• 设为首页
  • 点击收藏
  • 手机版
    手机扫一扫访问
    迪恩网络手机版
  • 关注官方公众号
    微信扫一扫关注
    迪恩网络公众号

漏洞

RSS

下级分类:

  • CVE-2021-30723
    CVE-2021-30723
    An information disclosure issue was addressed with improved state management. This issue is fixed in macOS Big Sur 11.4, Security Update 2021-003 Catalina, Security Update 2021-004 Mojave, iOS 14.6 an ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:39 | 阅读:25 | 回复:0
  • CVE-2021-30722
    CVE-2021-30722
    An information disclosure issue was addressed with improved state management. This issue is fixed in macOS Big Sur 11.4, Security Update 2021-003 Catalina, Security Update 2021-004 Mojave. An attacker ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:39 | 阅读:18 | 回复:0
  • CVE-2021-30721
    CVE-2021-30721
    A path handling issue was addressed with improved validation. This issue is fixed in macOS Big Sur 11.4, Security Update 2021-003 Catalina, Security Update 2021-004 Mojave. An attacker in a privileged ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:39 | 阅读:27 | 回复:0
  • CVE-2021-30720
    CVE-2021-30720
    A logic issue was addressed with improved restrictions. This issue is fixed in tvOS 14.6, iOS 14.6 and iPadOS 14.6, Safari 14.1.1, macOS Big Sur 11.4, watchOS 7.5. A malicious website may be able to a ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:39 | 阅读:34 | 回复:0
  • CVE-2021-28701
    CVE-2021-28701
    Another race in XENMAPSPACE_grant_table handling Guests are permitted access to certain Xen-owned pages of memory. The majority of such pages remain allocated / associated with a guest for its entire ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:39 | 阅读:37 | 回复:0
  • CVE-2021-28581
    CVE-2021-28581
    Adobe Creative Cloud Desktop 3.5 (and earlier) is affected by an uncontrolled search path vulnerability that could result in elevation of privileges. Exploitation of this issue requires user interacti ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:39 | 阅读:42 | 回复:0
  • CVE-2021-28580
    CVE-2021-28580
    Medium by Adobe version 2.4.5.331 (and earlier) is affected by a buffer overflow vulnerability when parsing a crafted file. An unauthenticated attacker could leverage this vulnerability to achieve rem ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:39 | 阅读:43 | 回复:0
  • CVE-2021-36695
    CVE-2021-36695
    Deskpro cloud and on-premise Deskpro 2021.1.6 and fixed in Deskpro 2021.1.7 contains a cross-site scripting (XSS) vulnerability in the download file feature on a manager profile due to lack of input v ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:39 | 阅读:39 | 回复:0
  • CVE-2021-1972
    CVE-2021-1972
    Possible buffer overflow due to improper validation of device types during P2P search in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IO ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:39 | 阅读:46 | 回复:0
  • CVE-2021-1930
    CVE-2021-1930
    Possible out of bounds read due to incorrect validation of incoming buffer length in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, S ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:39 | 阅读:36 | 回复:0
  • CVE-2021-1929
    CVE-2021-1929
    Lack of strict validation of bootmode can lead to information disclosure in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:39 | 阅读:41 | 回复:0
  • CVE-2021-1928
    CVE-2021-1928
    Buffer over read could occur due to incorrect check of buffer size while flashing emmc devices in Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdr ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:39 | 阅读:49 | 回复:0
  • CVE-2021-1923
    CVE-2021-1923
    Incorrect pointer argument passed to trusted application TA could result in un-intended memory operations in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:39 | 阅读:36 | 回复:0
  • CVE-2021-1920
    CVE-2021-1920
    Integer underflow can occur due to improper handling of incoming RTCP packets in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapd ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:39 | 阅读:34 | 回复:0
  • CVE-2021-1919
    CVE-2021-1919
    Integer underflow can occur when the RTCP length is lesser than than the actual blocks present in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Indu ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:39 | 阅读:48 | 回复:0
  • CVE-2021-1916
    CVE-2021-1916
    Possible buffer underflow due to lack of check for negative indices values when processing user provided input in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:39 | 阅读:33 | 回复:0
  • CVE-2021-1914
    CVE-2021-1914
    Loop with unreachable exit condition may occur due to improper handling of unsupported input in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Indust ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:39 | 阅读:34 | 回复:0
  • CVE-2021-1904
    CVE-2021-1904
    Child process can leak information from parent process due to numeric pids are getting compared and these pid can be reused in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:39 | 阅读:37 | 回复:0
  • CVE-2020-11301
    CVE-2020-11301
    Improper authentication of un-encrypted plaintext Wi-Fi frames in an encrypted network can lead to information disclosure in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Co ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:39 | 阅读:39 | 回复:0
  • CVE-2020-11264
    CVE-2020-11264
    Improper authentication of Non-EAPOL/WAPI plaintext frames during four-way handshake can lead to arbitrary network packet injection in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Sna ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:39 | 阅读:53 | 回复:0
  • CVE-2021-40377
    CVE-2021-40377
