漏洞 - 第490页-OGeek|极客世界-中国程序员成长平台

OGeek|极客世界-中国程序员成长平台 › 门户 ›漏洞

漏洞

RSS

下级分类:

CVE漏洞

CVE-2020-18985

An issue in /domain/service/.ewell-known/caldav of Zimbra Collaboration 8.8.12 allows attackers to redirect users to any arbitrary website of their choosing.……

作者：菜鸟教程小白 | 时间：2022-2-5 12:39 | 阅读：26 | 回复：0
CVE漏洞

CVE-2020-18984

A reflected cross-site scripting (XSS) vulnerability in the zimbraAdmin/public/secureRequest.jsp component of Zimbra Collaboration 8.8.12 allows unauthenticated attackers to execute arbitrary web scri ...……

作者：菜鸟教程小白 | 时间：2022-2-5 12:39 | 阅读：31 | 回复：0
CVE漏洞

CVE-2021-44116

Cross Site Scripting (XSS) vulnerability exits in Anchor CMS =0.12.7 in posts.php. Attackers can use the posts column to upload the title and content containing malicious code to achieve the purpose o ...……

作者：菜鸟教程小白 | 时间：2022-2-5 12:39 | 阅读：30 | 回复：0
CVE漏洞

CVE-2021-4119

bookstack is vulnerable to Improper Access Control……

作者：菜鸟教程小白 | 时间：2022-2-5 12:39 | 阅读：32 | 回复：0
CVE漏洞

CVE-2021-45078

stab_xcoff_builtin_type in stabs.c in GNU Binutils through 2.37 allows attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact, as demonstrated by ...……

作者：菜鸟教程小白 | 时间：2022-2-5 12:39 | 阅读：29 | 回复：0
CVE漏洞

CVE-2021-43836

Sulu is an open-source PHP content management system based on the Symfony framework. In affected versions an attacker can read arbitrary local files via a PHP file include. In a default configuration ...……

作者：菜鸟教程小白 | 时间：2022-2-5 12:39 | 阅读：35 | 回复：0
CVE漏洞

CVE-2021-43835

Sulu is an open-source PHP content management system based on the Symfony framework. In affected versions Sulu users who have access to any subset of the admin UI are able to elevate their privilege. ...……

作者：菜鸟教程小白 | 时间：2022-2-5 12:39 | 阅读：32 | 回复：0
CVE漏洞

CVE-2021-43831

Gradio is an open source framework for building interactive machine learning models and demos. In versions prior to 2.5.0 there is a vulnerability that affects anyone who creates and publicly shares G ...……

作者：菜鸟教程小白 | 时间：2022-2-5 12:39 | 阅读：44 | 回复：0
CVE漏洞

CVE-2021-43806

Tuleap is a Libre and Open Source tool for end to end traceability of application and system developments. In affected versions Tuleap does not sanitize properly user settings when constructing the SQ ...……

作者：菜鸟教程小白 | 时间：2022-2-5 12:39 | 阅读：53 | 回复：0
CVE漏洞

CVE-2021-43782

Tuleap is a Libre and Open Source tool for end to end traceability of application and system developments. This is a follow up to GHSA-887w-pv2r-x8pm/CVE-2021-41276, the initial fix was incomplete. Tu ...……

作者：菜鸟教程小白 | 时间：2022-2-5 12:39 | 阅读：62 | 回复：0
CVE漏洞

CVE-2021-41276

Tuleap is a Libre and Open Source tool for end to end traceability of application and system developments. In affected versions Tuleap does not sanitize properly the search filter built from the ldap_ ...……

作者：菜鸟教程小白 | 时间：2022-2-5 12:39 | 阅读：43 | 回复：0
CVE漏洞

CVE-2021-35490

Thruk before 2.44 allows XSS for a quick command.……

作者：菜鸟教程小白 | 时间：2022-2-5 12:39 | 阅读：53 | 回复：0
CVE漏洞

CVE-2021-29847

BMC firmware (IBM Power System S821LC Server (8001-12C) OP825.50) configuration changed to allow an authenticated user to open an insecure communication channel which could allow an attacker to obtain ...……

