• 设为首页
  • 点击收藏
  • 手机版
    手机扫一扫访问
    迪恩网络手机版
  • 关注官方公众号
    微信扫一扫关注
    迪恩网络公众号

漏洞

RSS

下级分类:

  • CVE-2021-36717
    CVE-2021-36717
    Synerion TimeNet version 9.21 contains a directory traversal vulnerability where, on the Name parameter, the attacker can return to the root directory and open the host file. This might give the attac ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:39 | 阅读:19 | 回复:0
  • CVE-2020-7877
    CVE-2020-7877
    A buffer overflow issue was discovered in ZOOK solution(remote administration tool) through processing 'ConnectMe' command while parsing a crafted OUTERIP value because of missing boundary che ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:39 | 阅读:19 | 回复:0
  • CVE-2021-36696
    CVE-2021-36696
    Deskpro cloud and on-premise Deskpro 2021.1.6 and fixed in Deskpro 2021.1.7 contains a cross-site scripting (XSS) vulnerability in social media links on a user profile due to lack of input validation.……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:39 | 阅读:27 | 回复:0
  • CVE-2021-36163
    CVE-2021-36163
    In Apache Dubbo, users may choose to use the Hessian protocol. The Hessian protocol is implemented on top of HTTP and passes the body of a POST request directly to a HessianSkeleton: New HessianSkelet ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:39 | 阅读:23 | 回复:0
  • CVE-2021-36162
    CVE-2021-36162
    Apache Dubbo supports various rules to support configuration override or traffic routing (called routing in Dubbo). These rules are loaded into the configuration center (eg: Zookeeper, Nacos, ...) and ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:39 | 阅读:13 | 回复:0
  • CVE-2021-34149
    CVE-2021-34149
    The Bluetooth Classic implementation on the Texas Instruments CC256XCQFN-EM does not properly handle the reception of continuous LMP_AU_Rand packets, allowing attackers in radio range to trigger a den ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:39 | 阅读:15 | 回复:0
  • CVE-2021-34148
    CVE-2021-34148
    The Bluetooth Classic implementation in the Cypress WICED BT stack through 2.9.0 for CYW20735B1 devices does not properly handle the reception of LMP_max_slot with a greater ACL Length after completio ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:39 | 阅读:25 | 回复:0
  • CVE-2021-34147
    CVE-2021-34147
    The Bluetooth Classic implementation in the Cypress WICED BT stack through 2.9.0 for CYW20735B1 does not properly handle the reception of a malformed LMP timing accuracy response followed by multiple ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:39 | 阅读:14 | 回复:0
  • CVE-2021-34146
    CVE-2021-34146
    The Bluetooth Classic implementation in the Cypress CYW920735Q60EVB does not properly handle the reception of continuous unsolicited LMP responses, allowing attackers in radio range to trigger a denia ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:39 | 阅读:48 | 回复:0
  • CVE-2021-34145
    CVE-2021-34145
    The Bluetooth Classic implementation in the Cypress WICED BT stack through 2.9.0 for CYW20735B1 devices does not properly handle the reception of LMP_max_slot with an invalid Baseband packet type (and ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:39 | 阅读:15 | 回复:0
  • CVE-2021-34143
    CVE-2021-34143
    The Bluetooth Classic implementation in the Zhuhai Jieli AC6366C_DEMO_V1.0 does not properly handle the reception of continuous unsolicited LMP responses, allowing attackers in radio range to trigger ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:39 | 阅读:11 | 回复:0
  • CVE-2021-31786
    CVE-2021-31786
    The Bluetooth Classic Audio implementation on Actions ATS2815 and ATS2819 devices does not properly handle a connection attempt from a host with the same BDAddress as the current connected BT host, al ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:39 | 阅读:11 | 回复:0
  • CVE-2021-31785
    CVE-2021-31785
    The Bluetooth Classic implementation on Actions ATS2815 and ATS2819 chipsets does not properly handle the reception of multiple LMP_host_connection_req packets, allowing attackers in radio range to tr ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:39 | 阅读:14 | 回复:0
  • CVE-2021-31612
    CVE-2021-31612
