漏洞 - 第497页-OGeek|极客世界-中国程序员成长平台

OGeek|极客世界-中国程序员成长平台 › 门户 ›漏洞

漏洞

RSS

下级分类:

CVE漏洞

CVE-2021-0931

In getAlias of BluetoothDevice.java, there is a possible way to create misleading permission dialogs due to missing data filtering. This could lead to local information disclosure with User execution ...……

作者：菜鸟教程小白 | 时间：2022-2-5 12:38 | 阅读：46 | 回复：0
CVE漏洞

CVE-2021-0930

In phNxpNciHal_process_ext_rsp of phNxpNciHal_ext.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution over NFC with no additional execut ...……

作者：菜鸟教程小白 | 时间：2022-2-5 12:38 | 阅读：45 | 回复：0
CVE漏洞

CVE-2021-0929

In ion_dma_buf_end_cpu_access and related functions of ion.c, there is a possible way to corrupt memory due to a use after free. This could lead to local escalation of privilege with no additional exe ...……

作者：菜鸟教程小白 | 时间：2022-2-5 12:38 | 阅读：44 | 回复：0
CVE漏洞

CVE-2021-0928

In createFromParcel of OutputConfiguration.java, there is a possible parcel serialization/deserialization mismatch due to improper input validation. This could lead to local escalation of privilege wi ...……

作者：菜鸟教程小白 | 时间：2022-2-5 12:38 | 阅读：39 | 回复：0
CVE漏洞

CVE-2021-0927

In requestChannelBrowsable of TvInputManagerService.java, there is a possible permission bypass due to a logic error in the code. This could lead to local escalation of privilege with no additional ex ...……

作者：菜鸟教程小白 | 时间：2022-2-5 12:38 | 阅读：33 | 回复：0
CVE漏洞

CVE-2021-0926

In onCreate of NfcImportVCardActivity.java, there is a possible way to add a contact without user's consent due to a missing permission check. This could lead to local escalation of privilege with ...……

作者：菜鸟教程小白 | 时间：2022-2-5 12:38 | 阅读：48 | 回复：0
CVE漏洞

CVE-2021-0925

In rw_t4t_sm_detect_ndef of rw_t4t.cc, there is a possible out of bounds read due to an incorrect bounds check. This could lead to remote information disclosure due to a limited change in behavior bas ...……

作者：菜鸟教程小白 | 时间：2022-2-5 12:38 | 阅读：46 | 回复：0
CVE漏洞

CVE-2021-0924

In xhci_vendor_get_ops of xhci.c, there is a possible out of bounds read due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. ...……

作者：菜鸟教程小白 | 时间：2022-2-5 12:38 | 阅读：33 | 回复：0
CVE漏洞

CVE-2021-0923

In createOrUpdate of Permission.java, there is a possible way to gain internal permissions due to a missing permission check. This could lead to local escalation of privilege with no additional execut ...……

作者：菜鸟教程小白 | 时间：2022-2-5 12:38 | 阅读：44 | 回复：0
CVE漏洞

CVE-2021-0922

In enforceCrossUserOrProfilePermission of PackageManagerService.java, there is a possible bypass of INTERACT_ACROSS_PROFILES permission due to a missing permission check. This could lead to local esca ...……

作者：菜鸟教程小白 | 时间：2022-2-5 12:38 | 阅读：57 | 回复：0
CVE漏洞

CVE-2021-0921

In ParsingPackageImpl of ParsingPackageImpl.java, there is a possible parcel serialization/deserialization mismatch due to improper input validation. This could lead to local escalation of privilege w ...……

作者：菜鸟教程小白 | 时间：2022-2-5 12:38 | 阅读：50 | 回复：0
CVE漏洞

CVE-2021-0920

In unix_scm_to_skb of af_unix.c, there is a possible use after free bug due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interact ...……