作者：菜鸟教程小白 | 时间：2022-2-5 12:39 | 阅读：41 | 回复：0
CVE漏洞

CVE-2021-27859

A missing authorization vulnerability in the web management interface of FatPipe WARP, IPVPN, and MPVPN software prior to versions 10.1.2r60p91 and 10.2.2r42 allows an authenticated, remote attacker w ...……

作者：菜鸟教程小白 | 时间：2022-2-5 12:39 | 阅读：60 | 回复：0
CVE漏洞

CVE-2021-27858

A missing authorization vulnerability in the web management interface of FatPipe WARP, IPVPN, and MPVPN software prior to versions 10.1.2r60p91 and 10.2.2r42 allows a remote attacker to access at leas ...……

作者：菜鸟教程小白 | 时间：2022-2-5 12:39 | 阅读：53 | 回复：0
CVE漏洞

CVE-2021-27857

A missing authorization vulnerability in the web management interface of FatPipe WARP, IPVPN, and MPVPN software prior to versions 10.1.2r60p91 and 10.2.2r42 allows a remote, unauthenticated attacker ...……

作者：菜鸟教程小白 | 时间：2022-2-5 12:39 | 阅读：43 | 回复：0
CVE漏洞

CVE-2021-27856

FatPipe WARP, IPVPN, and MPVPN software prior to versions 10.1.2r60p91 and 10.2.2r42 includes an account named cmuser that has administrative privileges and no password. Older versions of FatPipe soft ...……

作者：菜鸟教程小白 | 时间：2022-2-5 12:39 | 阅读：41 | 回复：0
CVE漏洞

CVE-2021-27855

FatPipe WARP, IPVPN, and MPVPN software prior to versions 10.1.2r60p91 and 10.2.2r42 allows a remote, authenticated attacker with read-only privileges to grant themselves administrative privileges. Ol ...……

作者：菜鸟教程小白 | 时间：2022-2-5 12:39 | 阅读：48 | 回复：0
CVE漏洞

CVE-2021-43935

The impacted products, when configured to use SSO, are affected by an improper authentication vulnerability. This vulnerability allows the application to accept manual entry of any active directory (A ...……

作者：菜鸟教程小白 | 时间：2022-2-5 12:39 | 阅读：43 | 回复：0
CVE漏洞

CVE-2021-39657

In ufshcd_eh_device_reset_handler of ufshcd.c, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges ne ...……

作者：菜鸟教程小白 | 时间：2022-2-5 12:39 | 阅读：44 | 回复：0
CVE漏洞

CVE-2021-39656

In __configfs_open_file of file.c, there is a possible use-after-free due to improper locking. This could lead to local escalation of privilege in the kernel with System execution privileges needed. U ...……

作者：菜鸟教程小白 | 时间：2022-2-5 12:39 | 阅读：54 | 回复：0
CVE漏洞

CVE-2021-39655

Product: AndroidVersions: Android kernelAndroid ID: A-192641593References: N/A……

作者：菜鸟教程小白 | 时间：2022-2-5 12:39 | 阅读：52 | 回复：0
CVE漏洞

CVE-2021-39653

In (TBD) of (TBD), there is a possible way to boot with a hidden debug policy due to a missing warning to the user. This could lead to local escalation of privilege after preparing the device, hiding ...……

作者：菜鸟教程小白 | 时间：2022-2-5 12:39 | 阅读：44 | 回复：0
CVE漏洞

CVE-2021-39652

In sec_ts_parsing_cmds of (TBD), there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. Use ...……

作者：菜鸟教程小白 | 时间：2022-2-5 12:39 | 阅读：47 | 回复：0
CVE漏洞

CVE-2021-39651

In TBD of TBD, there is a possible way to access PIN protected settings bypassing PIN confirmation due to a missing permission check. This could lead to local escalation of privilege with no additiona ...……

作者：菜鸟教程小白 | 时间：2022-2-5 12:39 | 阅读：41 | 回复：0
CVE漏洞

CVE-2021-39650

In (TBD) of (TBD), there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is ...……

作者：菜鸟教程小白 | 时间：2022-2-5 12:39 | 阅读：56 | 回复：0
CVE漏洞

CVE-2021-39649

In regmap_exit of regmap.c, there is a possible use-after-free due to improper locking. This could lead to local escalation of privilege in the kernel with System execution privileges needed. User int ...……

