漏洞 - 第705页-OGeek|极客世界-中国程序员成长平台

OGeek|极客世界-中国程序员成长平台 › 门户 ›漏洞

漏洞

RSS

下级分类:

CVE漏洞

CVE-2021-38207

drivers/net/ethernet/xilinx/ll_temac_main.c in the Linux kernel before 5.12.13 allows remote attackers to cause a denial of service (buffer overflow and lockup) by sending heavy network traffic for ab ...……

作者：菜鸟教程小白 | 时间：2022-2-5 11:27 | 阅读：25 | 回复：0
CVE漏洞

CVE-2021-38206

The mac80211 subsystem in the Linux kernel before 5.12.13, when a device supporting only 5 GHz is used, allows attackers to cause a denial of service (NULL pointer dereference in the radiotap parser) ...……

作者：菜鸟教程小白 | 时间：2022-2-5 11:27 | 阅读：13 | 回复：0
CVE漏洞

CVE-2021-38205

drivers/net/ethernet/xilinx/xilinx_emaclite.c in the Linux kernel before 5.13.3 makes it easier for attackers to defeat an ASLR protection mechanism because it prints a kernel pointer (i.e., the real ...……

作者：菜鸟教程小白 | 时间：2022-2-5 11:27 | 阅读：30 | 回复：0
CVE漏洞

CVE-2021-38204

drivers/usb/host/max3421-hcd.c in the Linux kernel before 5.13.6 allows physically proximate attackers to cause a denial of service (use-after-free and panic) by removing a MAX-3421 USB device in cert ...……

作者：菜鸟教程小白 | 时间：2022-2-5 11:27 | 阅读：28 | 回复：0
CVE漏洞

CVE-2021-38203

btrfs in the Linux kernel before 5.13.4 allows attackers to cause a denial of service (deadlock) via processes that trigger allocation of new system chunks during times when there is a shortage of fre ...……

作者：菜鸟教程小白 | 时间：2022-2-5 11:27 | 阅读：28 | 回复：0
CVE漏洞

CVE-2021-38202

fs/nfsd/trace.h in the Linux kernel before 5.13.4 might allow remote attackers to cause a denial of service (out-of-bounds read in strlen) by sending NFS traffic when the trace event framework is bein ...……

作者：菜鸟教程小白 | 时间：2022-2-5 11:27 | 阅读：10 | 回复：0
CVE漏洞

CVE-2021-38201

net/sunrpc/xdr.c in the Linux kernel before 5.13.4 allows remote attackers to cause a denial of service (xdr_set_page_base slab-out-of-bounds access) by performing many NFS 4.2 READ_PLUS operations.……

作者：菜鸟教程小白 | 时间：2022-2-5 11:27 | 阅读：9 | 回复：0
CVE漏洞

CVE-2021-38200

arch/powerpc/perf/core-book3s.c in the Linux kernel before 5.12.13, on systems with perf_event_paranoid=-1 and no specific PMU driver support registered, allows local users to cause a denial of servic ...……

作者：菜鸟教程小白 | 时间：2022-2-5 11:27 | 阅读：4 | 回复：0
CVE漏洞

CVE-2021-38199

fs/nfs/nfs4client.c in the Linux kernel before 5.13.4 has incorrect connection-setup ordering, which allows operators of remote NFSv4 servers to cause a denial of service (hanging of mounts) by arrang ...……

作者：菜鸟教程小白 | 时间：2022-2-5 11:27 | 阅读：13 | 回复：0
CVE漏洞

CVE-2021-38198

arch/x86/kvm/mmu/paging_tmpl.h in the Linux kernel before 5.12.11 incorrectly computes the access permissions of a shadow page, leading to a missing guest protection page fault.……

作者：菜鸟教程小白 | 时间：2022-2-5 11:27 | 阅读：15 | 回复：0
CVE漏洞

CVE-2021-38197

unarr.go in go-unarr (aka Go bindings for unarr) 0.1.1 allows Directory Traversal via ../ in a pathname within a TAR archive.……

作者：菜鸟教程小白 | 时间：2022-2-5 11:27 | 阅读：10 | 回复：0
CVE漏洞

CVE-2021-23419

This affects the package open-graph before 0.2.6. The function parse could be tricked into adding or modifying properties of Object.prototype using a __proto__ or constructor payload.……