作者：菜鸟教程小白 | 时间：2022-2-5 12:38 | 阅读：52 | 回复：0
CVE漏洞

CVE-2021-0919

In getService of IServiceManager.cpp, there is a possible unhandled exception due to an integer overflow. This could lead to local denial of service making the lockscreen unusable with no additional e ...……

作者：菜鸟教程小白 | 时间：2022-2-5 12:38 | 阅读：37 | 回复：0
CVE漏洞

CVE-2021-0918

In gatt_process_notification of gatt_cl.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution over Bluetooth with no additional execution ...……

作者：菜鸟教程小白 | 时间：2022-2-5 12:38 | 阅读：27 | 回复：0
CVE漏洞

CVE-2021-0904

In SRAMROM, there is a possible permission bypass due to an insecure permission setting. This could lead to local escalation of privilege with System execution privileges needed. User interaction is n ...……

作者：菜鸟教程小白 | 时间：2022-2-5 12:38 | 阅读：37 | 回复：0
CVE漏洞

CVE-2021-0889

In Android TV , there is a possible silent pairing due to lack of rate limiting in the pairing flow. This could lead to remote code execution with no additional execution privileges needed. User inter ...……

作者：菜鸟教程小白 | 时间：2022-2-5 12:38 | 阅读：34 | 回复：0
CVE漏洞

CVE-2021-0799

In ActivityThread.java, there is a possible way to collide the content provider's authorities. This could lead to local escalation of privilege with no additional execution privileges needed. User ...……

作者：菜鸟教程小白 | 时间：2022-2-5 12:38 | 阅读：64 | 回复：0
CVE漏洞

CVE-2021-0769

In onCreate of AllowBindAppWidgetActivity.java, there is a possible bypass of user interaction requirements due to unclear UI. This could lead to local escalation of privilege with no additional execu ...……

作者：菜鸟教程小白 | 时间：2022-2-5 12:38 | 阅读：31 | 回复：0
CVE漏洞

CVE-2021-0704

In createNoCredentialsPermissionNotification and related functions of AccountManagerService.java, there is a possible way to retrieve accounts from the device without permissions due to a permissions ...……

作者：菜鸟教程小白 | 时间：2022-2-5 12:38 | 阅读：39 | 回复：0
CVE漏洞

CVE-2021-0675

In alac decoder, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interac ...……

作者：菜鸟教程小白 | 时间：2022-2-5 12:38 | 阅读：29 | 回复：0
CVE漏洞

CVE-2021-0653

In enqueueNotification of NetworkPolicyManagerService.java, there is a possible way to retrieve a trackable identifier due to a missing permission check. This could lead to local information disclosur ...……

作者：菜鸟教程小白 | 时间：2022-2-5 12:38 | 阅读：32 | 回复：0
CVE漏洞

CVE-2021-0650

In WT_InterpolateNoLoop of eas_wtengine.c, there is a possible out of bounds read due to an incorrect bounds check. This could lead to remote information disclosure with no additional execution privil ...……

作者：菜鸟教程小白 | 时间：2022-2-5 12:38 | 阅读：40 | 回复：0
CVE漏洞

CVE-2021-0649

In stopVpnProfile of Vpn.java, there is a possible VPN profile reset due to a permissions bypass. This could lead to local escalation of privilege CONTROL_ALWAYS_ON_VPN with no additional execution pr ...……

作者：菜鸟教程小白 | 时间：2022-2-5 12:38 | 阅读：44 | 回复：0
CVE漏洞

CVE-2021-0434

In onReceive of BluetoothPermissionRequest.java, there is a possible phishing attack allowing a malicious Bluetooth device to acquire permissions based on insufficient information presented to the use ...……

作者：菜鸟教程小白 | 时间：2022-2-5 12:38 | 阅读：33 | 回复：0
CVE漏洞

CVE-2021-42216

A Broken or Risky Cryptographic Algorithm exists in AnonAddy 0.8.5 via VerificationController.php.……

