• 设为首页
  • 点击收藏
  • 手机版
    手机扫一扫访问
    迪恩网络手机版
  • 关注官方公众号
    微信扫一扫关注
    迪恩网络公众号
登陆 注册
描述文字
OGeek|极客世界-中国程序员成长平台 门户 漏洞

漏洞

RSS

下级分类:

  • CVE-2021-40327
    CVE漏洞
    CVE-2021-40327
    Trusted Firmware-M (TF-M) 1.4.0, when Profile Small is used, has incorrect access control. NSPE can access a secure key (held by the Crypto service) based solely on knowledge of its key ID. For exampl ...……
    作者:菜鸟教程小白 | 时间:2022-6-22 22:02 | 阅读:7 | 回复:0
  • CVE-2021-45806
    CVE漏洞
    CVE-2021-45806
    jpress v4.2.0 admin panel provides a function through which attackers can modify the template and inject some malicious code.……
    作者:菜鸟教程小白 | 时间:2022-6-22 22:02 | 阅读:7 | 回复:0
  • CVE-2021-23514
    CVE漏洞
    CVE-2021-23514
    This affects the package Crow before 0.3+4. It is possible to traverse directories to fetch arbitrary files from the server.……
    作者:菜鸟教程小白 | 时间:2022-6-22 22:02 | 阅读:7 | 回复:0
  • CVE-2021-30353
    CVE漏洞
    CVE-2021-30353
    Improper validation of function pointer type with actual function signature can lead to assertion in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon I ...……
    作者:菜鸟教程小白 | 时间:2022-6-22 22:02 | 阅读:8 | 回复:0
  • CVE-2021-30330
    CVE漏洞
    CVE-2021-30330
    Possible null pointer dereference due to improper validation of APE clip in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon ...……
    作者:菜鸟教程小白 | 时间:2022-6-22 22:02 | 阅读:9 | 回复:0
  • CVE-2021-30319
    CVE漏洞
    CVE-2021-30319
    Possible integer overflow due to improper validation of command length parameters while processing WMI command in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Elec ...……
    作者:菜鸟教程小白 | 时间:2022-6-22 22:02 | 阅读:8 | 回复:0
  • CVE-2021-30314
    CVE漏洞
    CVE-2021-30314
    Lack of validation for third party application accessing the service can lead to information disclosure in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdr ...……
    作者:菜鸟教程小白 | 时间:2022-6-22 22:02 | 阅读:7 | 回复:0
  • CVE-2021-30313
    CVE漏洞
    CVE-2021-30313
    Use after free condition can occur in wired connectivity due to a race condition while creating and deleting folders in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consume ...……
    作者:菜鸟教程小白 | 时间:2022-6-22 22:02 | 阅读:7 | 回复:0
  • CVE-2021-30311
    CVE漏洞
    CVE-2021-30311
    Possible heap overflow due to lack of index validation before allocating and writing to heap buffer in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdrag ...……
    作者:菜鸟教程小白 | 时间:2022-6-22 22:02 | 阅读:7 | 回复:0
  • CVE-2021-30308
    CVE漏洞
    CVE-2021-30308
    Possible buffer overflow while printing the HARQ memory partition detail due to improper validation of buffer size in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer ...……
    作者:菜鸟教程小白 | 时间:2022-6-22 22:02 | 阅读:7 | 回复:0
  • CVE-2021-30307
    CVE漏洞
    CVE-2021-30307
    Possible denial of service due to improper validation of DNS response when DNS client requests with PTR, NAPTR or SRV query type in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdr ...……
    作者:菜鸟教程小白 | 时间:2022-6-22 22:02 | 阅读:7 | 回复:0
  • CVE-2021-30301
    CVE漏洞
    CVE-2021-30301
    Possible denial of service due to out of memory while processing RRC and NAS OTA message in Snapdragon Auto, Snapdragon Industrial IOT, Snapdragon Mobile……
    作者:菜鸟教程小白 | 时间:2022-6-22 22:02 | 阅读:7 | 回复:0
  • CVE-2021-30300
    CVE漏洞
    CVE-2021-30300
    Possible denial of service due to incorrectly decoding hex data for the SIB2 OTA message and assigning a garbage value to choice when processing the SRS configuration in Snapdragon Auto, Snapdragon Co ...……
    作者:菜鸟教程小白 | 时间:2022-6-22 22:02 | 阅读:7 | 回复:0
  • CVE-2021-30287
    CVE漏洞
    CVE-2021-30287
    Possible assertion due to improper validation of symbols configured for PDCCH monitoring in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile……
