CVE漏洞

OGeek|极客世界-中国程序员成长平台 › 门户 › 漏洞›CVE漏洞

RSS

CVE-2021-25837

Cosmos Network Ethermint = v0.4.0 is affected by cache lifecycle inconsistency in the EVM module. Due to the inconsistency between the Storage caching cycle and the Tx processing cycle, Storage change ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:38 | 阅读：46 | 回复：0
CVE-2020-7782

This affects all versions of package spritesheet-js. It depends on a vulnerable package platform-command. The injection point is located in line 32 in lib/generator.js, which is triggered by main entr ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:38 | 阅读：46 | 回复：0
CVE-2020-7785

This affects all versions of package node-ps. The injection point is located in line 72 in lib/index.js.……

作者：菜鸟教程小白 | 时间：2022-2-5 09:38 | 阅读：29 | 回复：0
CVE-2020-7786

This affects all versions of package macfromip. The injection point is located in line 66 in macfromip.js.……

作者：菜鸟教程小白 | 时间：2022-2-5 09:38 | 阅读：60 | 回复：0
CVE-2021-25168

The Baseboard Management Controller (BMC) firmware in HPE Apollo 70 System prior to version 3.0.14.0 has a local buffer overflow in libifc.so webupdatecomponent function.……

作者：菜鸟教程小白 | 时间：2022-2-5 09:38 | 阅读：58 | 回复：0
CVE-2021-25169

The Baseboard Management Controller (BMC) firmware in HPE Apollo 70 System prior to version 3.0.14.0 has a local buffer overflow in libifc.so websetservicecfg function.……

作者：菜鸟教程小白 | 时间：2022-2-5 09:38 | 阅读：44 | 回复：0
CVE-2021-25170

The Baseboard Management Controller (BMC) firmware in HPE Apollo 70 System prior to version 3.0.14.0 has a local buffer overflow in libifc.so websetremoteimageinfo function.……

作者：菜鸟教程小白 | 时间：2022-2-5 09:38 | 阅读：49 | 回复：0
CVE-2021-25171

The Baseboard Management Controller (BMC) firmware in HPE Apollo 70 System prior to version 3.0.14.0 has a local buffer overflow in libifc.so websetlicensecfg function.……

作者：菜鸟教程小白 | 时间：2022-2-5 09:38 | 阅读：49 | 回复：0
CVE-2021-26570

The Baseboard Management Controller (BMC) firmware in HPE Apollo 70 System prior to version 3.0.14.0 has a local buffer overflow in libifc.so webifc_setadconfig function.……

作者：菜鸟教程小白 | 时间：2022-2-5 09:38 | 阅读：54 | 回复：0
CVE-2021-26571

The Baseboard Management Controller (BMC) firmware in HPE Apollo 70 System prior to version 3.0.14.0 has a local buffer overflow in libifc.so webgetactivexcfg function.……

作者：菜鸟教程小白 | 时间：2022-2-5 09:38 | 阅读：34 | 回复：0
CVE-2021-26572

The Baseboard Management Controller (BMC) firmware in HPE Apollo 70 System prior to version 3.0.14.0 has a local buffer overflow in libifc.so webgetactivexcfg function.……

作者：菜鸟教程小白 | 时间：2022-2-5 09:38 | 阅读：46 | 回复：0
CVE-2021-21240

httplib2 is a comprehensive HTTP client library for Python. In httplib2 before version 0.19.0, a malicious server which responds with long series of \xa0 characters in the www-authenticate header may ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:38 | 阅读：48 | 回复：0
CVE-2021-21288

CarrierWave is an open-source RubyGem which provides a simple and flexible way to upload files from Ruby applications. In CarrierWave before versions 1.3.2 and 2.1.1 the download feature has an SSRF v ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:38 | 阅读：73 | 回复：0
CVE-2021-21290

Netty is an open-source, asynchronous event-driven network application framework for rapid development of maintainable high performance protocol servers clients. In Netty before version 4.1.59.Final ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:38 | 阅读：61 | 回复：0
CVE-2021-21305

CarrierWave is an open-source RubyGem which provides a simple and flexible way to upload files from Ruby applications. In CarrierWave before versions 1.3.2 and 2.1.1, there is a code injection vulnera ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:38 | 阅读：55 | 回复：0
CVE-2021-25172

The Baseboard Management Controller (BMC) firmware in HPE Apollo 70 System prior to version 3.0.14.0 has a command injection vulnerability in libifc.so websetdefaultlangcfg function.……

作者：菜鸟教程小白 | 时间：2022-2-5 09:38 | 阅读：49 | 回复：0
CVE-2021-26573

The Baseboard Management Controller (BMC) firmware in HPE Apollo 70 System prior to version 3.0.14.0 has a local buffer overflow in libifc.so webgeneratesslcfg function.……

作者：菜鸟教程小白 | 时间：2022-2-5 09:38 | 阅读：58 | 回复：0
CVE-2021-26574

The Baseboard Management Controller (BMC) firmware in HPE Apollo 70 System prior to version 3.0.14.0 has a path traversal vulnerability in libifc.so webdeletevideofile function.……

作者：菜鸟教程小白 | 时间：2022-2-5 09:38 | 阅读：69 | 回复：0
CVE-2021-26575

The Baseboard Management Controller (BMC) firmware in HPE Apollo 70 System prior to version 3.0.14.0 has a path traversal vulnerability in libifc.so webdeletesolvideofile function.……

