漏洞 - 第125页-OGeek|极客世界-中国程序员成长平台

OGeek|极客世界-中国程序员成长平台 › 门户 ›漏洞

漏洞

RSS

下级分类:

CVE漏洞

CVE-2021-44215

Northern.tech CFEngine Enterprise 3.15.4 before 3.15.5 has Insecure Permissions that may allow unauthorized local users to have an unspecified impact.……

作者：菜鸟教程小白 | 时间：2022-6-23 10:51 | 阅读：52 | 回复：0
CVE漏洞

CVE-2021-44032

TP-Link Omada SDN Software Controller before 5.0.15 does not check if the authentication method specified in a connection request is allowed. An attacker can bypass the captive portal authentication p ...……

作者：菜鸟教程小白 | 时间：2022-6-23 10:51 | 阅读：56 | 回复：0
CVE漏洞

CVE-2021-43970

An arbitrary file upload vulnerability exists in albumimages.jsp in Quicklert for Digium 10.0.0 (1043) via a .mp3;.jsp filename for a file that begins with audio data bytes. It allows an authenticated ...……

作者：菜鸟教程小白 | 时间：2022-6-23 10:51 | 阅读：54 | 回复：0
CVE漏洞

CVE-2021-43969

The login.jsp page of Quicklert for Digium 10.0.0 (1043) is affected by both Blind SQL Injection with Out-of-Band Interaction (DNS) and Blind Time-Based SQL Injections. Exploitation can be used to dis ...……

作者：菜鸟教程小白 | 时间：2022-6-23 10:51 | 阅读：49 | 回复：0
CVE漏洞

CVE-2021-42857

It was discovered that the SteelCentral AppInternals Dynamic Sampling Agent's (DSA) AgentDaServlet has directory traversal vulnerabilities at the /api/appInternals/1.0/agent/da/pcf API. The affect ...……

作者：菜鸟教程小白 | 时间：2022-6-23 10:51 | 阅读：42 | 回复：0
CVE漏洞

CVE-2021-42856

It was discovered that the /DsaDataTest endpoint is susceptible to Cross-site scripting (XSS) attack. It was noted that the Metric parameter does not have any input checks on the user input that allow ...……

作者：菜鸟教程小白 | 时间：2022-6-23 10:51 | 阅读：41 | 回复：0
CVE漏洞

CVE-2021-42855

It was discovered that the SteelCentral AppInternals Dynamic Sampling Agent (DSA) uses the .debug_command.config file to store a json string that contains a list of IDs and pre-configured commands. Th ...……

作者：菜鸟教程小白 | 时间：2022-6-23 10:51 | 阅读：39 | 回复：0
CVE漏洞

CVE-2021-42854

It was discovered that the SteelCentral AppInternals Dynamic Sampling Agent's (DSA) PluginServlet has directory traversal vulnerabilities at the /api/appInternals/1.0/plugin/pmx API. The affected ...……

作者：菜鸟教程小白 | 时间：2022-6-23 10:51 | 阅读：41 | 回复：0
CVE漏洞

CVE-2021-42853

It was discovered that the SteelCentral AppInternals Dynamic Sampling Agent's (DSA) AgentDiagnosticServlet has directory traversal vulnerability at the /api/appInternals/1.0/agent/diagnostic/logs ...……

作者：菜鸟教程小白 | 时间：2022-6-23 10:51 | 阅读：41 | 回复：0
CVE漏洞

CVE-2021-42787

It was discovered that the SteelCentral AppInternals Dynamic Sampling Agent's (DSA) AgentConfigurationServlet has directory traversal vulnerabilities at the /api/appInternals/1.0/agent/configurati ...……

作者：菜鸟教程小白 | 时间：2022-6-23 10:51 | 阅读：39 | 回复：0
CVE漏洞

CVE-2021-42786

It was discovered that the SteelCentral AppInternals Dynamic Sampling Agent (DSA) has Remote Code Execution vulnerabilities in multiple instances of the API requests. The affected endpoints do not hav ...……

