• 设为首页
  • 点击收藏
  • 手机版
    手机扫一扫访问
    迪恩网络手机版
  • 关注官方公众号
    微信扫一扫关注
    迪恩网络公众号

漏洞

RSS

下级分类:

  • CVE-2021-39630
    CVE-2021-39630
    In executeRequest of OverlayManagerService.java, there is a possible way to control fabricated overlays from adb shell due to a permissions bypass. This could lead to local escalation of privilege wit ...……
    作者:菜鸟教程小白 | 时间:2022-6-22 22:05 | 阅读:20 | 回复:0
  • CVE-2021-39629
    CVE-2021-39629
    In phTmlNfc_Init and phTmlNfc_CleanUp of phTmlNfc.cc, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with no additional execution privileg ...……
    作者:菜鸟教程小白 | 时间:2022-6-22 22:05 | 阅读:20 | 回复:0
  • CVE-2021-39628
    CVE-2021-39628
    In StatusBar.java, there is a possible disclosure of notification content on the lockscreen due to a logic error in the code. This could lead to local information disclosure with no additional executi ...……
    作者:菜鸟教程小白 | 时间:2022-6-22 22:05 | 阅读:21 | 回复:0
  • CVE-2021-39627
    CVE-2021-39627
    In sendLegacyVoicemailNotification of LegacyModeSmsHandler.java, there is a possible permissions bypass due to an unsafe PendingIntent. This could lead to local escalation of privilege with User execu ...……
    作者:菜鸟教程小白 | 时间:2022-6-22 22:05 | 阅读:20 | 回复:0
  • CVE-2021-39626
    CVE-2021-39626
    In onAttach of ConnectedDeviceDashboardFragment.java, there is a possible permission bypass due to a confused deputy. This could lead to local escalation of privilege in Bluetooth settings with no add ...……
    作者:菜鸟教程小白 | 时间:2022-6-22 22:05 | 阅读:20 | 回复:0
  • CVE-2021-39625
    CVE-2021-39625
    In showCarrierAppInstallationNotification of EuiccNotificationManager.java, there is a possible way to gain an access to MediaProvider content due to an unsafe PendingIntent. This could lead to local ...……
    作者:菜鸟教程小白 | 时间:2022-6-22 22:05 | 阅读:19 | 回复:0
  • CVE-2021-39623
    CVE-2021-39623
    In doRead of SimpleDecodingSource.cpp, there is a possible out of bounds write due to an incorrect bounds check. This could lead to remote escalation of privilege with no additional execution privileg ...……
    作者:菜鸟教程小白 | 时间:2022-6-22 22:05 | 阅读:22 | 回复:0
  • CVE-2021-39622
    CVE-2021-39622
    In GBoard, there is a possible way to bypass Factory Reset Protection due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed ...……
    作者:菜鸟教程小白 | 时间:2022-6-22 22:05 | 阅读:23 | 回复:0
  • CVE-2021-39621
    CVE-2021-39621
    In sendLegacyVoicemailNotification of LegacyModeSmsHandler.java, there is a possible permissions bypass due to an unsafe PendingIntent. This could lead to local escalation of privilege with User execu ...……
    作者:菜鸟教程小白 | 时间:2022-6-22 22:05 | 阅读:29 | 回复:0
  • CVE-2021-39620
    CVE-2021-39620
    In ipcSetDataReference of Parcel.cpp, there is a possible way to corrupt memory due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed ...……
    作者:菜鸟教程小白 | 时间:2022-6-22 22:05 | 阅读:27 | 回复:0
  • CVE-2021-39618
    CVE-2021-39618
    In multiple methods of EuiccNotificationManager.java, there is a possible way to install existing packages without user consent due to an unsafe PendingIntent. This could lead to local escalation of p ...……
    作者:菜鸟教程小白 | 时间:2022-6-22 22:05 | 阅读:23 | 回复:0
  • CVE-2021-38127
    CVE-2021-38127
    Potential vulnerabilities have been identified in Micro Focus ArcSight Enterprise Security Manager, affecting versions 7.4.x and 7.5.x. The vulnerabilities could be remotely exploited resulting in Cro ...……
    作者:菜鸟教程小白 | 时间:2022-6-22 22:05 | 阅读:32 | 回复:0
  • CVE-2021-38126
    CVE-2021-38126
