漏洞 - 第529页-OGeek|极客世界-中国程序员成长平台

OGeek|极客世界-中国程序员成长平台 › 门户 ›漏洞

漏洞

RSS

下级分类:

CVE漏洞

CVE-2021-38972

IBM Tivoli Key Lifecycle Manager 3.0, 3.0.1, 4.0, and 4.1 receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the d ...……

作者：菜鸟教程小白 | 时间：2022-2-5 12:33 | 阅读：21 | 回复：0
CVE漏洞

CVE-2020-4146

IBM Security SiteProtector System 3.1.1 could allow a remote attacker to obtain sensitive information, caused by missing 'HttpOnly' flag. A remote attacker could exploit this vulnerability to ...……

作者：菜鸟教程小白 | 时间：2022-2-5 12:33 | 阅读：22 | 回复：0
CVE漏洞

CVE-2020-4140

IBM Security SiteProtector System 3.1.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality ...……

作者：菜鸟教程小白 | 时间：2022-2-5 12:33 | 阅读：17 | 回复：0
CVE漏洞

CVE-2021-43493

ServerManagement master branch as of commit 49491cc6f94980e6be7791d17be947c27071eb56 is affected by a directory traversal vulnerability. This vulnerability can be used to extract credentials which can ...……

作者：菜鸟教程小白 | 时间：2022-2-5 12:33 | 阅读：10 | 回复：0
CVE漏洞

CVE-2021-43492

AlquistManager branch as of commit 280d99f43b11378212652e75f6f3159cde9c1d36 is affected by a directory traversal vulnerability. This attack can cause the disclosure of critical secrets stored anywhere ...……

作者：菜鸟教程小白 | 时间：2022-2-5 12:33 | 阅读：24 | 回复：0
CVE漏洞

CVE-2021-43496

Clustering master branch as of commit 53e663e259bcfc8cdecb56c0bb255bd70bfcaa70 is affected by a directory traversal vulnerability. This attack can cause the disclosure of critical secrets stored anywh ...……

作者：菜鸟教程小白 | 时间：2022-2-5 12:33 | 阅读：15 | 回复：0
CVE漏洞

CVE-2021-43494

OpenCV-REST-API master branch as of commit 69be158c05d4dd5a4aff38fdc680a162dd6b9e49 is affected by a directory traversal vulnerability. This attack can cause the disclosure of critical secrets stored ...……

作者：菜鸟教程小白 | 时间：2022-2-5 12:33 | 阅读：24 | 回复：0
CVE漏洞

CVE-2021-3934

ohmyzsh is vulnerable to Improper Neutralization of Special Elements used in an OS Command……

作者：菜鸟教程小白 | 时间：2022-2-5 12:33 | 阅读：18 | 回复：0
CVE漏洞

CVE-2021-43578

Jenkins Squash TM Publisher (Squash4Jenkins) Plugin 1.0.0 and earlier implements an agent-to-controller message that does not implement any validation of its input, allowing attackers able to control ...……

作者：菜鸟教程小白 | 时间：2022-2-5 12:33 | 阅读：20 | 回复：0
CVE漏洞

CVE-2021-43577

Jenkins OWASP Dependency-Check Plugin 5.1.1 and earlier does not configure its XML parser to prevent XML external entity (XXE) attacks.……

作者：菜鸟教程小白 | 时间：2022-2-5 12:33 | 阅读：17 | 回复：0
CVE漏洞

CVE-2021-43576

Jenkins pom2config Plugin 1.2 and earlier does not configure its XML parser to prevent XML external entity (XXE) attacks, allowing attackers with Overall/Read and Item/Read permissions to have Jenkins ...……

作者：菜鸟教程小白 | 时间：2022-2-5 12:33 | 阅读：20 | 回复：0
CVE漏洞

CVE-2021-21701

Jenkins Performance Plugin 3.20 and earlier does not configure its XML parser to prevent XML external entity (XXE) attacks.……

