• 设为首页
  • 点击收藏
  • 手机版
    手机扫一扫访问
    迪恩网络手机版
  • 关注官方公众号
    微信扫一扫关注
    迪恩网络公众号

漏洞

RSS

下级分类:

  • CVE-2021-25470
    CVE-2021-25470
    An improper caller check logic of SMC call in TEEGRIS secure OS prior to SMR Oct-2021 Release 1 can be used to compromise TEE.……
    作者:菜鸟教程小白 | 时间:2022-2-5 12:09 | 阅读:31 | 回复:0
  • CVE-2021-25469
    CVE-2021-25469
    A possible stack-based buffer overflow vulnerability in Widevine trustlet prior to SMR Oct-2021 Release 1 allows arbitrary code execution.……
    作者:菜鸟教程小白 | 时间:2022-2-5 12:09 | 阅读:27 | 回复:0
  • CVE-2021-25468
    CVE-2021-25468
    A possible guessing and confirming a byte memory vulnerability in Widevine trustlet prior to SMR Oct-2021 Release 1 allows attackers to read arbitrary memory address.……
    作者:菜鸟教程小白 | 时间:2022-2-5 12:09 | 阅读:44 | 回复:0
  • CVE-2021-25467
    CVE-2021-25467
    Assuming system privilege is gained, possible buffer overflow vulnerabilities in the Vision DSP kernel driver prior to SMR Oct-2021 Release 1 allows privilege escalation to Root by hijacking loaded li ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 12:09 | 阅读:47 | 回复:0
  • CVE-2021-38925
    CVE-2021-38925
    IBM Sterling B2B Integrator Standard Edition 5.2.0. 0 through 6.1.1.0 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-For ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 12:09 | 阅读:53 | 回复:0
  • CVE-2021-29903
    CVE-2021-29903
    IBM Sterling B2B Integrator Standard Edition 5.2.6.0 through 6.1.1.0 is vulnerable to SQL injection. A remote attacker could send specially crafted SQL statements, which could allow the attacker to vi ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 12:09 | 阅读:29 | 回复:0
  • CVE-2021-29855
    CVE-2021-29855
    IBM Sterling B2B Integrator Standard Edition 5.2.0.0 through 6.1.1.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus alteri ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 12:09 | 阅读:27 | 回复:0
  • CVE-2021-29837
    CVE-2021-29837
    IBM Sterling B2B Integrator Standard Edition 5.2.0.0 through 6.1.1.0 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 12:09 | 阅读:23 | 回复:0
  • CVE-2021-29836
    CVE-2021-29836
    IBM Sterling B2B Integrator Standard Edition 5.2.0.0. through 6.1.1.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus alter ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 12:09 | 阅读:25 | 回复:0
  • CVE-2021-29798
    CVE-2021-29798
    IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.1.1.0 is vulnerable to SQL injection. A remote attacker could send specially crafted SQL statements, which could allow the attacker to vi ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 12:09 | 阅读:16 | 回复:0
  • CVE-2021-29764
    CVE-2021-29764
    IBM Sterling B2B Integrator 5.2.0.0 through 6.1.1.0 is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the int ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 12:09 | 阅读:22 | 回复:0
  • CVE-2021-29761
    CVE-2021-29761
    IBM Sterling B2B Integrator Standard Edition 5.2.0.0 through 6.1.1.0 could allow an authenticated user to obtain sensitive information from the dashboard that they should not have access to. IBM X-For ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 12:09 | 阅读:23 | 回复:0
  • CVE-2021-29760
    CVE-2021-29760
    IBM Sterling B2B Integrator Standard Edition 5.2.0.0 through 6.1.1.0 could allow an authenticated user to download unauthorized files through the dashboard user interface. IBM X-Force ID: 202213.……
    作者:菜鸟教程小白 | 时间:2022-2-5 12:09 | 阅读:25 | 回复:0
  • CVE-2021-29758
    CVE-2021-29758
    IBM Sterling B2B Integrator Standard Edition 5.2.0.0 through 6.1.1.0 could allow an authenticated user to perform actions that they should not be able to access due to improper access controls. IBM X- ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 12:09 | 阅读:19 | 回复:0
  • CVE-2021-39351
    CVE-2021-39351