    Potential vulnerabilities have been identified in Micro Focus ArcSight Enterprise Security Manager, affecting versions 7.4.x and 7.5.x. The vulnerabilities could be remotely exploited resulting in Cro ...……
    作者:菜鸟教程小白 | 时间:2022-6-22 22:05 | 阅读:21 | 回复:0
  • CVE-2021-36920
    CVE-2021-36920
    Authenticated Reflected Cross-Site Scripting (XSS) vulnerability discovered in WordPress plugin Download Monitor (versions = 4.4.6).……
    作者:菜鸟教程小白 | 时间:2022-6-22 22:05 | 阅读:23 | 回复:0
  • CVE-2021-36199
    CVE-2021-36199
    Running a vulnerability scanner against VideoEdge NVRs can cause some functionality to stop.……
    作者:菜鸟教程小白 | 时间:2022-6-22 22:05 | 阅读:25 | 回复:0
  • CVE-2021-28507
    CVE-2021-28507
    An issue has recently been discovered in Arista EOS where, under certain conditions, the service ACL configured for OpenConfig gNOI and OpenConfig RESTCONF might be bypassed, which results in the deni ...……
    作者:菜鸟教程小白 | 时间:2022-6-22 22:05 | 阅读:23 | 回复:0
  • CVE-2021-28506
    CVE-2021-28506
    An issue has recently been discovered in Arista EOS where certain gNOI APIs incorrectly skip authorization and authentication which could potentially allow a factory reset of the device.……
    作者:菜鸟教程小白 | 时间:2022-6-22 22:05 | 阅读:25 | 回复:0
  • CVE-2021-28501
    CVE-2021-28501
    An issue has recently been discovered in Arista EOS where the incorrect use of EOS's AAA API’s by the OpenConfig and TerminAttr agents could result in unrestricted access to the device for local ...……
    作者:菜鸟教程小白 | 时间:2022-6-22 22:05 | 阅读:21 | 回复:0
  • CVE-2021-28500
    CVE-2021-28500
    An issue has recently been discovered in Arista EOS where the incorrect use of EOS's AAA API’s by the OpenConfig and TerminAttr agents could result in unrestricted access to the device for local ...……
    作者:菜鸟教程小白 | 时间:2022-6-22 22:05 | 阅读:21 | 回复:0
  • CVE-2021-23567
    CVE-2021-23567
    The package colors after 1.4.0 are vulnerable to Denial of Service (DoS) that was introduced through an infinite loop in the americanFlag module. Unfortunately this appears to have been a purposeful a ...……
    作者:菜鸟教程小白 | 时间:2022-6-22 22:05 | 阅读:22 | 回复:0
  • CVE-2021-23566
    CVE-2021-23566
    The package nanoid from 3.0.0 and before 3.1.31 are vulnerable to Information Exposure via the valueOf() function which allows to reproduce the last id generated.……
    作者:菜鸟教程小白 | 时间:2022-6-22 22:05 | 阅读:21 | 回复:0
  • CVE-2021-23157
    CVE-2021-23157
    WECON LeviStudioU Versions 2019-09-21 and prior are vulnerable to a heap-based buffer overflow, which may allow an attacker to remotely execute code.……
    作者:菜鸟教程小白 | 时间:2022-6-22 22:05 | 阅读:21 | 回复:0
  • CVE-2021-23138
    CVE-2021-23138
    WECON LeviStudioU Versions 2019-09-21 and prior are vulnerable to a stack-based buffer overflow, which may allow an attacker to remotely execute code.……
    作者:菜鸟教程小白 | 时间:2022-6-22 22:05 | 阅读:21 | 回复:0
  • CVE-2021-20613
    CVE-2021-20613
    Improper initialization vulnerability in MELSEC-F series FX3U-ENET Firmware version 1.16 and prior, FX3U-ENET-L Firmware version 1.16 and prior and FX3U-ENET-P502 Firmware version 1.16 and prior allow ...……
    作者:菜鸟教程小白 | 时间:2022-6-22 22:05 | 阅读:24 | 回复:0
  • CVE-2021-20612
    CVE-2021-20612
    Lack of administrator control over security vulnerability in MELSEC-F series FX3U-ENET Firmware version 1.14 and prior, FX3U-ENET-L Firmware version 1.14 and prior and FX3U-ENET-P502 Firmware version ...……
    作者:菜鸟教程小白 | 时间:2022-6-22 22:05 | 阅读:25 | 回复:0
  • CVE-2021-1049
    CVE-2021-1049
    Hacker one bug ID: 1343975Product: AndroidVersions: Android SoCAndroid ID: A-204256722……
    作者:菜鸟教程小白 | 时间:2022-6-22 22:05 | 阅读:28 | 回复:0