    The Bluetooth Classic implementation on Zhuhai Jieli AC690X devices does not properly handle the reception of an oversized LMP packet greater than 17 bytes during the LMP auto rate procedure, allowing ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:39 | 阅读:18 | 回复:0
  • CVE-2021-31611
    CVE-2021-31611
    The Bluetooth Classic implementation on Zhuhai Jieli AC690X and AC692X devices does not properly handle an out-of-order LMP Setup procedure that is followed by a malformed LMP packet, allowing attacke ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:39 | 阅读:5 | 回复:0
  • CVE-2021-31610
    CVE-2021-31610
    The Bluetooth Classic implementation on AB32VG1 devices does not properly handle the reception of continuous unsolicited LMP responses, allowing attackers in radio range to trigger a denial of service ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:39 | 阅读:19 | 回复:0
  • CVE-2021-31609
    CVE-2021-31609
    The Bluetooth Classic implementation in Silicon Labs iWRAP 6.3.0 and earlier does not properly handle the reception of an oversized LMP packet greater than 17 bytes, allowing attackers in radio range ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:39 | 阅读:18 | 回复:0
  • CVE-2021-28139
    CVE-2021-28139
    The Bluetooth Classic implementation in Espressif ESP-IDF 4.4 and earlier does not properly restrict the Feature Page upon reception of an LMP Feature Response Extended packet, allowing attackers in r ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:39 | 阅读:21 | 回复:0
  • CVE-2021-39279
    CVE-2021-39279
    Certain MOXA devices allow Authenticated Command Injection via /forms/web_importTFTP. This affects WAC-2004 1.7, WAC-1001 2.1, WAC-1001-T 2.1, OnCell G3470A-LTE-EU 1.7, OnCell G3470A-LTE-EU-T 1.7, TAP ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:39 | 阅读:23 | 回复:0
  • CVE-2021-39278
    CVE-2021-39278
    Certain MOXA devices allow reflected XSS via the Config Import menu. This affects WAC-2004 1.7, WAC-1001 2.1, WAC-1001-T 2.1, OnCell G3470A-LTE-EU 1.7, OnCell G3470A-LTE-EU-T 1.7, TAP-323-EU-CT-T 1.3, ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:39 | 阅读:21 | 回复:0
  • CVE-2021-38841
    CVE-2021-38841
    Remote Code Execution can occur in Simple Water Refilling Station Management System 1.0 via the System Logo option on the system_info page in classes/SystemSettings.php with an update_settings action.……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:39 | 阅读:13 | 回复:0
  • CVE-2021-38840
    CVE-2021-38840
    SQL Injection can occur in Simple Water Refilling Station Management System 1.0 via the water_refilling/classes/Login.php username parameter.……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:39 | 阅读:17 | 回复:0
  • CVE-2021-34150
    CVE-2021-34150
    The Bluetooth Classic implementation on Bluetrum AB5301A devices with unknown firmware versions does not properly handle the reception of oversized DM1 LMP packets while no other BT connections are ac ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:39 | 阅读:28 | 回复:0
  • CVE-2021-34144
    CVE-2021-34144
    The Bluetooth Classic implementation in the Zhuhai Jieli AC6366C BT SDK through 0.9.1 does not properly handle the reception of truncated LMP_SCO_Link_Request packets while no other BT connections are ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:39 | 阅读:26 | 回复:0
  • CVE-2021-33831
    CVE-2021-33831
    api/account/register in the TH Wildau COVID-19 Contact Tracing application through 2021-09-01 has Incorrect Access Control. An attacker can interfere with tracing of infection chains by creating 500 r ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:39 | 阅读:16 | 回复:0
  • CVE-2021-31613
    CVE-2021-31613
    The Bluetooth Classic implementation on Zhuhai Jieli AC690X and AC692X devices does not properly handle the reception of a truncated LMP packet during the LMP auto rate procedure, allowing attackers i ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:39 | 阅读:23 | 回复:0
  • CVE-2021-28155
    CVE-2021-28155
    The Bluetooth Classic implementation on JBL TUNE500BT devices does not properly handle the reception of continuous unsolicited LMP responses, allowing attackers in radio range to trigger a denial of s ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:39 | 阅读:23 | 回复:0