    作者:菜鸟教程小白 | 时间:2022-6-22 22:02 | 阅读:7 | 回复:0
  • CVE-2021-30285
    CVE漏洞
    CVE-2021-30285
    Improper validation of memory region in Hypervisor can lead to incorrect region mapping in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial ...……
    作者:菜鸟教程小白 | 时间:2022-6-22 22:02 | 阅读:7 | 回复:0
  • CVE-2022-22113
    CVE漏洞
    CVE-2022-22113
    In DayByDay CRM, versions 2.2.0 through 2.2.1 (latest) are vulnerable to Insufficient Session Expiration. When a password has been changed by the user or by an administrator, a user that was already l ...……
    作者:菜鸟教程小白 | 时间:2022-6-22 22:02 | 阅读:7 | 回复:0
  • CVE-2022-22112
    CVE漏洞
    CVE-2022-22112
    In DayByDay CRM, versions 1.1 through 2.2.1 (latest) suffer from an application-wide Client-Side Template Injection (CSTI). A low privileged attacker can input template injection payloads in the appli ...……
    作者:菜鸟教程小白 | 时间:2022-6-22 22:02 | 阅读:7 | 回复:0
  • CVE-2022-0198
    CVE漏洞
    CVE-2022-0198
    corenlp is vulnerable to Improper Restriction of XML External Entity Reference……
    作者:菜鸟教程小白 | 时间:2022-6-22 22:02 | 阅读:8 | 回复:0
  • CVE-2022-0197
    CVE漏洞
    CVE-2022-0197
    phoronix-test-suite is vulnerable to Cross-Site Request Forgery (CSRF)……
    作者:菜鸟教程小白 | 时间:2022-6-22 22:02 | 阅读:8 | 回复:0
  • CVE-2022-0196
    CVE漏洞
    CVE-2022-0196
    phoronix-test-suite is vulnerable to Cross-Site Request Forgery (CSRF)……
    作者:菜鸟教程小白 | 时间:2022-6-22 22:02 | 阅读:7 | 回复:0
  • CVE-2021-43860
    CVE漏洞
    CVE-2021-43860
    Flatpak is a Linux application sandboxing and distribution framework. Prior to versions 1.12.3 and 1.10.6, Flatpak doesn't properly validate that the permissions displayed to the user for an app a ...……
    作者:菜鸟教程小白 | 时间:2022-6-22 22:02 | 阅读:9 | 回复:0
  • CVE-2021-40566
    CVE漏洞
    CVE-2021-40566
    A Segmentation fault casued by heap use after free vulnerability exists in Gpac through 1.0.1 via the mpgviddmx_process function in reframe_mpgvid.c when using mp4box, which causes a denial of service ...……
    作者:菜鸟教程小白 | 时间:2022-6-22 22:02 | 阅读:9 | 回复:0
  • CVE-2021-40565
    CVE漏洞
    CVE-2021-40565
    A Segmentation fault caused by a null pointer dereference vulnerability exists in Gpac through 1.0.1 via the gf_avc_parse_nalu function in av_parsers.c when using mp4box, which causes a denial of serv ...……
    作者:菜鸟教程小白 | 时间:2022-6-22 22:02 | 阅读:9 | 回复:0
  • CVE-2021-40564
    CVE漏洞
    CVE-2021-40564
    A Segmentation fault caused by null pointer dereference vulnerability eists in Gpac through 1.0.2 via the avc_parse_slice function in av_parsers.c when using mp4box, which causes a denial of service.……
    作者:菜鸟教程小白 | 时间:2022-6-22 22:02 | 阅读:9 | 回复:0
  • CVE-2021-40563
    CVE漏洞
    CVE-2021-40563
    A Segmentation fault exists casued by null pointer dereference exists in Gpac through 1.0.1 via the naludmx_create_avc_decoder_config function in reframe_nalu.c when using mp4box, which causes a denia ...……
    作者:菜鸟教程小白 | 时间:2022-6-22 22:02 | 阅读:11 | 回复:0
  • CVE-2021-40562
    CVE漏洞
    CVE-2021-40562
    A Segmentation fault caused by a floating point exception exists in Gpac through 1.0.1 using mp4box via the naludmx_enqueue_or_dispatch function in reframe_nalu.c, which causes a denial of service.……
    作者:菜鸟教程小白 | 时间:2022-6-22 22:02 | 阅读:11 | 回复:0
  • CVE-2021-40559
    CVE漏洞
    CVE-2021-40559
    A null pointer deference vulnerability exists in gpac through 1.0.1 via the naludmx_parse_nal_avc function in reframe_nalu, which allows a denail of service.……
    作者:菜鸟教程小白 | 时间:2022-6-22 22:02 | 阅读:13 | 回复:0
  • CVE-2021-37530
    CVE漏洞
    CVE-2021-37530
    A denial of service vulnerabiity exists in fig2dev through 3.28a due to a segfault in the open_stream function in readpics.c.……
    作者:菜鸟教程小白 | 时间:2022-6-22 22:02 | 阅读:14 | 回复:0
  • CVE-2021-37529
    CVE漏洞
    CVE-2021-37529