  • CVE-2021-1037
    CVE-2021-1037
    The broadcast that DevicePickerFragment sends when a new device is paired doesn't have any permission checks, so any app can register to listen for it. This lets apps keep track of what devices ar ...……
    作者:菜鸟教程小白 | 时间:2022-6-22 22:05 | 阅读:33 | 回复:0
  • CVE-2021-1036
    CVE-2021-1036
    In LocationSettingsActivity of AndroidManifest.xml, there is a possible EoP due to a tapjacking/overlay attack. This could lead to local escalation of privilege with no additional execution privileges ...……
    作者:菜鸟教程小白 | 时间:2022-6-22 22:05 | 阅读:45 | 回复:0
  • CVE-2021-1035
    CVE-2021-1035
    In setLaunchIntent of BluetoothDevicePickerPreferenceController.java, there is a possible way to invoke an arbitrary broadcast receiver due to a confused deputy. This could lead to local escalation of ...……
    作者:菜鸟教程小白 | 时间:2022-6-22 22:05 | 阅读:37 | 回复:0
  • CVE-2021-0959
    CVE-2021-0959
    In jit_memory_region.cc, there is a possible bypass of memory restrictions due to a logic error in the code. This could lead to local escalation of privilege with User execution privileges needed. Use ...……
    作者:菜鸟教程小白 | 时间:2022-6-22 22:05 | 阅读:31 | 回复:0
  • CVE-2022-0226
    CVE-2022-0226
    livehelperchat is vulnerable to Cross-Site Request Forgery (CSRF)……
    作者:菜鸟教程小白 | 时间:2022-6-22 22:05 | 阅读:33 | 回复:0
  • CVE-2021-45763
    CVE-2021-45763
    GPAC v1.1.0 was discovered to contain an invalid call in the function gf_node_changed(). This vulnerability can lead to a Denial of Service (DoS).……
    作者:菜鸟教程小白 | 时间:2022-6-22 22:05 | 阅读:28 | 回复:0
  • CVE-2021-45762
    CVE-2021-45762
    GPAC v1.1.0 was discovered to contain an invalid memory address dereference via the function gf_sg_vrml_mf_reset(). This vulnerability allows attackers to cause a Denial of Service (DoS).……
    作者:菜鸟教程小白 | 时间:2022-6-22 22:05 | 阅读:20 | 回复:0
  • CVE-2021-45761
    CVE-2021-45761
    ROPium v3.1 was discovered to contain an invalid memory address dereference via the find() function.……
    作者:菜鸟教程小白 | 时间:2022-6-22 22:05 | 阅读:20 | 回复:0
  • CVE-2022-23227
    CVE-2022-23227
    NUUO NVRmini2 through 3.11 allows an unauthenticated attacker to upload an encrypted TAR archive, which can be abused to add arbitrary users because of the lack of handle_import_user.php authenticatio ...……
    作者:菜鸟教程小白 | 时间:2022-6-22 22:05 | 阅读:26 | 回复:0
  • CVE-2022-0224
    CVE-2022-0224
    dolibarr is vulnerable to Improper Neutralization of Special Elements used in an SQL Command……
    作者:菜鸟教程小白 | 时间:2022-6-22 22:05 | 阅读:26 | 回复:0
  • CVE-2021-45468
    CVE-2021-45468
    Imperva Web Application Firewall (WAF) before 2021-12-23 allows remote unauthenticated attackers to use Content-Encoding: gzip to evade WAF security controls and send malicious HTTP POST requests to w ...……
    作者:菜鸟教程小白 | 时间:2022-6-22 22:05 | 阅读:25 | 回复:0
  • CVE-2021-36736
    CVE-2021-36736
    ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2021. Notes: none.……
    作者:菜鸟教程小白 | 时间:2022-6-22 22:05 | 阅读:23 | 回复:0
  • CVE-2021-36735
    CVE-2021-36735
    ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2021. Notes: none.……
    作者:菜鸟教程小白 | 时间:2022-6-22 22:05 | 阅读:25 | 回复:0
  • CVE-2021-36734
    CVE-2021-36734
    ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2021. Notes: none.……
    作者:菜鸟教程小白 | 时间:2022-6-22 22:05 | 阅读:23 | 回复:0

关注我们

极客给你想要的成长

关注极客中国获取最新资讯

热门推荐
阅读排行榜

扫描微信二维码

查看手机版网站

随时了解更新最新资讯

139-2527-9053

在线客服(服务时间 9:00~18:00)

在线QQ客服
地址:深圳市南山区西丽大学城创智工业园
电邮:jeky_zhao#qq.com
移动电话:139-2527-9053

Powered by 互联科技 X3.4© 2001-2213 极客世界.|Sitemap