回复：0
CVE-2020-12361

Use after free in some Intel(R) Graphics Drivers before version 15.33.51.5146 may allow an authenticated user to potentially enable denial of service via local access.……

作者：菜鸟教程小白 | 时间：2022-2-5 09:44 | 阅读：41 | 回复：0
CVE-2020-12362

Integer overflow in the firmware for some Intel(R) Graphics Drivers for Windows * before version 26.20.100.7212 and before Linux kernel version 5.5 may allow a privileged user to potentially enable an ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:44 | 阅读：24 | 回复：0
CVE-2020-12363

Improper input validation in some Intel(R) Graphics Drivers for Windows* before version 26.20.100.7212 and before Linux kernel version 5.5 may allow a privileged user to potentially enable a denial of ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:44 | 阅读：27 | 回复：0
CVE-2020-12364

Null pointer reference in some Intel(R) Graphics Drivers for Windows* before version 26.20.100.7212 and before version Linux kernel version 5.5 may allow a privileged user to potentially enable a deni ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:44 | 阅读：29 | 回复：0
CVE-2020-12366

Insufficient input validation in some Intel(R) Graphics Drivers before version 27.20.100.8587 may allow a privileged user to potentially enable an escalation of privilege via local access.……

作者：菜鸟教程小白 | 时间：2022-2-5 09:44 | 阅读：34 | 回复：0
CVE-2020-12367

Integer overflow in some Intel(R) Graphics Drivers before version 26.20.100.8476 may allow a privileged user to potentially enable an escalation of privilege via local access.……

作者：菜鸟教程小白 | 时间：2022-2-5 09:44 | 阅读：23 | 回复：0
CVE-2020-12368

Integer overflow in some Intel(R) Graphics Drivers before version 26.20.100.8141 may allow a privileged user to potentially enable an escalation of privilege via local access.……

作者：菜鸟教程小白 | 时间：2022-2-5 09:44 | 阅读：21 | 回复：0
CVE-2020-12369

Out of bound write in some Intel(R) Graphics Drivers before version 26.20.100.8336 may allow a privileged user to potentially enable escalation of privilege via local access.……

作者：菜鸟教程小白 | 时间：2022-2-5 09:44 | 阅读：15 | 回复：0
CVE-2020-12370

Untrusted pointer dereference in some Intel(R) Graphics Drivers before version 26.20.100.8141 may allow a privileged user to potentially enable a denial of service via local access.……

作者：菜鸟教程小白 | 时间：2022-2-5 09:44 | 阅读：23 | 回复：0
CVE-2020-12371

Divide by zero in some Intel(R) Graphics Drivers before version 26.20.100.8141 may allow a privileged user to potentially enable a denial of service via local access.……

作者：菜鸟教程小白 | 时间：2022-2-5 09:44 | 阅读：27 | 回复：0
CVE-2020-12372

Unchecked return value in some Intel(R) Graphics Drivers before version 26.20.100.8141 may allow a privileged user to potentially enable a denial of service via local access.……

作者：菜鸟教程小白 | 时间：2022-2-5 09:44 | 阅读：26 | 回复：0
CVE-2020-12373

Expired pointer dereference in some Intel(R) Graphics Drivers before version 26.20.100.8141 may allow a privileged user to potentially enable a denial of service via local access.……

作者：菜鸟教程小白 | 时间：2022-2-5 09:44 | 阅读：23 | 回复：0
CVE-2021-27365

An issue was discovered in the Linux kernel through 5.11.3. Certain iSCSI data structures do not have appropriate length constraints or checks, and can exceed the PAGE_SIZE value. An unprivileged user ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:43 | 阅读：45 | 回复：0
CVE-2020-28466

This affects all versions of package github.com/nats-io/nats-server/server. Untrusted accounts are able to crash the server using configs that represent a service export/import cycles. Disclaimer from ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:43 | 阅读：41 | 回复：0
CVE-2009-20001

An issue was discovered in MantisBT before 2.24.5. It associates a unique cookie string with each user. This string is not reset upon logout (i.e., the user session is still considered valid and activ ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:43 | 阅读：40 | 回复：0
CVE-2021-23351

The package github.com/pires/go-proxyproto before 0.5.0 are vulnerable to Denial of Service (DoS) via the parseVersion1() function. The reader in this package is a default bufio.Reader wrapping a net. ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:43 | 阅读：80 | 回复：0
CVE-2021-26788

Oryx Embedded CycloneTCP 1.7.6 to 2.0.0, fixed in 2.0.2, is affected by incorrect input validation, which may cause a denial of service (DoS). To exploit the vulnerability, an attacker needs to have T ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:43 | 阅读：46 | 回复：0
CVE-2020-23967

Dr.Web Security Space versions 11 and 12 allow elevation of privilege for local users without administrative privileges to NT AUTHORITY\SYSTEM due to insufficient control during autoupdate.……

作者：菜鸟教程小白 | 时间：2022-2-5 09:43 | 阅读：48 | 回复：0
CVE-2021-27222

In the Time in Status app before 4.13.0 for Jira, remote authenticated attackers can cause Stored XSS.……

作者：菜鸟教程小白 | 时间：2022-2-5 09:43 | 阅读：32 | 回复：0