作者：菜鸟教程小白 | 时间：2022-6-23 10:51 | 阅读：42 | 回复：0
CVE漏洞

CVE-2021-42186

** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none.……

作者：菜鸟教程小白 | 时间：2022-6-23 10:51 | 阅读：41 | 回复：0
CVE漏洞

CVE-2021-41657

SmartBear CodeCollaborator v6.1.6102 was discovered to contain a vulnerability in the web UI which would allow an attacker to conduct a clickjacking attack.……

作者：菜鸟教程小白 | 时间：2022-6-23 10:51 | 阅读：37 | 回复：0
CVE漏洞

CVE-2021-40376

otris Update Manager 1.2.1.0 allows local users to achieve SYSTEM access via unauthenticated calls to exposed interfaces over a .NET named pipe. A remote attack may be possible as well, by leveraging ...……

作者：菜鸟教程小白 | 时间：2022-6-23 10:51 | 阅读：38 | 回复：0
CVE漏洞

CVE-2021-40064

There is a heap-based buffer overflow vulnerability in system components. Successful exploitation of this vulnerability may affect system stability.……

作者：菜鸟教程小白 | 时间：2022-6-23 10:51 | 阅读：39 | 回复：0
CVE漏洞

CVE-2021-40063

There is an improper access control vulnerability in the video module. Successful exploitation of this vulnerability may affect confidentiality.……

作者：菜鸟教程小白 | 时间：2022-6-23 10:51 | 阅读：37 | 回复：0
CVE漏洞

CVE-2021-40062

There is a vulnerability of copying input buffer without checking its size in the video framework. Successful exploitation of this vulnerability may affect availability.……

作者：菜鸟教程小白 | 时间：2022-6-23 10:51 | 阅读：38 | 回复：0
CVE漏洞

CVE-2021-40061

There is a vulnerability of accessing resources using an incompatible type (type confusion) in the Bastet module. Successful exploitation of this vulnerability may affect integrity.……

作者：菜鸟教程小白 | 时间：2022-6-23 10:51 | 阅读：33 | 回复：0
CVE漏洞

CVE-2021-40059

There is a permission control vulnerability in the Wi-Fi module. Successful exploitation of this vulnerability may affect confidentiality.……

作者：菜鸟教程小白 | 时间：2022-6-23 10:51 | 阅读：35 | 回复：0
CVE漏洞

CVE-2021-40060

There is a heap-based buffer overflow vulnerability in the video framework. Successful exploitation of this vulnerability may affect availability.……

作者：菜鸟教程小白 | 时间：2022-6-23 10:50 | 阅读：40 | 回复：0
CVE漏洞

CVE-2021-40058

There is a heap-based buffer overflow vulnerability in the video framework. Successful exploitation of this vulnerability may affect availability.……

作者：菜鸟教程小白 | 时间：2022-6-23 10:50 | 阅读：38 | 回复：0
CVE漏洞

CVE-2021-40057

There is a heap-based and stack-based buffer overflow vulnerability in the video framework. Successful exploitation of this vulnerability may affect availability.……

作者：菜鸟教程小白 | 时间：2022-6-23 10:50 | 阅读：31 | 回复：0
CVE漏洞

CVE-2021-40056

There is a vulnerability of copying input buffer without checking its size in the video framework. Successful exploitation of this vulnerability may affect availability.……

作者：菜鸟教程小白 | 时间：2022-6-23 10:50 | 阅读：36 | 回复：0
CVE漏洞

CVE-2021-40055

There is a man-in-the-middle attack vulnerability during system update download in recovery mode. Successful exploitation of this vulnerability may affect integrity.……

作者：菜鸟教程小白 | 时间：2022-6-23 10:50 | 阅读：34 | 回复：0
CVE漏洞

CVE-2021-40054

There is an integer underflow vulnerability in the atcmdserver module. Successful exploitation of this vulnerability may affect integrity.……

作者：菜鸟教程小白 | 时间：2022-6-23 10:50 | 阅读：29 | 回复：0
CVE漏洞

CVE-2021-40053

There is a permission control vulnerability in the Nearby module. Successful exploitation of this vulnerability will affect availability and integrity.……