    A double-free vulnerability exists in fig2dev through 3.28a is affected by: via the free_stream function in readpics.c, which could cause a denial of service (context-dependent).……
    作者:菜鸟教程小白 | 时间:2022-6-22 22:02 | 阅读:14 | 回复:0
  • CVE-2022-23118
    CVE漏洞
    CVE-2022-23118
    Jenkins Debian Package Builder Plugin 1.6.11 and earlier implements functionality that allows agents to invoke command-line `git` at an attacker-specified path on the controller, allowing attackers ab ...……
    作者:菜鸟教程小白 | 时间:2022-6-22 22:02 | 阅读:16 | 回复:0
  • CVE-2022-23117
    CVE漏洞
    CVE-2022-23117
    Jenkins Conjur Secrets Plugin 1.0.9 and earlier implements functionality that allows attackers able to control agent processes to retrieve all username/password credentials stored on the Jenkins contr ...……
    作者:菜鸟教程小白 | 时间:2022-6-22 22:02 | 阅读:16 | 回复:0
  • CVE-2022-23116
    CVE漏洞
    CVE-2022-23116
    Jenkins Conjur Secrets Plugin 1.0.9 and earlier implements functionality that allows attackers able to control agent processes to decrypt secrets stored in Jenkins obtained through another method.……
    作者:菜鸟教程小白 | 时间:2022-6-22 22:02 | 阅读:18 | 回复:0
  • CVE-2022-23115
    CVE漏洞
    CVE-2022-23115
    Cross-site request forgery (CSRF) vulnerabilities in Jenkins batch task Plugin 1.19 and earlier allows attackers with Overall/Read access to retrieve logs, build or delete a batch task.……
    作者:菜鸟教程小白 | 时间:2022-6-22 22:02 | 阅读:15 | 回复:0
  • CVE-2022-23114
    CVE漏洞
    CVE-2022-23114
    Jenkins Publish Over SSH Plugin 1.22 and earlier stores password unencrypted in its global configuration file on the Jenkins controller where it can be viewed by users with access to the Jenkins contr ...……
    作者:菜鸟教程小白 | 时间:2022-6-22 22:02 | 阅读:25 | 回复:0
  • CVE-2022-23113
    CVE漏洞
    CVE-2022-23113
    Jenkins Publish Over SSH Plugin 1.22 and earlier performs a validation of the file name specifying whether it is present or not, resulting in a path traversal vulnerability allowing attackers with Ite ...……
    作者:菜鸟教程小白 | 时间:2022-6-22 22:02 | 阅读:16 | 回复:0
  • CVE-2022-23112
    CVE漏洞
    CVE-2022-23112
    A missing permission check in Jenkins Publish Over SSH Plugin 1.22 and earlier allows attackers with Overall/Read access to connect to an attacker-specified SSH server using attacker-specified credent ...……
    作者:菜鸟教程小白 | 时间:2022-6-22 22:02 | 阅读:17 | 回复:0
  • CVE-2022-23111
    CVE漏洞
    CVE-2022-23111
    A cross-site request forgery (CSRF) vulnerability in Jenkins Publish Over SSH Plugin 1.22 and earlier allows attackers to connect to an attacker-specified SSH server using attacker-specified credentia ...……
    作者:菜鸟教程小白 | 时间:2022-6-22 22:02 | 阅读:16 | 回复:0
  • CVE-2022-23109
    CVE漏洞
    CVE-2022-23109
    Jenkins HashiCorp Vault Plugin 3.7.0 and earlier does not mask Vault credentials in Pipeline build logs or in Pipeline step descriptions when Pipeline: Groovy Plugin 2.85 or later is installed.……
    作者:菜鸟教程小白 | 时间:2022-6-22 22:02 | 阅读:16 | 回复:0
  • CVE-2022-23108
    CVE漏洞
    CVE-2022-23108
    Jenkins Badge Plugin 1.9 and earlier does not escape the description and does not check for allowed protocols when creating a badge, resulting in a stored cross-site scripting (XSS) vulnerability expl ...……
    作者:菜鸟教程小白 | 时间:2022-6-22 22:02 | 阅读:14 | 回复:0
  • CVE-2022-23107
    CVE漏洞
    CVE-2022-23107
    Jenkins Warnings Next Generation Plugin 9.10.2 and earlier does not restrict the name of a file when configuring custom ID, allowing attackers with Item/Configure permission to write and read specific ...……
    作者:菜鸟教程小白 | 时间:2022-6-22 22:02 | 阅读:14 | 回复:0

关注我们

极客给你想要的成长

关注极客中国获取最新资讯

加入Q群 官方微博
热门推荐
More+
专题导读
More+
热门话题
More+
阅读排行榜

扫描微信二维码

查看手机版网站

随时了解更新最新资讯

139-2527-9053

在线客服(服务时间 9:00~18:00)

在线QQ客服
地址:深圳市南山区西丽大学城创智工业园
电邮:jeky_zhao#qq.com
移动电话:139-2527-9053

Powered by 互联科技 X3.4© 2001-2213 极客世界.|Sitemap