作者：菜鸟教程小白 | 时间：2022-2-5 09:38 | 阅读：48 | 回复：0
CVE-2021-26577

The Baseboard Management Controller (BMC) firmware in HPE Apollo 70 System prior to version 3.0.14.0 has a local buffer overflow in libifc.so uploadsshkey function.……

作者：菜鸟教程小白 | 时间：2022-2-5 09:38 | 阅读：58 | 回复：0
CVE-2021-26905

1Password SCIM Bridge before 1.6.2 mishandles validation of authenticated requests for log files, leading to disclosure of a TLS private key.……

作者：菜鸟教程小白 | 时间：2022-2-5 09:38 | 阅读：55 | 回复：0
CVE-2021-26910

Firejail before 0.9.64.4 allows attackers to bypass intended access restrictions because there is a TOCTOU race condition between a stat operation and an OverlayFS mount operation.……

作者：菜鸟教程小白 | 时间：2022-2-5 09:38 | 阅读：52 | 回复：0
CVE-2020-24944

picoquic (before 3rd of July 2020) allows attackers to cause a denial of service (infinite loop) via a crafted QUIC frame, related to the picoquic_decode_frames and picoquic_decode_stream_frame functi ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:38 | 阅读：54 | 回复：0
CVE-2020-36148

Incorrect handling of input data in verifyAttribute function in the libmysofa library 0.5 - 1.1 will lead to NULL pointer dereference and segmentation fault error in case of restrictive memory protect ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:38 | 阅读：51 | 回复：0
CVE-2020-36149

Incorrect handling of input data in changeAttribute function in the libmysofa library 0.5 - 1.1 will lead to NULL pointer dereference and segmentation fault error in case of restrictive memory protect ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:38 | 阅读：60 | 回复：0
CVE-2020-36150

Incorrect handling of input data in loudness function in the libmysofa library 0.5 - 1.1 will lead to heap buffer overflow and access to unallocated memory block.……

作者：菜鸟教程小白 | 时间：2022-2-5 09:38 | 阅读：43 | 回复：0
CVE-2020-36151

Incorrect handling of input data in mysofa_resampler_reset_mem function in the libmysofa library 0.5 - 1.1 will lead to heap buffer overflow and overwriting large memory block.……

作者：菜鸟教程小白 | 时间：2022-2-5 09:38 | 阅读：56 | 回复：0
CVE-2020-36152

Buffer overflow in readDataVar in hdf/dataobject.c in Symonics libmysofa 0.5 - 1.1 allows attackers to execute arbitrary code via a crafted SOFA.……

作者：菜鸟教程小白 | 时间：2022-2-5 09:38 | 阅读：41 | 回复：0
CVE-2021-26220

The ezxml_toxml function in ezxml 0.8.6 and earlier is vulnerable to OOB write when opening XML file after exhausting the memory pool.……

作者：菜鸟教程小白 | 时间：2022-2-5 09:38 | 阅读：36 | 回复：0
CVE-2021-26221

The ezxml_new function in ezXML 0.8.6 and earlier is vulnerable to OOB write when opening XML file after exhausting the memory pool.……

作者：菜鸟教程小白 | 时间：2022-2-5 09:38 | 阅读：35 | 回复：0
CVE-2021-26222

The ezxml_new function in ezXML 0.8.6 and earlier is vulnerable to OOB write when opening XML file after exhausting the memory pool.……

作者：菜鸟教程小白 | 时间：2022-2-5 09:38 | 阅读：33 | 回复：0
CVE-2021-26528

The mg_http_serve_file function in Cesanta Mongoose HTTP server 7.0 is vulnerable to remote OOB write attack via connection request after exhausting memory pool.……

作者：菜鸟教程小白 | 时间：2022-2-5 09:38 | 阅读：47 | 回复：0
CVE-2021-26529

The mg_tls_init function in Cesanta Mongoose HTTPS server 7.0 and 6.7-6.18 (compiled with mbedTLS support) is vulnerable to remote OOB write attack via connection request after exhausting memory pool.……

作者：菜鸟教程小白 | 时间：2022-2-5 09:38 | 阅读：39 | 回复：0
CVE-2021-26530

The mg_tls_init function in Cesanta Mongoose HTTPS server 7.0 (compiled with OpenSSL support) is vulnerable to remote OOB write attack via connection request after exhausting memory pool.……

作者：菜鸟教程小白 | 时间：2022-2-5 09:38 | 阅读：41 | 回复：0
CVE-2020-5080

** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2020. Notes: none.……

作者：菜鸟教程小白 | 时间：2022-2-5 09:37 | 阅读：82 | 回复：0
CVE-2020-5081

** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2020. Notes: none.……

作者：菜鸟教程小白 | 时间：2022-2-5 09:37 | 阅读：74 | 回复：0
CVE-2020-5082

** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2020. Notes: none.……

作者：菜鸟教程小白 | 时间：2022-2-5 09:37 | 阅读：69 | 回复：0
CVE-2020-5083

** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2020. Notes: none.……

作者：菜鸟教程小白 | 时间：2022-2-5 09:37 | 阅读：55 | 回复：0
CVE-2020-5084

** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2020. Notes: none.……

作者：菜鸟教程小白 | 时间：2022-2-5 09:37 | 阅读：56 | 回复：0
CVE-2020-5085

** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2020. Notes: none.……

作者：菜鸟教程小白 | 时间：2022-2-5 09:37 | 阅读：48 | 回复：0