漏洞 - 第168页-OGeek|极客世界-中国程序员成长平台

OGeek|极客世界-中国程序员成长平台 › 门户 ›漏洞

漏洞

RSS

下级分类:

CVE漏洞

CVE-2022-26108

When a user opens a manipulated Picture Exchange (.pcx, 2d.x3d) received from untrusted sources in SAP 3D Visual Enterprise Viewer - version 9.0, the application crashes and becomes temporarily unavai ...……

作者：菜鸟教程小白 | 时间：2022-6-23 10:13 | 阅读：49 | 回复：0
CVE漏洞

CVE-2022-26107

When a user opens a manipulated Jupiter Tesselation (.jt, JTReader.x3d) received from untrusted sources in SAP 3D Visual Enterprise Viewer - version 9.0, the application crashes and becomes temporaril ...……

作者：菜鸟教程小白 | 时间：2022-6-23 10:13 | 阅读：45 | 回复：0
CVE漏洞

CVE-2022-26106

When a user opens a manipulated Computer Graphics Metafile (.cgm, CgmCore.dll) received from untrusted sources in SAP 3D Visual Enterprise Viewer - version 9.0, the application crashes and becomes tem ...……

作者：菜鸟教程小白 | 时间：2022-6-23 10:13 | 阅读：51 | 回复：0
CVE漏洞

CVE-2022-26105

SAP NetWeaver Enterprise Portal - versions 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50, is susceptible to script execution attack by an unauthenticated attacker due to improper sanitization of the user i ...……

作者：菜鸟教程小白 | 时间：2022-6-23 10:13 | 阅读：58 | 回复：0
CVE漏洞

CVE-2022-24812

Grafana is an open-source platform for monitoring and observability. When fine-grained access control is enabled and a client uses Grafana API Key to make requests, the permissions for that API Key ar ...……

作者：菜鸟教程小白 | 时间：2022-6-23 10:13 | 阅读：79 | 回复：0
CVE漏洞

CVE-2022-24383

The affected product is vulnerable to an out-of-bounds read, which may result in code execution……

作者：菜鸟教程小白 | 时间：2022-6-23 10:13 | 阅读：76 | 回复：0
CVE漏洞

CVE-2022-23703

A security vulnerability has been identified in HPE Nimble Storage Hybrid Flash Arrays, HPE Nimble Storage All Flash Arrays and HPE Nimble Storage Secondary Flash Arrays during update. This would pote ...……

作者：菜鸟教程小白 | 时间：2022-6-23 10:13 | 阅读：97 | 回复：0
CVE漏洞

CVE-2022-23702

A potential security vulnerability has been identified in HPE Superdome Flex and Superdome Flex 280 Servers. The vulnerability could be locally exploited to allow an user with Administrator access to ...……

作者：菜鸟教程小白 | 时间：2022-6-23 10:13 | 阅读：228 | 回复：0
CVE漏洞

CVE-2022-22541

SAP BusinessObjects Business Intelligence Platform - versions 420, 430, may allow legitimate users to access information they shouldn't see through relational or OLAP connections. The main impact ...……

作者：菜鸟教程小白 | 时间：2022-6-23 10:13 | 阅读：111 | 回复：0
CVE漏洞

CVE-2022-21228

The affected product is vulnerable to a stack-based buffer overflow, which may allow an attacker to execute arbitrary code.……

作者：菜鸟教程小白 | 时间：2022-6-23 10:13 | 阅读：94 | 回复：0
CVE漏洞

CVE-2022-21214

The affected product is vulnerable to a heap-based buffer overflow, which may lead to code execution.……

作者：菜鸟教程小白 | 时间：2022-6-23 10:13 | 阅读：80 | 回复：0
CVE漏洞

CVE-2022-21202

The affected product is vulnerable to an out-of-bounds read, which may result in disclosure of sensitive information.……

作者：菜鸟教程小白 | 时间：2022-6-23 10:13 | 阅读：94 | 回复：0
CVE漏洞

CVE-2022-21168

The affected product is vulnerable due to an invalid pointer initialization, which may lead to information disclosure.……