    SmarterTools SmarterMail 16.x before build 7866 has stored XSS. The application fails to sanitize email content, thus allowing one to inject HTML and/or JavaScript into a page that will then be proces ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:39 | 阅读:54 | 回复:0
  • CVE-2021-36182
    CVE-2021-36182
    A Improper neutralization of special elements used in a command ('Command Injection') in Fortinet FortiWeb version 6.3.13 and below allows attacker to execute unauthorized code or commands via ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:39 | 阅读:34 | 回复:0
  • CVE-2021-36179
    CVE-2021-36179
    A stack-based buffer overflow in Fortinet FortiWeb version 6.3.14 and below, 6.2.4 and below allows attacker to execute unauthorized code or commands via crafted parameters in CLI command execution……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:39 | 阅读:42 | 回复:0
  • CVE-2021-23404
    CVE-2021-23404
    This affects all versions of package sqlite-web. The SQL dashboard area allows sensitive actions to be performed without validating that the request originated from the application. This could enable ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:39 | 阅读:47 | 回复:0
  • CVE-2020-29012
    CVE-2020-29012
    An insufficient session expiration vulnerability in FortiSandbox versions 3.2.1 and below may allow an attacker to reuse the unexpired admin user session IDs to gain information about other users conf ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:39 | 阅读:42 | 回复:0
  • CVE-2021-39122
    CVE-2021-39122
    Affected versions of Atlassian Jira Server and Data Center allow anonymous remote attackers to view users' emails via an Information Disclosure vulnerability in the /rest/api/2/search endpoint. Th ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:39 | 阅读:52 | 回复:0
  • CVE-2021-39121
    CVE-2021-39121
    Affected versions of Atlassian Jira Server and Data Center allow authenticated remote attackers to enumerate the keys of private Jira projects via an Information Disclosure vulnerability in the /rest/ ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:39 | 阅读:81 | 回复:0
  • CVE-2021-39116
    CVE-2021-39116
    Affected versions of Atlassian Jira Server and Data Center allow remote attackers to impact the application's availability via a Denial of Service (DoS) vulnerability in the GIF Image Reader compo ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:39 | 阅读:26 | 回复:0
  • CVE-2020-19855
    CVE-2020-19855
    phpwcms v1.9 contains a cross-site scripting (XSS) vulnerability in /image_zoom.php.……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:39 | 阅读:21 | 回复:0
  • CVE-2020-19853
    CVE-2020-19853
    BlueCMS v1.6 contains a SQL injection vulnerability via /ad_js.php.……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:39 | 阅读:19 | 回复:0
  • CVE-2021-37145
    CVE-2021-37145
    ** UNSUPPORTED WHEN ASSIGNED ** A command-injection vulnerability in an authenticated Telnet connection in Poly (formerly Polycom) CX5500 and CX5100 1.3.5 leads an attacker to Privilege Escalation and ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:39 | 阅读:19 | 回复:0
  • CVE-2021-32802
    CVE-2021-32802
    Nextcloud server is an open source, self hosted personal cloud. Nextcloud supports rendering image previews for user provided file content. For some image types, the Nextcloud server was invoking a th ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:39 | 阅读:34 | 回复:0
  • CVE-2021-32801
    CVE-2021-32801
    Nextcloud server is an open source, self hosted personal cloud. In affected versions logging of exceptions may have resulted in logging potentially sensitive key material for the Nextcloud Encryption- ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:39 | 阅读:16 | 回复:0
  • CVE-2021-32800
    CVE-2021-32800
    Nextcloud server is an open source, self hosted personal cloud. In affected versions an attacker is able to bypass Two Factor Authentication in Nextcloud. Thus knowledge of a password, or access to a ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:39 | 阅读:31 | 回复:0
  • CVE-2020-19769
    CVE-2020-19769
    A lack of target address verification in the BurnMe() function of Rob The Bank 1.0 allows attackers to steal tokens from victim users via a crafted script.……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:39 | 阅读:24 | 回复:0
  • CVE-2020-19768
    CVE-2020-19768
    A lack of target address verification in the selfdestructs() function of ICOVO 1.0 allows attackers to steal tokens from victim users via a crafted script.……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:39 | 阅读:18 | 回复:0
  • CVE-2020-19767
    CVE-2020-19767
    A lack of target address verification in the destroycontract() function of 0xRACER 1.0 allows attackers to steal tokens from victim users via a crafted script.……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:39 | 阅读:15 | 回复:0
  • CVE-2020-19766
    CVE-2020-19766
    The time check operation of PepeAuctionSale 1.0 can be rendered ineffective by assigning a large number to the _duration variable, compromising access control to the application.……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:39 | 阅读:24 | 回复:0
  • CVE-2020-19765
    CVE-2020-19765
    An issue in the noReentrance() modifier of the Ethereum-based contract Accounting 1.0 allows attackers to carry out a reentrancy attack.……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:39 | 阅读:23 | 回复:0
  • CVE-2021-39501
    CVE-2021-39501
    EyouCMS 1.5.4 is vulnerable to Open Redirect. An attacker can redirect a user to a malicious url via the Logout function.……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:39 | 阅读:22 | 回复:0

关注我们

极客给你想要的成长

关注极客中国获取最新资讯

热门推荐
阅读排行榜

扫描微信二维码

查看手机版网站

随时了解更新最新资讯

139-2527-9053

在线客服(服务时间 9:00~18:00)

在线QQ客服
地址:深圳市南山区西丽大学城创智工业园
电邮:jeky_zhao#qq.com
移动电话:139-2527-9053

Powered by 互联科技 X3.4© 2001-2213 极客世界.|Sitemap