• 设为首页
  • 点击收藏
  • 手机版
    手机扫一扫访问
    迪恩网络手机版
  • 关注官方公众号
    微信扫一扫关注
    迪恩网络公众号

漏洞

RSS

下级分类:

  • CVE-2021-45988
    CVE-2021-45988
    Tenda routers G1 and G3 v15.11.0.17(9502)_CN were discovered to contain a stack overflow in the function formAddDnsForward. This vulnerability allows attackers to cause a Denial of Service (DoS) via t ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:26 | 阅读:24 | 回复:0
  • CVE-2021-45987
    CVE-2021-45987
    Tenda routers G1 and G3 v15.11.0.17(9502)_CN were discovered to contain a command injection vulnerability in the function formSetNetCheckTools. This vulnerability allows attackers to execute arbitrary ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:26 | 阅读:27 | 回复:0
  • CVE-2021-45986
    CVE-2021-45986
    Tenda routers G1 and G3 v15.11.0.17(9502)_CN were discovered to contain a command injection vulnerability in the function formSetUSBShareInfo. This vulnerability allows attackers to execute arbitrary ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:26 | 阅读:27 | 回复:0
  • CVE-2021-45742
    CVE-2021-45742
    TOTOLINK A720R v4.1.5cu.470_B20200911 was discovered to contain a command injection vulnerability in the Main function. This vulnerability allows attackers to execute arbitrary commands via the QUERY_ ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:26 | 阅读:22 | 回复:0
  • CVE-2021-45741
    CVE-2021-45741
    TOTOLINK X5000R v9.1.0u.6118_B20201102 was discovered to contain a stack overflow in the function setIpv6Cfg. This vulnerability allows attackers to cause a Denial of Service (DoS) via the relay6to4 p ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:26 | 阅读:29 | 回复:0
  • CVE-2021-45740
    CVE-2021-45740
    TOTOLINK A720R v4.1.5cu.470_B20200911 was discovered to contain a stack overflow in the setWiFiWpsStart function. This vulnerability allows attackers to cause a Denial of Service (DoS) via the pin par ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:26 | 阅读:34 | 回复:0
  • CVE-2021-45739
    CVE-2021-45739
    TOTOLINK A720R v4.1.5cu.470_B20200911 was discovered to contain a stack overflow in the Form_Login function. This vulnerability allows attackers to cause a Denial of Service (DoS) via the flag paramet ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:26 | 阅读:71 | 回复:0
  • CVE-2021-45738
    CVE-2021-45738
    TOTOLINK X5000R v9.1.0u.6118_B20201102 was discovered to contain a command injection vulnerability in the function UploadFirmwareFile. This vulnerability allows attackers to execute arbitrary commands ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:26 | 阅读:48 | 回复:0
  • CVE-2021-45737
    CVE-2021-45737
    TOTOLINK A720R v4.1.5cu.470_B20200911 was discovered to contain a stack overflow in the Form_Login function. This vulnerability allows attackers to cause a Denial of Service (DoS) via the Host paramet ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:26 | 阅读:61 | 回复:0
  • CVE-2021-45736
    CVE-2021-45736
    TOTOLINK X5000R v9.1.0u.6118_B20201102 was discovered to contain a stack overflow in the function setL2tpServerCfg. This vulnerability allows attackers to cause a Denial of Service (DoS) via the eip, ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:26 | 阅读:89 | 回复:0
  • CVE-2021-45735
    CVE-2021-45735
    TOTOLINK X5000R v9.1.0u.6118_B20201102 was discovered to use the HTTP protocol for authentication into the admin interface, allowing attackers to intercept user credentials via packet capture software ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:26 | 阅读:151 | 回复:0
  • CVE-2021-45734
    CVE-2021-45734
    TOTOLINK X5000R v9.1.0u.6118_B20201102 was discovered to contain a stack overflow in the function setUrlFilterRules. This vulnerability allows attackers to cause a Denial of Service (DoS) via the url ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:26 | 阅读:81 | 回复:0
  • CVE-2021-45733
    CVE-2021-45733
    TOTOLINK X5000R v9.1.0u.6118_B20201102 was discovered to contain a command injection vulnerability in the function NTPSyncWithHost. This vulnerability allows attackers to execute arbitrary commands vi ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:26 | 阅读:82 | 回复:0
  • CVE-2021-44882
    CVE-2021-44882
