漏洞 - 第386页-OGeek|极客世界-中国程序员成长平台

OGeek|极客世界-中国程序员成长平台 › 门户 ›漏洞

漏洞

RSS

下级分类:

CVE漏洞

CVE-2021-25001

The Booster for WooCommerce WordPress plugin before 5.4.9 does not sanitise and escape the wcj_create_products_xml_result parameter before outputting back in the admin dashboard when the Product XML F ...……

作者：菜鸟教程小白 | 时间：2022-6-22 21:58 | 阅读：5 | 回复：0
CVE漏洞

CVE-2021-25000

The Booster for WooCommerce WordPress plugin before 5.4.9 does not sanitise and escape the wcj_delete_role parameter before outputting back in the admin dashboard when the General module is enabled, l ...……

作者：菜鸟教程小白 | 时间：2022-6-22 21:58 | 阅读：5 | 回复：0
CVE漏洞

CVE-2021-24999

The Booster for WooCommerce WordPress plugin before 5.4.9 does not sanitise and escape the wcj_notice parameter before outputting it back in the admin dashboard when the Pdf Invoicing module is enable ...……

作者：菜鸟教程小白 | 时间：2022-6-22 21:58 | 阅读：4 | 回复：0
CVE漏洞

CVE-2021-24991

The WooCommerce PDF Invoices Packing Slips WordPress plugin before 2.10.5 does not escape the tab and section parameters before outputting it back in an attribute, leading to a Reflected Cross-Site S ...……

作者：菜鸟教程小白 | 时间：2022-6-22 21:58 | 阅读：5 | 回复：0
CVE漏洞

CVE-2021-24973

The Site Reviews WordPress plugin before 5.17.3 does not sanitise and escape the site-reviews parameter of the glsr_action AJAX action (available to unauthenticated and any authenticated users), allow ...……

作者：菜鸟教程小白 | 时间：2022-6-22 21:58 | 阅读：5 | 回复：0
CVE漏洞

CVE-2021-24964

The LiteSpeed Cache WordPress plugin before 4.4.4 does not properly verify that requests are coming from QUIC.cloud servers, allowing attackers to make requests to certain endpoints by using a specifi ...……

作者：菜鸟教程小白 | 时间：2022-6-22 21:58 | 阅读：5 | 回复：0
CVE漏洞

CVE-2021-24963

The LiteSpeed Cache WordPress plugin before 4.4.4 does not escape the qc_res parameter before outputting it back in the JS code of an admin page, leading to a Reflected Cross-Site Scripting……

作者：菜鸟教程小白 | 时间：2022-6-22 21:58 | 阅读：5 | 回复：0
CVE漏洞

CVE-2021-24893

The Stars Rating WordPress plugin before 3.5.1 does not validate the submitted rating, allowing submission of long integer, causing a Denial of Service in the comments section, or pending comment dash ...……

作者：菜鸟教程小白 | 时间：2022-6-22 21:58 | 阅读：4 | 回复：0
CVE漏洞

CVE-2021-24831

All AJAX actions of the Tab WordPress plugin before 1.3.2 are available to both unauthenticated and authenticated users, allowing unauthenticated attackers to modify various data in the plugin, such a ...……

作者：菜鸟教程小白 | 时间：2022-6-22 21:58 | 阅读：5 | 回复：0
CVE漏洞

CVE-2021-24828

The Mortgage Calculator / Loan Calculator WordPress plugin before 1.5.17 does not escape the some of the attributes of its mlcalc shortcode before outputting them, which could allow users with a role ...……

作者：菜鸟教程小白 | 时间：2022-6-22 21:58 | 阅读：5 | 回复：0
CVE漏洞

CVE-2021-24786

The Download Monitor WordPress plugin before 4.4.5 does not properly validate and escape the orderby GET parameter before using it in a SQL statement when viewing the logs, leading to an SQL Injection ...……

作者：菜鸟教程小白 | 时间：2022-6-22 21:58 | 阅读：5 | 回复：0
CVE漏洞

CVE-2021-24680

The WP Travel Engine WordPress plugin before 5.3.1 does not escape the Description field in the Trip Destination/Activities/Trip Type and Pricing Category pages, allowing users with a role as low as e ...……

作者：菜鸟教程小白 | 时间：2022-6-22 21:58 | 阅读：5 | 回复：0
CVE漏洞

CVE-2021-45917

The server-request receiver function of Shockwall system has an improper authentication vulnerability. An authenticated attacker of an agent computer within the local area network can use the local re ...……

作者：菜鸟教程小白 | 时间：2022-6-22 21:58 | 阅读：5 | 回复：0
CVE漏洞

CVE-2021-45916

The programming function of Shockwall system has an improper input validation vulnerability. An authenticated attacker within the local area network can send malicious response to the server to disrup ...……

作者：菜鸟教程小白 | 时间：2022-6-22 21:58 | 阅读：5 | 回复：0
CVE漏洞

CVE-2021-44158

ASUS RT-AX56U Wi-Fi Router is vulnerable to stack-based buffer overflow due to improper validation for httpd parameter length. An authenticated local area network attacker can launch arbitrary code ex ...……

作者：菜鸟教程小白 | 时间：2022-6-22 21:58 | 阅读：4 | 回复：0
CVE漏洞

CVE-2021-35093

Possible memory corruption in BT controller when it receives an oversized LMP packet over 2-DH1 link and leads to denial of service in BlueCore……

作者：菜鸟教程小白 | 时间：2022-6-22 21:58 | 阅读：5 | 回复：0
CVE漏洞

CVE-2021-30351

An out of bound memory access can occur due to improper validation of number of frames being passed during music playback in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Co ...……