作者：菜鸟教程小白 | 时间：2022-6-23 10:13 | 阅读：65 | 回复：0
CVE漏洞

CVE-2022-21155

A specially crafted packet sent to the Fernhill SCADA Server Version 3.77 and earlier may cause an exception, causing the server process (FHSvrService.exe) to exit.……

作者：菜鸟教程小白 | 时间：2022-6-23 10:13 | 阅读：70 | 回复：0
CVE漏洞

CVE-2021-41005

A remote vulnerability was discovered in Aruba Instant On 1930 Switch Series version(s): Firmware below v1.0.7.0.……

作者：菜鸟教程小白 | 时间：2022-6-23 10:13 | 阅读：68 | 回复：0
CVE漏洞

CVE-2021-41004

A remote vulnerability was discovered in Aruba Instant On 1930 Switch Series version(s): Firmware below v1.0.7.0.……

作者：菜鸟教程小白 | 时间：2022-6-23 10:13 | 阅读：91 | 回复：0
CVE漏洞

CVE-2021-39814

In ppmp_validate_wsm of drm_fw.c, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. Us ...……

作者：菜鸟教程小白 | 时间：2022-6-23 10:13 | 阅读：117 | 回复：0
CVE漏洞

CVE-2021-39812

In TBD of TBD, there is a possible out of bounds read due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not ...……

作者：菜鸟教程小白 | 时间：2022-6-23 10:13 | 阅读：112 | 回复：0
CVE漏洞

CVE-2021-39809

In avrc_ctrl_pars_vendor_rsp of avrc_pars_ct.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution pri ...……

作者：菜鸟教程小白 | 时间：2022-6-23 10:13 | 阅读：140 | 回复：0
CVE漏洞

CVE-2021-39808

In createNotificationChannelGroup of PreferencesHelper.java, there is a possible way for a service to run in foreground without user notification due to improper input validation. This could lead to l ...……

作者：菜鸟教程小白 | 时间：2022-6-23 10:13 | 阅读：249 | 回复：0
CVE漏洞

CVE-2021-39807

In handleNfcStateChanged of SecureNfcEnabler.java, there is a possible way to enable NFC from the Guest account due to a missing permission check. This could lead to local escalation of privilege from ...……

作者：菜鸟教程小白 | 时间：2022-6-23 10:13 | 阅读：133 | 回复：0
CVE漏洞

CVE-2021-39805

In l2cble_process_sig_cmd of l2c_ble.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure through Bluetooth with no additional exe ...……

作者：菜鸟教程小白 | 时间：2022-6-23 10:13 | 阅读：110 | 回复：0
CVE漏洞

CVE-2021-39804

In reinit of HeifDecoderImpl.cpp, there is a possible crash due to a missing null check. This could lead to remote persistent denial of service in the file picker with no additional execution privileg ...……

作者：菜鸟教程小白 | 时间：2022-6-23 10:13 | 阅读：108 | 回复：0
CVE漏洞

CVE-2021-39803

In ~Impl of C2AllocatorIon.cpp, there is a possible out of bounds read due to a use after free. This could lead to remote information disclosure with no additional execution privileges needed. User in ...……

作者：菜鸟教程小白 | 时间：2022-6-23 10:13 | 阅读：94 | 回复：0
CVE漏洞

CVE-2021-39802

In change_pte_range of mprotect.c , there is a possible way to make a shared mmap writable due to a permissions bypass. This could lead to local escalation of privilege with no additional execution pr ...……

作者：菜鸟教程小白 | 时间：2022-6-23 10:13 | 阅读：71 | 回复：0
CVE漏洞

CVE-2021-39801

In ion_ioctl of ion-ioctl.c, there is a possible use after free due to improper locking. This could lead to local escalation of privilege with no additional execution privileges needed. User interacti ...……

作者：菜鸟教程小白 | 时间：2022-6-23 10:13 | 阅读：71 | 回复：0
CVE漏洞

CVE-2021-39800

In ion_ioctl of ion-ioctl.c, there is a possible way to leak kernel head data due to a use after free. This could lead to local information disclosure with no additional execution privileges needed. U ...……