    The WP Bannerize WordPress plugin is vulnerable to authenticated SQL injection via the id parameter found in the ~/Classes/wpBannerizeAdmin.php file which allows attackers to exfiltrate sensitive info ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 12:09 | 阅读:17 | 回复:0
  • CVE-2021-39350
    CVE-2021-39350
    The FV Flowplayer Video Player WordPress plugin is vulnerable to Reflected Cross-Site Scripting via the player_id parameter found in the ~/view/stats.php file which allows attackers to inject arbitrar ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 12:09 | 阅读:24 | 回复:0
  • CVE-2021-20264
    CVE-2021-20264
    An insecure modification flaw in the /etc/passwd file was found in the openjdk-1.8 and openjdk-11 containers. This flaw allows an attacker with access to the container to modify the /etc/passwd and es ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 12:09 | 阅读:26 | 回复:0
  • CVE-2021-0695
    CVE-2021-0695
    In get_sock_stat of xt_qtaguid.c, there is a possible out of bounds read due to a use after free. This could lead to local information disclosure with User execution privileges needed. User interactio ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 12:09 | 阅读:17 | 回复:0
  • CVE-2021-0693
    CVE-2021-0693
    In openFile of HeapDumpProvider.java, there is a possible way to retrieve generated heap dumps from debuggable apps due to an unprotected provider. This could lead to local information disclosure with ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 12:09 | 阅读:20 | 回复:0
  • CVE-2021-0692
    CVE-2021-0692
    In sendBroadcastToInstaller of FirstScreenBroadcast.java, there is a possible activity launch due to an unsafe PendingIntent. This could lead to local escalation of privilege with no additional execut ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 12:09 | 阅读:35 | 回复:0
  • CVE-2021-0691
    CVE-2021-0691
    In the SELinux policy configured in system_app.te, there is a possible way for system_app to gain code execution in other processes due to an overly-permissive SELinux policy. This could lead to local ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 12:09 | 阅读:38 | 回复:0
  • CVE-2021-0690
    CVE-2021-0690
    In ih264d_mark_err_slice_skip of ih264d_parse_pslice.c, there is a possible out of bounds write due to a heap buffer overflow. This could lead to remote information disclosure with no additional execu ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 12:09 | 阅读:32 | 回复:0
  • CVE-2021-0689
    CVE-2021-0689
    In RGB_to_BGR1_portable of SkSwizzler_opts.h, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privile ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 12:09 | 阅读:34 | 回复:0
  • CVE-2021-0688
    CVE-2021-0688
    In lockNow of PhoneWindowManager.java, there is a possible lock screen bypass due to a race condition. This could lead to local escalation of privilege with User execution privileges needed. User inte ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 12:09 | 阅读:29 | 回复:0
  • CVE-2021-0687
    CVE-2021-0687
    In ellipsize of Layout.java, there is a possible ANR due to improper input validation. This could lead to local denial of service with no additional execution privileges needed. User interaction is ne ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 12:09 | 阅读:34 | 回复:0
  • CVE-2021-0686
    CVE-2021-0686
    In getDefaultSmsPackage of RoleManagerService.java, there is a possible way to get information about the default sms app of a different device user due to a missing permission check. This could lead t ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 12:09 | 阅读:44 | 回复:0
  • CVE-2021-0685
    CVE-2021-0685
    In ParsedIntentInfo of ParsedIntentInfo.java, there is a possible parcel serialization/deserialization mismatch due to unsafe deserialization. This could lead to local escalation of privilege with no ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 12:09 | 阅读:32 | 回复:0
  • CVE-2021-0684
    CVE-2021-0684