作者：菜鸟教程小白 | 时间：2022-6-22 21:58 | 阅读：5 | 回复：0
CVE漏洞

CVE-2021-30348

Improper validation of LLM utility timers availability can lead to denial of service in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snap ...……

作者：菜鸟教程小白 | 时间：2022-6-22 21:58 | 阅读：5 | 回复：0
CVE漏洞

CVE-2021-30337

Possible use after free when process shell memory is freed using IOCTL call and process initialization is in progress in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consum ...……

作者：菜鸟教程小白 | 时间：2022-6-22 21:58 | 阅读：4 | 回复：0
CVE漏洞

CVE-2021-30336

Possible out of bound read due to lack of domain input validation while processing APK close session request in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, ...……

作者：菜鸟教程小白 | 时间：2022-6-22 21:58 | 阅读：5 | 回复：0
CVE漏洞

CVE-2021-30335

Possible assertion in QOS request due to improper validation when multiple add or update request are received simultaneously in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon ...……

作者：菜鸟教程小白 | 时间：2022-6-22 21:58 | 阅读：4 | 回复：0
CVE漏洞

CVE-2021-30303

Possible buffer overflow due to lack of buffer length check when segmented WMI command is received in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Conn ...……

作者：菜鸟教程小白 | 时间：2022-6-22 21:58 | 阅读：5 | 回复：0
CVE漏洞

CVE-2021-30298

Possible out of bound access due to improper validation of item size and DIAG memory pools data while switching between USB and PCIE interface in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon I ...……

作者：菜鸟教程小白 | 时间：2022-6-22 21:58 | 阅读：5 | 回复：0
CVE漏洞

CVE-2021-30293

Possible assertion due to lack of input validation in PUSCH configuration in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT……

作者：菜鸟教程小白 | 时间：2022-6-22 21:58 | 阅读：5 | 回复：0
CVE漏洞

CVE-2021-30289

Possible buffer overflow due to lack of range check while processing a DIAG command for COEX management in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snap ...……

作者：菜鸟教程小白 | 时间：2022-6-22 21:58 | 阅读：5 | 回复：0
CVE漏洞

CVE-2021-30283

Possible denial of service due to improper handling of debug register trap from user applications in Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile……

作者：菜鸟教程小白 | 时间：2022-6-22 21:58 | 阅读：5 | 回复：0
CVE漏洞

CVE-2021-30282

Possible out of bound write in RAM partition table due to improper validation on number of partitions provided in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, ...……

作者：菜鸟教程小白 | 时间：2022-6-22 21:58 | 阅读：6 | 回复：0
CVE漏洞

CVE-2021-30279

Possible access control violation while setting current permission for VMIDs due to improper permission masking in Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Indu ...……

作者：菜鸟教程小白 | 时间：2022-6-22 21:58 | 阅读：9 | 回复：0
CVE漏洞

CVE-2021-30278

Improper input validation in TrustZone memory transfer interface can lead to information disclosure in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon ...……

作者：菜鸟教程小白 | 时间：2022-6-22 21:58 | 阅读：6 | 回复：0
CVE漏洞

CVE-2021-30276

Improper access control while doing XPU re-configuration dynamically can lead to unauthorized access to a secure resource in Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapd ...……

作者：菜鸟教程小白 | 时间：2022-6-22 21:57 | 阅读：6 | 回复：0
CVE漏洞

CVE-2021-30275

Possible integer overflow in page alignment interface due to lack of address and size validation before alignment in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer I ...……

作者：菜鸟教程小白 | 时间：2022-6-22 21:57 | 阅读：6 | 回复：0
CVE漏洞

CVE-2021-30274

Possible integer overflow in access control initialization interface due to lack and size and address validation in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IO ...……

作者：菜鸟教程小白 | 时间：2022-6-22 21:57 | 阅读：6 | 回复：0
CVE漏洞

CVE-2021-30273

Possible assertion due to improper handling of IPV6 packet with invalid length in destination options header in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, ...……

作者：菜鸟教程小白 | 时间：2022-6-22 21:57 | 阅读：6 | 回复：0
CVE漏洞

CVE-2021-30272

Possible null pointer dereference in thread cache operation handler due to lack of validation of user provided input in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consume ...……

作者：菜鸟教程小白 | 时间：2022-6-22 21:57 | 阅读：7 | 回复：0
CVE漏洞

CVE-2021-30271

Possible null pointer dereference in trap handler due to lack of thread ID validation before dereferencing it in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Elect ...……

作者：菜鸟教程小白 | 时间：2022-6-22 21:57 | 阅读：8 | 回复：0
CVE漏洞

CVE-2021-30270

Possible null pointer dereference in thread profile trap handler due to lack of thread ID validation before dereferencing it in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon ...……

作者：菜鸟教程小白 | 时间：2022-6-22 21:57 | 阅读：8 | 回复：0
CVE漏洞

CVE-2021-30269

Possible null pointer dereference due to lack of TLB validation for user provided address in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, ...……

作者：菜鸟教程小白 | 时间：2022-6-22 21:57 | 阅读：7 | 回复：0
CVE漏洞

CVE-2021-30268

Possible heap Memory Corruption Issue due to lack of input validation when sending HWTC IQ Capture command in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Sna ...……

作者：菜鸟教程小白 | 时间：2022-6-22 21:57 | 阅读：8 | 回复：0
CVE漏洞

CVE-2021-30267

Possible integer overflow to buffer overflow due to improper input validation in FTM ARA commands in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon I ...……

作者：菜鸟教程小白 | 时间：2022-6-22 21:57 | 阅读：7 | 回复：0
CVE漏洞

CVE-2021-30262

Improper validation of a socket state when socket events are being sent to clients can lead to invalid access of memory in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Cons ...……

作者：菜鸟教程小白 | 时间：2022-6-22 21:57 | 阅读：11 | 回复：0