CVE漏洞

OGeek|极客世界-中国程序员成长平台 › 门户 › 漏洞›CVE漏洞

RSS

CVE-2018-11005

A Memory Leak issue was discovered in K7Computing K7AntiVirus Premium 15.01.00.53.……

作者：菜鸟教程小白 | 时间：2022-2-5 09:39 | 阅读：40 | 回复：0
CVE-2018-11006

An Incorrect Access Control issue was discovered in K7Computing K7AntiVirus Premium 15.01.00.53.……

作者：菜鸟教程小白 | 时间：2022-2-5 09:39 | 阅读：35 | 回复：0
CVE-2018-11007

A Memory Leak issue was discovered in K7Computing K7AntiVirus Premium 15.01.00.53.……

作者：菜鸟教程小白 | 时间：2022-2-5 09:39 | 阅读：47 | 回复：0
CVE-2018-11008

An Incorrect Access Control issue was discovered in K7Computing K7AntiVirus Premium 15.01.00.53.……

作者：菜鸟教程小白 | 时间：2022-2-5 09:39 | 阅读：46 | 回复：0
CVE-2018-11009

A Buffer Overflow issue was discovered in K7Computing K7AntiVirus Premium 15.01.00.53.……

作者：菜鸟教程小白 | 时间：2022-2-5 09:39 | 阅读：38 | 回复：0
CVE-2018-11010

A Buffer Overflow issue was discovered in K7Computing K7AntiVirus Premium 15.01.00.53.……

作者：菜鸟教程小白 | 时间：2022-2-5 09:39 | 阅读：43 | 回复：0
CVE-2018-11246

K7TSMngr.exe in K7Computing K7AntiVirus Premium 15.1.0.53 has a Memory Leak.……

作者：菜鸟教程小白 | 时间：2022-2-5 09:39 | 阅读：51 | 回复：0
CVE-2018-8044

K7Computing Pvt Ltd K7Antivirus Premium 15.1.0.53 is affected by: Incorrect Access Control. The impact is: Local Process Execution (local). The component is: K7Sentry.sys.……

作者：菜鸟教程小白 | 时间：2022-2-5 09:39 | 阅读：51 | 回复：0
CVE-2018-8724

K7Computing Pvt Ltd K7AntiVirus Premium 15.1.0.53 is affected by: Incorrect Access Control. The impact is: gain privileges (local). The component is: K7TSMngr.exe.……

作者：菜鸟教程小白 | 时间：2022-2-5 09:39 | 阅读：47 | 回复：0
CVE-2018-8725

K7Computing Pvt Ltd K7AntiVirus Premium 15.01.00.53 is affected by: Buffer Overflow. The impact is: execute arbitrary code (local). The component is: K7TSMngr.exe.……

作者：菜鸟教程小白 | 时间：2022-2-5 09:39 | 阅读：49 | 回复：0
CVE-2018-8726

K7Computing Pvt Ltd K7Antivirus Premium 15.1.0.53 is affected by: Buffer Overflow. The impact is: execute arbitrary code (local). The component is: K7TSMngr.exe.……

作者：菜鸟教程小白 | 时间：2022-2-5 09:39 | 阅读：39 | 回复：0
CVE-2018-9332

K7Computing Pvt Ltd K7AntiVirus Premium 15.01.00.53 is affected by: Incorrect Access Control. The impact is: gain privileges (local).……

作者：菜鸟教程小白 | 时间：2022-2-5 09:39 | 阅读：47 | 回复：0
CVE-2018-9333

K7Computing Pvt Ltd K7AntiVirus Premium 15.1.0.53 is affected by: Buffer Overflow. The impact is: execute arbitrary code (local). The component is: K7TSMngr.exe.……

作者：菜鸟教程小白 | 时间：2022-2-5 09:39 | 阅读：57 | 回复：0
CVE-2019-3405

In the 3.1.3.64296 and lower version of 360F5, the third party can trigger the device to send a deauth frame by constructing and sending a specific illegal 802.11 Null Data Frame, which will cause oth ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:39 | 阅读：39 | 回复：0
CVE-2020-17534

There exists a race condition between the deletion of the temporary file and the creation of the temporary directory in `webkit` subproject of HTML/Java API version 1.7. A similar vulnerability has re ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:39 | 阅读：56 | 回复：0
CVE-2020-23960

Multiple cross-site request forgery (CSRF) vulnerabilities in the Admin Console in Fork before 5.8.3 allows remote attackers to perform unauthorized actions as administrator to (1) approve the mass of ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:39 | 阅读：58 | 回复：0
CVE-2020-24003

Microsoft Skype through 8.59.0.77 on macOS has the disable-library-validation entitlement, which allows a local process (with the user's privileges) to obtain unprompted microphone and camera acce ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:39 | 阅读：61 | 回复：0
CVE-2020-25659

python-cryptography 3.2 is vulnerable to Bleichenbacher timing attacks in the RSA decryption API, via timed processing of valid PKCS#1 v1.5 ciphertext.……

作者：菜鸟教程小白 | 时间：2022-2-5 09:39 | 阅读：47 | 回复：0
CVE-2020-27275

Delta Electronics DOPSoft Version 4.0.8.21 and prior is vulnerable to an out-of-bounds write while processing project files, which may allow an attacker to execute arbitrary code.……

作者：菜鸟教程小白 | 时间：2022-2-5 09:39 | 阅读：52 | 回复：0
CVE-2020-27277

Delta Electronics DOPSoft Version 4.0.8.21 and prior has a null pointer dereference issue while processing project files, which may allow an attacker to execute arbitrary code.……