    D-Link device DIR_878_FW1.30B08_Hotfix_02 was discovered to contain a command injection vulnerability in the twsystem function. This vulnerability allows attackers to execute arbitrary commands via a ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:26 | 阅读:48 | 回复:0
  • CVE-2021-44881
    CVE-2021-44881
    D-Link device DIR_882 DIR_882_FW1.30B06_Hotfix_02 was discovered to contain a command injection vulnerability in the twsystem function. This vulnerability allows attackers to execute arbitrary command ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:26 | 阅读:37 | 回复:0
  • CVE-2021-44880
    CVE-2021-44880
    D-Link devices DIR_878 DIR_878_FW1.30B08_Hotfix_02 and DIR_882 DIR_882_FW1.30B06_Hotfix_02 were discovered to contain a command injection vulnerability in the system function. This vulnerability allow ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:26 | 阅读:42 | 回复:0
  • CVE-2021-44247
    CVE-2021-44247
    Totolink devices A3100R v4.1.2cu.5050_B20200504, A830R v5.9c.4729_B20191112, and A720R v4.1.5cu.470_B20200911 were discovered to contain command injection vulnerability in the function setNoticeCfg. T ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:26 | 阅读:37 | 回复:0
  • CVE-2021-44246
    CVE-2021-44246
    Totolink devices A3100R v4.1.2cu.5050_B20200504, A830R v5.9c.4729_B20191112, and A720R v4.1.5cu.470_B20200911 were discovered to contain a stack overflow in the function setNoticeCfg. This vulnerabili ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:26 | 阅读:33 | 回复:0
  • CVE-2021-45268
    CVE-2021-45268
    ** DISPUTED ** A Cross Site Request Forgery (CSRF) vulnerability exists in Backdrop CMS 1.20, which allows Remote Attackers to gain Remote Code Execution (RCE) on the Hosting Webserver via uploading a ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:26 | 阅读:27 | 回复:0
  • CVE-2022-24307
    CVE-2022-24307
    Mastodon before 3.3.2 and 3.4.x before 3.4.6 has incorrect access control because it does not compact incoming signed JSON-LD activities. (JSON-LD signing has been supported since version 1.6.0.)……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:26 | 阅读:27 | 回复:0
  • CVE-2022-21741
    CVE-2022-21741
    Tensorflow is an Open Source Machine Learning Framework. ### Impact An attacker can craft a TFLite model that would trigger a division by zero in the implementation of depthwise convolutions. The para ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:26 | 阅读:25 | 回复:0
  • CVE-2022-21740
    CVE-2022-21740
    Tensorflow is an Open Source Machine Learning Framework. The implementation of `SparseCountSparseOutput` is vulnerable to a heap overflow. The fix will be included in TensorFlow 2.8.0. We will also ch ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:26 | 阅读:18 | 回复:0
  • CVE-2022-21739
    CVE-2022-21739
    Tensorflow is an Open Source Machine Learning Framework. The implementation of `QuantizedMaxPool` has an undefined behavior where user controlled inputs can trigger a reference binding to null pointer ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:26 | 阅读:21 | 回复:0
  • CVE-2022-21738
    CVE-2022-21738
    Tensorflow is an Open Source Machine Learning Framework. The implementation of `SparseCountSparseOutput` can be made to crash a TensorFlow process by an integer overflow whose result is then used in a ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:26 | 阅读:19 | 回复:0
  • CVE-2022-21737
    CVE-2022-21737
    Tensorflow is an Open Source Machine Learning Framework. The implementation of `*Bincount` operations allows malicious users to cause denial of service by passing in arguments which would trigger a `C ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:26 | 阅读:18 | 回复:0
  • CVE-2021-44866
    CVE-2021-44866
    An issue was discovered in Online-Movie-Ticket-Booking-System 1.0. The file about.php does not perform input validation on the 'id' paramter. An attacker can append SQL queries to the input to ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:26 | 阅读:16 | 回复:0
  • CVE-2022-23569
    CVE-2022-23569
    Tensorflow is an Open Source Machine Learning Framework. Multiple operations in TensorFlow can be used to trigger a denial of service via `CHECK`-fails (i.e., assertion failures). This is similar to T ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:26 | 阅读:17 | 回复:0
  • CVE-2022-21735