作者：菜鸟教程小白 | 时间：2022-2-5 12:33 | 阅读：8 | 回复：0
CVE漏洞

CVE-2021-21700

Jenkins Scriptler Plugin 3.3 and earlier does not escape the name of scripts on the UI when asking to confirm their deletion, resulting in a stored cross-site scripting (XSS) vulnerability exploitable ...……

作者：菜鸟教程小白 | 时间：2022-2-5 12:33 | 阅读：14 | 回复：0
CVE漏洞

CVE-2021-21699

Jenkins Active Choices Plugin 2.5.6 and earlier does not escape the parameter name of reactive parameters and dynamic reference parameters, resulting in a stored cross-site scripting (XSS) vulnerabili ...……

作者：菜鸟教程小白 | 时间：2022-2-5 12:33 | 阅读：20 | 回复：0
CVE漏洞

CVE-2021-30321

Possible buffer overflow due to lack of parameter length check during MBSSID scan IE parse in Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity……

作者：菜鸟教程小白 | 时间：2022-2-5 12:33 | 阅读：40 | 回复：0
CVE漏洞

CVE-2021-30284

Possible information exposure and denial of service due to NAS not dropping messages when integrity check fails in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT ...……

作者：菜鸟教程小白 | 时间：2022-2-5 12:33 | 阅读：26 | 回复：0
CVE漏洞

CVE-2021-30266

Possible use after free due to improper memory validation when initializing new interface via Interface add command in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer ...……

作者：菜鸟教程小白 | 时间：2022-2-5 12:33 | 阅读：38 | 回复：0
CVE漏洞

CVE-2021-30265

Possible memory corruption due to improper validation of memory address while processing user-space IOCTL for clearing Filter and Route statistics in Snapdragon Auto, Snapdragon Compute, Snapdragon Co ...……

作者：菜鸟教程小白 | 时间：2022-2-5 12:33 | 阅读：25 | 回复：0
CVE漏洞

CVE-2021-30264

Possible use after free due improper validation of reference from call back to internal store table in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Sna ...……

作者：菜鸟教程小白 | 时间：2022-2-5 12:33 | 阅读：25 | 回复：0
CVE漏洞

CVE-2021-30263

Possible race condition can occur due to lack of synchronization mechanism when On-Device Logging node open twice concurrently in Snapdragon Compute, Snapdragon Industrial IOT, Snapdragon Mobile, Snap ...……

作者：菜鸟教程小白 | 时间：2022-2-5 12:33 | 阅读：25 | 回复：0
CVE漏洞

CVE-2021-30259

Possible out of bound access due to improper validation of function table entries in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, S ...……

作者：菜鸟教程小白 | 时间：2022-2-5 12:33 | 阅读：18 | 回复：0
CVE漏洞

CVE-2021-30255

Possible buffer overflow due to improper input validation in PDM DIAG command in FTM in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT ...……

作者：菜鸟教程小白 | 时间：2022-2-5 12:33 | 阅读：31 | 回复：0
CVE漏洞

CVE-2021-30254

Possible buffer overflow due to improper input validation in factory calibration and test DIAG command in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdra ...……

作者：菜鸟教程小白 | 时间：2022-2-5 12:33 | 阅读：24 | 回复：0
CVE漏洞

CVE-2021-1982

Possible denial of service scenario due to improper input validation of received NAS OTA message in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon In ...……

作者：菜鸟教程小白 | 时间：2022-2-5 12:33 | 阅读：41 | 回复：0
CVE漏洞

CVE-2021-1981

Possible buffer over read due to improper IE size check of Bearer capability IE in MT setup request from network in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IO ...……

作者：菜鸟教程小白 | 时间：2022-2-5 12:33 | 阅读：24 | 回复：0
CVE漏洞

CVE-2021-1979

Possible buffer overflow due to improper validation of FTM command payload in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdrag ...……

作者：菜鸟教程小白 | 时间：2022-2-5 12:33 | 阅读：11 | 回复：0
CVE漏洞

CVE-2021-1975

Possible heap overflow due to improper length check of domain while parsing the DNS response in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Indust ...……

作者：菜鸟教程小白 | 时间：2022-2-5 12:33 | 阅读：22 | 回复：0
CVE漏洞

CVE-2021-1973

A FTM Diag command can allow an arbitrary write into modem OS space in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, ...……