  • CVE-2021-28136
    CVE-2021-28136
    The Bluetooth Classic implementation in Espressif ESP-IDF 4.4 and earlier does not properly handle the reception of multiple LMP IO Capability Request packets during the pairing process, allowing atta ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:39 | 阅读:28 | 回复:0
  • CVE-2021-28135
    CVE-2021-28135
    The Bluetooth Classic implementation in Espressif ESP-IDF 4.4 and earlier does not properly handle the reception of continuous unsolicited LMP responses, allowing attackers in radio range to trigger a ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:39 | 阅读:22 | 回复:0
  • CVE-2021-33484
    CVE-2021-33484
    An issue was discovered in CommentsService.ashx in OnyakTech Comments Pro 3.8. An attacker can download a copy of the installer, decompile it, and discover a hardcoded IV used to encrypt the username ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:39 | 阅读:19 | 回复:0
  • CVE-2021-33483
    CVE-2021-33483
    An issue was discovered in CommentsService.ashx in OnyakTech Comments Pro 3.8. The comment posting functionality allows an attacker to add an XSS payload to the JSON request that will execute when use ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:39 | 阅读:23 | 回复:0
  • CVE-2021-40540
    CVE-2021-40540
    ulfius_uri_logger in Ulfius HTTP Framework before 2.7.4 omits con_info initialization and a con_info-request NULL check for certain malformed HTTP requests.……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:39 | 阅读:22 | 回复:0
  • CVE-2021-40532
    CVE-2021-40532
    Telegram Web K Alpha before 0.7.2 mishandles the characters in a document extension.……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:39 | 阅读:17 | 回复:0
  • CVE-2021-40531
    CVE-2021-40531
    Sketch before 75 allows library feeds to be used to bypass file quarantine. Files are automatically downloaded and opened, without the com.apple.quarantine extended attribute. This results in remote c ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:39 | 阅读:18 | 回复:0
  • CVE-2021-40530
    CVE-2021-40530
    The ElGamal implementation in Crypto++ through 8.5 allows plaintext recovery because, during interaction between two cryptographic libraries, a certain dangerous combination of the prime defined by th ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:39 | 阅读:18 | 回复:0
  • CVE-2021-40529
    CVE-2021-40529
    The ElGamal implementation in Botan through 2.18.1, as used in Thunderbird and other products, allows plaintext recovery because, during interaction between two cryptographic libraries, a certain dang ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:39 | 阅读:30 | 回复:0
  • CVE-2021-40528
    CVE-2021-40528
    The ElGamal implementation in Libgcrypt before 1.9.4 allows plaintext recovery because, during interaction between two cryptographic libraries, a certain dangerous combination of the prime defined by ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:39 | 阅读:24 | 回复:0
  • CVE-2021-24006
    CVE-2021-24006
    An improper access control vulnerability in FortiManager versions 6.4.0 to 6.4.3 may allow an authenticated attacker with a restricted user profile to access the SD-WAN Orchestrator panel via directly ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:39 | 阅读:18 | 回复:0
  • CVE-2020-15939
    CVE-2020-15939
    An improper access control vulnerability (CWE-284) in FortiSandbox versions 3.2.1 and below and 3.1.4 and below may allow an authenticated, unprivileged attacker to download the device configuration f ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:39 | 阅读:31 | 回复:0
  • CVE-2021-36096
    CVE-2021-36096
    Generated Support Bundles contains private S/MIME and PGP keys if containing folder is not hidden. This issue affects: OTRS AG ((OTRS)) Community Edition 6.0.x version 6.0.1 and later versions. OTRS A ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:39 | 阅读:17 | 回复:0

关注我们

极客给你想要的成长

关注极客中国获取最新资讯

热门推荐
阅读排行榜

扫描微信二维码

查看手机版网站

随时了解更新最新资讯

139-2527-9053

在线客服(服务时间 9:00~18:00)

在线QQ客服
地址:深圳市南山区西丽大学城创智工业园
电邮:jeky_zhao#qq.com
移动电话:139-2527-9053

Powered by 互联科技 X3.4© 2001-2213 极客世界.|Sitemap