    CVE-2022-21735
    Tensorflow is an Open Source Machine Learning Framework. The implementation of `FractionalMaxPool` can be made to crash a TensorFlow process via a division by 0. The fix will be included in TensorFlow ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:26 | 阅读:18 | 回复:0
  • CVE-2022-21734
    CVE-2022-21734
    Tensorflow is an Open Source Machine Learning Framework. The implementation of `MapStage` is vulnerable a `CHECK`-fail if the key tensor is not a scalar. The fix will be included in TensorFlow 2.8.0. ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:26 | 阅读:17 | 回复:0
  • CVE-2022-21729
    CVE-2022-21729
    Tensorflow is an Open Source Machine Learning Framework. The implementation of `UnravelIndex` is vulnerable to a division by zero caused by an integer overflow bug. The fix will be included in TensorF ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:26 | 阅读:17 | 回复:0
  • CVE-2022-21725
    CVE-2022-21725
    Tensorflow is an Open Source Machine Learning Framework. The estimator for the cost of some convolution operations can be made to execute a division by 0. The function fails to check that the stride a ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:26 | 阅读:18 | 回复:0
  • CVE-2022-23568
    CVE-2022-23568
    Tensorflow is an Open Source Machine Learning Framework. The implementation of `AddManySparseToTensorsMap` is vulnerable to an integer overflow which results in a `CHECK`-fail when building new `Tenso ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:26 | 阅读:15 | 回复:0
  • CVE-2022-23567
    CVE-2022-23567
    Tensorflow is an Open Source Machine Learning Framework. The implementations of `Sparse*Cwise*` ops are vulnerable to integer overflows. These can be used to trigger large allocations (so, OOM based d ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:26 | 阅读:19 | 回复:0
  • CVE-2022-21736
    CVE-2022-21736
    Tensorflow is an Open Source Machine Learning Framework. The implementation of `SparseTensorSliceDataset` has an undefined behavior: under certain condition it can be made to dereference a `nullptr` v ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:26 | 阅读:23 | 回复:0
  • CVE-2022-21733
    CVE-2022-21733
    Tensorflow is an Open Source Machine Learning Framework. The implementation of `StringNGrams` can be used to trigger a denial of service attack by causing an out of memory condition after an integer o ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:26 | 阅读:35 | 回复:0
  • CVE-2022-21732
    CVE-2022-21732
    Tensorflow is an Open Source Machine Learning Framework. The implementation of `ThreadPoolHandle` can be used to trigger a denial of service attack by allocating too much memory. This is because the ` ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:26 | 阅读:35 | 回复:0
  • CVE-2022-21731
    CVE-2022-21731
    Tensorflow is an Open Source Machine Learning Framework. The implementation of shape inference for `ConcatV2` can be used to trigger a denial of service attack via a segfault caused by a type confusio ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:26 | 阅读:33 | 回复:0
  • CVE-2022-21730
    CVE-2022-21730
    Tensorflow is an Open Source Machine Learning Framework. The implementation of `FractionalAvgPoolGrad` does not consider cases where the input tensors are invalid allowing an attacker to read from out ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:26 | 阅读:41 | 回复:0
  • CVE-2022-21728
    CVE-2022-21728
    Tensorflow is an Open Source Machine Learning Framework. The implementation of shape inference for `ReverseSequence` does not fully validate the value of `batch_dim` and can result in a heap OOB read. ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:26 | 阅读:31 | 回复:0
  • CVE-2022-21727
    CVE-2022-21727
    Tensorflow is an Open Source Machine Learning Framework. The implementation of shape inference for `Dequantize` is vulnerable to an integer overflow weakness. The `axis` argument can be `-1` (the defa ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:26 | 阅读:23 | 回复:0

关注我们

极客给你想要的成长

关注极客中国获取最新资讯

热门推荐
阅读排行榜

扫描微信二维码

查看手机版网站

随时了解更新最新资讯

139-2527-9053

在线客服(服务时间 9:00~18:00)

在线QQ客服
地址:深圳市南山区西丽大学城创智工业园
电邮:jeky_zhao#qq.com
移动电话:139-2527-9053

Powered by 互联科技 X3.4© 2001-2213 极客世界.|Sitemap