作者：菜鸟教程小白 | 时间：2022-6-23 10:50 | 阅读：28 | 回复：0
CVE漏洞

CVE-2021-40052

There is an incorrect buffer size calculation vulnerability in the video framework. Successful exploitation of this vulnerability may affect availability.……

作者：菜鸟教程小白 | 时间：2022-6-23 10:50 | 阅读：28 | 回复：0
CVE漏洞

CVE-2021-40051

There is an unauthorized access vulnerability in system components. Successful exploitation of this vulnerability will affect confidentiality.……

作者：菜鸟教程小白 | 时间：2022-6-23 10:50 | 阅读：34 | 回复：0
CVE漏洞

CVE-2021-40050

There is an out-of-bounds read vulnerability in the IFAA module. Successful exploitation of this vulnerability may cause stack overflow.……

作者：菜鸟教程小白 | 时间：2022-6-23 10:50 | 阅读：35 | 回复：0
CVE漏洞

CVE-2021-40049

There is a permission control vulnerability in the PMS module. Successful exploitation of this vulnerability can lead to sensitive system information being obtained without authorization.……

作者：菜鸟教程小白 | 时间：2022-6-23 10:50 | 阅读：37 | 回复：0
CVE漏洞

CVE-2021-40048

There is an incorrect buffer size calculation vulnerability in the video framework. Successful exploitation of this vulnerability will affect availability.……

作者：菜鸟教程小白 | 时间：2022-6-23 10:50 | 阅读：46 | 回复：0
CVE漏洞

CVE-2021-40047

There is a vulnerability of memory not being released after effective lifetime in the Bastet module. Successful exploitation of this vulnerability may affect integrity.……

作者：菜鸟教程小白 | 时间：2022-6-23 10:50 | 阅读：50 | 回复：0
CVE漏洞

CVE-2021-3981

A flaw in grub2 was found where its configuration file, known as grub.cfg, is being created with the wrong permission set allowing non privileged users to read its content. This represents a low sever ...……

作者：菜鸟教程小白 | 时间：2022-6-23 10:50 | 阅读：47 | 回复：0
CVE漏洞

CVE-2021-3739

A NULL pointer dereference flaw was found in the btrfs_rm_device function in fs/btrfs/volumes.c in the Linux Kernel, where triggering the bug requires ‘CAP_SYS_ADMIN’. This flaw allows a local attac ...……

作者：菜鸟教程小白 | 时间：2022-6-23 10:50 | 阅读：50 | 回复：0
CVE漏洞

CVE-2021-3733

There's a flaw in urllib's AbstractBasicAuthHandler class. An attacker who controls a malicious HTTP server that an HTTP client (such as web browser) connects to, could trigger a Regular Expre ...……

作者：菜鸟教程小白 | 时间：2022-6-23 10:50 | 阅读：39 | 回复：0
CVE漏洞

CVE-2021-3732

A security issue was found in Linux kernel’s OverlayFS subsystem where a local attacker who has the ability to mount the TmpFS filesystem with OverlayFS can abuse a logic bug in the overlayfs code wh ...……

作者：菜鸟教程小白 | 时间：2022-6-23 10:50 | 阅读：38 | 回复：0
CVE漏洞

CVE-2021-3698

A flaw was found in Cockpit in versions prior to 260 in the way it handles the certificate verification performed by the System Security Services Daemon (SSSD). This flaw allows client certificates to ...……

作者：菜鸟教程小白 | 时间：2022-6-23 10:50 | 阅读：44 | 回复：0
CVE漏洞

CVE-2021-3660

Cockpit (and its plugins) do not seem to protect itself against clickjacking. It is possible to render a page from a cockpit server via another website, inside an iFrame HTML entry. This may be used b ...……

作者：菜鸟教程小白 | 时间：2022-6-23 10:50 | 阅读：47 | 回复：0
CVE漏洞

CVE-2021-3558

** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none.……

作者：菜鸟教程小白 | 时间：2022-6-23 10:50 | 阅读：57 | 回复：0
CVE漏洞

CVE-2021-35251

Sensitive information could be displayed when a detailed technical error message is posted. This information could disclose environmental details about the Web Help Desk installation.……

作者：菜鸟教程小白 | 时间：2022-6-23 10:50 | 阅读：72 | 回复：0