作者：菜鸟教程小白 | 时间：2022-2-5 12:33 | 阅读：18 | 回复：0
CVE漏洞

CVE-2021-1924

Information disclosure through timing and power side-channels during mod exponentiation for RSA-CRT in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Con ...……

作者：菜鸟教程小白 | 时间：2022-2-5 12:33 | 阅读：13 | 回复：0
CVE漏洞

CVE-2021-1921

Possible memory corruption due to Improper handling of hypervisor unmap operations for concurrent memory operations in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer ...……

作者：菜鸟教程小白 | 时间：2022-2-5 12:33 | 阅读：15 | 回复：0
CVE漏洞

CVE-2021-1912

Possible integer overflow can occur due to improper length check while calculating count and grace period in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Sn ...……

作者：菜鸟教程小白 | 时间：2022-2-5 12:33 | 阅读：21 | 回复：0
CVE漏洞

CVE-2021-1903

Possible denial of service scenario can occur due to lack of length check on Channel Switch Announcement IE in beacon or probe response frame in Snapdragon Auto, Snapdragon Compute, Snapdragon Connect ...……

作者：菜鸟教程小白 | 时间：2022-2-5 12:33 | 阅读：23 | 回复：0
CVE漏洞

CVE-2021-42775

Broadcom Emulex HBA Manager/One Command Manager versions before 11.4.425.0 and 12.8.542.31, if not installed in Strictly Local Management mode, have a vulnerability in the remote firmware download fea ...……

作者：菜鸟教程小白 | 时间：2022-2-5 12:33 | 阅读：16 | 回复：0
CVE漏洞

CVE-2021-42774

Broadcom Emulex HBA Manager/One Command Manager versions before 11.4.425.0 and 12.8.542.31, if not installed in Strictly Local Management mode, have a buffer overflow vulnerability in the remote firmw ...……

作者：菜鸟教程小白 | 时间：2022-2-5 12:33 | 阅读：22 | 回复：0
CVE漏洞

CVE-2021-42773

Broadcom Emulex HBA Manager/One Command Manager versions before 11.4.425.0 and 12.8.542.31, if not installed in Strictly Local Management mode, could allow a user to retrieve an arbitrary file from a ...……

作者：菜鸟教程小白 | 时间：2022-2-5 12:33 | 阅读：21 | 回复：0
CVE漏洞

CVE-2021-37910

ASUS routers Wi-Fi protected access protocol (WPA2 and WPA3-SAE) has improper control of Interaction frequency vulnerability, an unauthenticated attacker can remotely disconnect other users' conne ...……

作者：菜鸟教程小白 | 时间：2022-2-5 12:33 | 阅读：23 | 回复：0
CVE漏洞

CVE-2021-34422

The Keybase Client for Windows before version 5.7.0 contains a path traversal vulnerability when checking the name of a file uploaded to a team folder. A malicious user could upload a file to a shared ...……

作者：菜鸟教程小白 | 时间：2022-2-5 12:33 | 阅读：28 | 回复：0
CVE漏洞

CVE-2021-34421

The Keybase Client for Android before version 5.8.0 and the Keybase Client for iOS before version 5.8.0 fails to properly remove exploded messages initiated by a user if the receiving user places the ...……

作者：菜鸟教程小白 | 时间：2022-2-5 12:33 | 阅读：17 | 回复：0
CVE漏洞

CVE-2021-34420

The Zoom Client for Meetings for Windows installer before version 5.5.4 does not properly verify the signature of files with .msi, .ps1, and .bat extensions. This could lead to a malicious actor insta ...……

作者：菜鸟教程小白 | 时间：2022-2-5 12:33 | 阅读：20 | 回复：0
CVE漏洞

CVE-2021-34419

In the Zoom Client for Meetings for Ubuntu Linux before version 5.1.0, there is an HTML injection flaw when sending a remote control request to a user in the process of in-meeting screen sharing. This ...……

作者：菜鸟教程小白 | 时间：2022-2-5 12:33 | 阅读：11 | 回复：0