    In TouchInputMapper::sync of TouchInputMapper.cpp, there is a possible out of bounds write due to a use after free. This could lead to local escalation of privilege with no additional execution privil ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 12:09 | 阅读:26 | 回复:0
  • CVE-2021-0683
    CVE-2021-0683
    In runTraceIpcStop of ActivityManagerShellCommand.java, there is a possible deletion of system files due to a confused deputy. This could lead to local escalation of privilege with no additional execu ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 12:09 | 阅读:33 | 回复:0
  • CVE-2021-0682
    CVE-2021-0682
    In sendAccessibilityEvent of NotificationManagerService.java, there is a possible disclosure of notification data due to a missing permission check. This could lead to local information disclosure wit ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 12:09 | 阅读:17 | 回复:0
  • CVE-2021-0681
    CVE-2021-0681
    In system properties, there is a possible information disclosure due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 12:09 | 阅读:36 | 回复:0
  • CVE-2021-0680
    CVE-2021-0680
    In system properties, there is a possible information disclosure due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 12:09 | 阅读:20 | 回复:0
  • CVE-2021-0644
    CVE-2021-0644
    In conditionallyRemoveIdentifiers of SubscriptionController.java, there is a possible way to retrieve a trackable identifier due to a missing permission check. This could lead to local information dis ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 12:09 | 阅读:21 | 回复:0
  • CVE-2021-0636
    CVE-2021-0636
    When extracting the incorrectly formatted avi file, the memory is damaged, the playback interface shows that the video cannot be played, and the log is found to be crashed. This problem may lead to ha ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 12:09 | 阅读:19 | 回复:0
  • CVE-2021-0635
    CVE-2021-0635
    When extracting the incorrectly formatted flv file, the memory is damaged, the playback interface shows that the video cannot be played, and the log is found to be crashed. This problem may lead to ha ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 12:09 | 阅读:26 | 回复:0
  • CVE-2021-0598
    CVE-2021-0598
    In onCreate of ConfirmConnectActivity.java, there is a possible pairing of untrusted Bluetooth devices due to a tapjacking/overlay attack. This could lead to local escalation of privilege with User ex ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 12:09 | 阅读:39 | 回复:0
  • CVE-2021-0595
    CVE-2021-0595
    In lockAllProfileTasks of RootWindowContainer.java, there is a possible way to access the work profile without the profile PIN, after logging in. This could lead to local escalation of privilege with ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 12:09 | 阅读:29 | 回复:0
  • CVE-2021-28702
    CVE-2021-28702
    PCI devices with RMRRs not deassigned correctly Certain PCI devices in a system might be assigned Reserved Memory Regions (specified via Reserved Memory Region Reporting, RMRR). These are typically us ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 12:09 | 阅读:33 | 回复:0
  • CVE-2020-19003
    CVE-2020-19003
    An issue in Gate One 1.2.0 allows attackers to bypass to the verification check done by the origins list and connect to Gate One instances used by hosts not on the origins list.……
    作者:菜鸟教程小白 | 时间:2022-2-5 12:09 | 阅读:23 | 回复:0
  • CVE-2021-3848
    CVE-2021-3848
    An arbitrary file creation by privilege escalation vulnerability in Trend Micro Apex One, Apex One as a Service, Worry-Free Business Security 10.0 SP1, and Worry-Free Business Security Services could ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 12:09 | 阅读:24 | 回复:0

关注我们

极客给你想要的成长

关注极客中国获取最新资讯

热门推荐
阅读排行榜

扫描微信二维码

查看手机版网站

随时了解更新最新资讯

139-2527-9053

在线客服(服务时间 9:00~18:00)

在线QQ客服
地址:深圳市南山区西丽大学城创智工业园
电邮:jeky_zhao#qq.com
移动电话:139-2527-9053

Powered by 互联科技 X3.4© 2001-2213 极客世界.|Sitemap