作者：菜鸟教程小白 | 时间：2022-2-5 12:38 | 阅读：52 | 回复：0
CVE漏洞

CVE-2021-44655

Online Pre-owned/Used Car Showroom Management System 1.0 contains a SQL injection authentication bypass vulnerability. Admin panel authentication can be bypassed due to SQL injection vulnerability in ...……

作者：菜鸟教程小白 | 时间：2022-2-5 12:38 | 阅读：55 | 回复：0
CVE漏洞

CVE-2021-44653

Online Magazine Management System 1.0 contains a SQL injection authentication bypass vulnerability. The Admin panel authentication can be bypassed due to SQL injection vulnerability in the login form ...……

作者：菜鸟教程小白 | 时间：2022-2-5 12:38 | 阅读：44 | 回复：0
CVE漏洞

CVE-2021-43675

Lychee-v3 3.2.16 is affected by a Cross Site Scripting (XSS) vulnerability in php/Access/Guest.php. The function exit will terminate the script and print the message to the user. The message will cont ...……

作者：菜鸟教程小白 | 时间：2022-2-5 12:38 | 阅读：57 | 回复：0
CVE漏洞

CVE-2021-4117

yetiforcecrm is vulnerable to Business Logic Errors……

作者：菜鸟教程小白 | 时间：2022-2-5 12:38 | 阅读：37 | 回复：0
CVE漏洞

CVE-2021-44657

In StackStorm versions prior to 3.6.0, the jinja interpreter was not run in sandbox mode and thus allows execution of unsafe system commands. Jinja does not enable sandboxed mode by default due to bac ...……

作者：菜鸟教程小白 | 时间：2022-2-5 12:38 | 阅读：31 | 回复：0
CVE漏洞

CVE-2021-43908

Visual Studio Code Spoofing Vulnerability……

作者：菜鸟教程小白 | 时间：2022-2-5 12:38 | 阅读：33 | 回复：0
CVE漏洞

CVE-2021-43907

Visual Studio Code WSL Extension Remote Code Execution Vulnerability……

作者：菜鸟教程小白 | 时间：2022-2-5 12:38 | 阅读：39 | 回复：0
CVE漏洞

CVE-2021-43905

Microsoft Office app Remote Code Execution Vulnerability……

作者：菜鸟教程小白 | 时间：2022-2-5 12:38 | 阅读：46 | 回复：0
CVE漏洞

CVE-2021-43899

Microsoft 4K Wireless Display Adapter Remote Code Execution Vulnerability……

作者：菜鸟教程小白 | 时间：2022-2-5 12:38 | 阅读：39 | 回复：0
CVE漏洞

CVE-2021-43896

Microsoft PowerShell Spoofing Vulnerability……

作者：菜鸟教程小白 | 时间：2022-2-5 12:38 | 阅读：31 | 回复：0
CVE漏洞

CVE-2021-43893

Windows Encrypting File System (EFS) Elevation of Privilege Vulnerability……

作者：菜鸟教程小白 | 时间：2022-2-5 12:38 | 阅读：31 | 回复：0
CVE漏洞

CVE-2021-43892

Microsoft BizTalk ESB Toolkit Spoofing Vulnerability……

作者：菜鸟教程小白 | 时间：2022-2-5 12:38 | 阅读：47 | 回复：0
CVE漏洞

CVE-2021-43891

Visual Studio Code Remote Code Execution Vulnerability……

作者：菜鸟教程小白 | 时间：2022-2-5 12:38 | 阅读：54 | 回复：0
CVE漏洞

CVE-2021-43890

Windows AppX Installer Spoofing Vulnerability……

作者：菜鸟教程小白 | 时间：2022-2-5 12:38 | 阅读：31 | 回复：0
CVE漏洞

CVE-2021-43889

Microsoft Defender for IoT Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-41365, CVE-2021-42310, CVE-2021-42311, CVE-2021-42313, CVE-2021-42314, CVE-2021-42315, CVE-2021-43882 ...……

作者：菜鸟教程小白 | 时间：2022-2-5 12:38 | 阅读：24 | 回复：0