作者：菜鸟教程小白 | 时间：2022-2-5 09:39 | 阅读：60 | 回复：0
CVE-2020-27281

A stack-based buffer overflow may exist in Delta Electronics CNCSoft ScreenEditor versions 1.01.26 and prior when processing specially crafted project files, which may allow an attacker to execute arb ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:39 | 阅读：64 | 回复：0
CVE-2020-27287

Delta Electronics CNCSoft-B Versions 1.0.0.2 and prior is vulnerable to an out-of-bounds write while processing project files, which may allow an attacker to execute arbitrary code.……

作者：菜鸟教程小白 | 时间：2022-2-5 09:39 | 阅读：49 | 回复：0
CVE-2020-27289

Delta Electronics CNCSoft-B Versions 1.0.0.2 and prior has a null pointer dereference issue while processing project files, which may allow an attacker to execute arbitrary code.……

作者：菜鸟教程小白 | 时间：2022-2-5 09:39 | 阅读：67 | 回复：0
CVE-2020-27291

Delta Electronics CNCSoft-B Versions 1.0.0.2 and prior is vulnerable to an out-of-bounds read while processing project files, which may allow an attacker to execute arbitrary code.……

作者：菜鸟教程小白 | 时间：2022-2-5 09:39 | 阅读：42 | 回复：0
CVE-2020-27293

Delta Electronics CNCSoft-B Versions 1.0.0.2 and prior has a type confusion issue while processing project files, which may allow an attacker to execute arbitrary code.……

作者：菜鸟教程小白 | 时间：2022-2-5 09:39 | 阅读：43 | 回复：0
CVE-2020-35701

An issue was discovered in Cacti 1.2.x through 1.2.16. A SQL injection vulnerability in data_debug.php allows remote authenticated attackers to execute arbitrary SQL commands via the site_id parameter ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:39 | 阅读：35 | 回复：0
CVE-2021-23253

Opera Mini for Android below 53.1 displays URL left-aligned in the address field. This allows a malicious attacker to craft a URL with a long domain name, e.g. www.safe.opera.com.attacker.com. With th ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:39 | 阅读：44 | 回复：0
CVE-2020-4869

IBM MQ Appliance 9.2 CD and 9.2 LTS is vulnerable to a denial of service, caused by a buffer overflow. A remote attacker could send a specially crafted SNMP query to cause the appliance to reload. IBM ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:39 | 阅读：45 | 回复：0
CVE-2020-13559

A denial-of-service vulnerability exists in the traffic-logging functionality of FreyrSCADA IEC-60879-5-104 Server Simulator 21.04.028. A specially crafted packet can lead to denial of service. An att ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:39 | 阅读：71 | 回复：0
CVE-2020-24025

Certificate validation in node-sass 2.0.0 to 4.14.1 is disabled when requesting binaries even if the user is not specifying an alternative download path.……

作者：菜鸟教程小白 | 时间：2022-2-5 09:39 | 阅读：32 | 回复：0
CVE-2020-26298

Redcarpet is a Ruby library for Markdown processing. In Redcarpet before version 3.5.1, there is an injection vulnerability which can enable a cross-site scripting attack. In affected versions no HTML ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:39 | 阅读：44 | 回复：0
CVE-2020-23631

Cross-site request forgery (CSRF) in admin/global/manage.php in WDJA CMS 1.5 allows remote attackers to conduct cross-site scripting (XSS) attacks via the tongji parameter.……

作者：菜鸟教程小白 | 时间：2022-2-5 09:39 | 阅读：59 | 回复：0
CVE-2020-24027

In Live Networks, Inc., liblivemedia version 20200625, there is a potential buffer overflow bug in the server handling of a RTSP PLAY command, when the command specifies seeking by absolute time.……

作者：菜鸟教程小白 | 时间：2022-2-5 09:39 | 阅读：44 | 回复：0
CVE-2020-27059

In onAuthenticated of AuthenticationClient.java, there is a possible tapjacking attack when requesting the user's fingerprint due to an overlaid window. This could lead to local escalation of priv ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:39 | 阅读：40 | 回复：0
CVE-2021-0342

In tun_get_user of tun.c, there is possible memory corruption due to a use after free. This could lead to local escalation of privilege with System execution privileges required. User interaction is n ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:39 | 阅读：43 | 回复：0
CVE-2021-21241

The Python Flask-Security-Too package is used for adding security features to your Flask application. It is an is a independently maintained version of Flask-Security based on the 3.0.0 version of Fla ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:39 | 阅读：40 | 回复：0
CVE-2020-0471

In reassemble_and_dispatch of packet_fragmenter.cc, there is a possible way to inject packets into an encrypted Bluetooth connection due to improper input validation. This could lead to remote escalat ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:39 | 阅读：55 | 回复：0
CVE-2021-0301

In ged, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:39 | 阅读：51 | 回复：0
CVE-2021-0303

In dispatchGraphTerminationMessage() of packages/services/Car/computepipe/runner/graph/StreamSetObserver.cpp, there is a possible use after free due to a race condition. This could lead to local escal ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:39 | 阅读：42 | 回复：0
CVE-2021-0304

In several functions of GlobalScreenshot.java, there is a possible permission bypass due to an unsafe PendingIntent. This could lead to local information disclosure of the user's contacts with Use ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:39 | 阅读：36 | 回复：0