作者：菜鸟教程小白 | 时间：2022-6-23 10:13 | 阅读：83 | 回复：0
CVE漏洞

CVE-2021-39799

In AttributionSource of AttributionSource.java, there is a possible permission bypass due to improper input validation. This could lead to local escalation of privilege with no additional execution pr ...……

作者：菜鸟教程小白 | 时间：2022-6-23 10:13 | 阅读：65 | 回复：0
CVE漏洞

CVE-2021-39798

In Bitmap_createFromParcel of Bitmap.cpp, there is a possible arbitrary code execution due to a missing bounds check. This could lead to local escalation of privilege with User execution privileges ne ...……

作者：菜鸟教程小白 | 时间：2022-6-23 10:13 | 阅读：53 | 回复：0
CVE漏洞

CVE-2021-39797

In several functions of of LauncherApps.java, there is a possible escalation of privilege due to a logic error in the code. This could lead to local escalation of privilege with no additional executio ...……

作者：菜鸟教程小白 | 时间：2022-6-23 10:13 | 阅读：47 | 回复：0
CVE漏洞

CVE-2021-39796

In HarmfulAppWarningActivity of HarmfulAppWarningActivity.java, there is a possible way to trick victim to install harmful app due to a tapjacking/overlay attack. This could lead to local escalation o ...……

作者：菜鸟教程小白 | 时间：2022-6-23 10:13 | 阅读：48 | 回复：0
CVE漏洞

CVE-2021-39795

** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Notes: Pulled from Android ASB#2022-04 publication (https://source.android.com/securit ...……

作者：菜鸟教程小白 | 时间：2022-6-23 10:13 | 阅读：56 | 回复：0
CVE漏洞

CVE-2021-39794

In broadcastPortInfo of AdbService.java, there is a possible way for apps to run code as the shell user, if wireless debugging is enabled, due to a missing permission check. This could lead to local e ...……

作者：菜鸟教程小白 | 时间：2022-6-23 10:13 | 阅读：77 | 回复：0
CVE漏洞

CVE-2021-36914

Cross-Site Request Forgery (CSRF) vulnerability leading to Reflected Cross-Site Scripting (XSS) in CalderaWP License Manager (WordPress plugin) = 1.2.11.……

作者：菜鸟教程小白 | 时间：2022-6-23 10:13 | 阅读：115 | 回复：0
CVE漏洞

CVE-2021-0707

In dma_buf_release of dma-buf.c, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User in ...……

作者：菜鸟教程小白 | 时间：2022-6-23 10:13 | 阅读：273 | 回复：0
CVE漏洞

CVE-2021-0694

In setServiceForegroundInnerLocked of ActiveServices.java, there is a possible way for a background application to regain foreground permissions due to insufficient background restrictions. This could ...……

作者：菜鸟教程小白 | 时间：2022-6-23 10:13 | 阅读：120 | 回复：0
CVE漏洞

CVE-2022-28036

AtomCMS 2.0 is vulnerable to SQL Injection via Atom.CMS_admin_ajax_navigation.php……

作者：菜鸟教程小白 | 时间：2022-6-23 10:13 | 阅读：81 | 回复：0
CVE漏洞

CVE-2022-28035

Atom.CMS 2.0 is vulnerable to SQL Injection via Atom.CMS_admin_ajax_blur-save.php……

作者：菜鸟教程小白 | 时间：2022-6-23 10:13 | 阅读：84 | 回复：0
CVE漏洞

CVE-2022-28034

AtomCMS 2.0 is vulnerabie to SQL Injection via Atom.CMS_admin_ajax_list-sort.php……

作者：菜鸟教程小白 | 时间：2022-6-23 10:13 | 阅读：73 | 回复：0
CVE漏洞

CVE-2022-28033

Atom.CMS 2.0 is vulnerable to SQL Injection via Atom.CMS_admin_uploads.php……

作者：菜鸟教程小白 | 时间：2022-6-23 10:13 | 阅读：69 | 回复：0