作者：菜鸟教程小白 | 时间：2022-2-5 12:39 | 阅读：40 | 回复：0
CVE漏洞

CVE-2021-39648

In gadget_dev_desc_UDC_show of configfs.c, there is a possible disclosure of kernel heap memory due to a race condition. This could lead to local information disclosure with System execution privilege ...……

作者：菜鸟教程小白 | 时间：2022-2-5 12:39 | 阅读：44 | 回复：0
CVE漏洞

CVE-2021-39647

In mon_smc_load_sp of gs101-sc/plat/samsung/exynos/soc/exynos9845/smc_booting.S, there is a possible reinitialization of TEE due to improper locking. This could lead to local information disclosure wi ...……

作者：菜鸟教程小白 | 时间：2022-2-5 12:39 | 阅读：38 | 回复：0
CVE漏洞

CVE-2021-39646

Product: AndroidVersions: Android kernelAndroid ID: A-201537251References: N/A……

作者：菜鸟教程小白 | 时间：2022-2-5 12:39 | 阅读：34 | 回复：0
CVE漏洞

CVE-2021-39645

Product: AndroidVersions: Android kernelAndroid ID: A-199805112References: N/A……

作者：菜鸟教程小白 | 时间：2022-2-5 12:39 | 阅读：34 | 回复：0
CVE漏洞

CVE-2021-39644

Product: AndroidVersions: Android kernelAndroid ID: A-199809304References: N/A……

作者：菜鸟教程小白 | 时间：2022-2-5 12:39 | 阅读：44 | 回复：0
CVE漏洞

CVE-2021-39643

In ic_startRetrieveEntryValue of acropora/app/identity/ic.c, there is a possible bypass of defense-in-depth due to missing validation of the return value. This could lead to local escalation of privil ...……

作者：菜鸟教程小白 | 时间：2022-2-5 12:39 | 阅读：47 | 回复：0
CVE漏洞

CVE-2021-39642

In synchronous_process_io_entries of lwis_ioctl.c, there is a possible out of bounds write due to a race condition. This could lead to local escalation of privilege with System execution privileges ne ...……

作者：菜鸟教程小白 | 时间：2022-2-5 12:39 | 阅读：33 | 回复：0
CVE漏洞

CVE-2021-39641

Product: AndroidVersions: Android kernelAndroid ID: A-126949257References: N/A……

作者：菜鸟教程小白 | 时间：2022-2-5 12:39 | 阅读：32 | 回复：0
CVE漏洞

CVE-2021-39640

In __dwc3_gadget_ep0_queue of ep0.c, there is a possible out of bounds write due to improper locking. This could lead to local escalation of privilege with no additional execution privileges needed. U ...……

作者：菜鸟教程小白 | 时间：2022-2-5 12:39 | 阅读：35 | 回复：0
CVE漏洞

CVE-2021-39639

In TBD of fvp.c, there is a possible way to glitch CPU behavior due to a missing permission check. This could lead to local escalation of privilege with physical access to device internals with no add ...……

作者：菜鸟教程小白 | 时间：2022-2-5 12:39 | 阅读：43 | 回复：0
CVE漏洞

CVE-2021-39638

In periodic_io_work_func of lwis_periodic_io.c, there is a possible out of bounds write due to a use after free. This could lead to local escalation of privilege with System execution privileges neede ...……

作者：菜鸟教程小白 | 时间：2022-2-5 12:39 | 阅读：36 | 回复：0
CVE漏洞

CVE-2021-39637

In CreateDeviceInfo of trusty_remote_provisioning_context.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System executi ...……

作者：菜鸟教程小白 | 时间：2022-2-5 12:39 | 阅读：46 | 回复：0
CVE漏洞

CVE-2021-39636

In do_ipt_get_ctl and do_ipt_set_ctl of ip_tables.c, there is a possible way to leak kernel information due to uninitialized data. This could lead to local information disclosure with system execution ...……

作者：菜鸟教程小白 | 时间：2022-2-5 12:39 | 阅读：34 | 回复：0