作者：菜鸟教程小白 | 时间：2022-2-5 11:27 | 阅读：8 | 回复：0
CVE漏洞

CVE-2021-38196

An issue was discovered in the better-macro crate through 2021-07-22 for Rust. It intentionally demonstrates that remote attackers can execute arbitrary code via proc-macros, and otherwise has no legi ...……

作者：菜鸟教程小白 | 时间：2022-2-5 11:27 | 阅读：17 | 回复：0
CVE漏洞

CVE-2021-38195

An issue was discovered in the libsecp256k1 crate before 0.5.0 for Rust. It can verify an invalid signature because it allows the R or S parameter to be larger than the curve order, aka an overflow.……

作者：菜鸟教程小白 | 时间：2022-2-5 11:27 | 阅读：6 | 回复：0
CVE漏洞

CVE-2021-38194

An issue was discovered in the ark-r1cs-std crate before 0.3.1 for Rust. It does not enforce any constraints in the FieldVar::mul_by_inverse method. Thus, a prover can produce a proof that is unsound ...……

作者：菜鸟教程小白 | 时间：2022-2-5 11:27 | 阅读：19 | 回复：0
CVE漏洞

CVE-2021-38193

An issue was discovered in the ammonia crate before 3.1.0 for Rust. XSS can occur because the parsing differences for HTML, SVG, and MathML are mishandled, a similar issue to CVE-2020-26870.……

作者：菜鸟教程小白 | 时间：2022-2-5 11:27 | 阅读：5 | 回复：0
CVE漏洞

CVE-2021-38192

An issue was discovered in the prost-types crate before 0.8.0 for Rust. An overflow can occur during conversion from Timestamp to SystemTime.……

作者：菜鸟教程小白 | 时间：2022-2-5 11:27 | 阅读：19 | 回复：0
CVE漏洞

CVE-2021-38191

An issue was discovered in the tokio crate before 1.8.1 for Rust. Upon a JoinHandle::abort, a Task may be dropped in the wrong thread.……

作者：菜鸟教程小白 | 时间：2022-2-5 11:27 | 阅读：21 | 回复：0
CVE漏洞

CVE-2021-38190

An issue was discovered in the nalgebra crate before 0.27.1 for Rust. It allows out-of-bounds memory access because it does not ensure that the number of elements is equal to the product of the row co ...……

作者：菜鸟教程小白 | 时间：2022-2-5 11:27 | 阅读：26 | 回复：0
CVE漏洞

CVE-2021-38189

An issue was discovered in the lettre crate before 0.9.6 for Rust. In an e-mail message body, an attacker can place a . character after two CRLF sequences and then inject arbitrary SMTP commands.……

作者：菜鸟教程小白 | 时间：2022-2-5 11:27 | 阅读：16 | 回复：0
CVE漏洞

CVE-2021-38188

An issue was discovered in the iced-x86 crate through 1.10.3 for Rust. In Decoder::new(), slice.get_unchecked(slice.length()) is used unsafely.……

作者：菜鸟教程小白 | 时间：2022-2-5 11:27 | 阅读：12 | 回复：0
CVE漏洞

CVE-2021-38187

An issue was discovered in the anymap crate through 0.12.1 for Rust. It violates soundness via conversion of a *u8 to a *u64.……

作者：菜鸟教程小白 | 时间：2022-2-5 11:27 | 阅读：8 | 回复：0
CVE漏洞

CVE-2021-38186

An issue was discovered in the comrak crate before 0.10.1 for Rust. It mishandles characters, leading to XSS via # HTML entities.……

作者：菜鸟教程小白 | 时间：2022-2-5 11:27 | 阅读：8 | 回复：0
CVE漏洞

CVE-2021-36221

Go before 1.15.15 and 1.16.x before 1.16.7 has a race condition that can lead to a net/http/httputil ReverseProxy panic upon an ErrAbortHandler abort.……

作者：菜鸟教程小白 | 时间：2022-2-5 11:27 | 阅读：17 | 回复：0
CVE漏洞

CVE-2020-36472

An issue was discovered in the max7301 crate before 0.2.0 for Rust. The ImmediateIO and TransactionalIO types implement Sync for all ExpanderEI types that they contain.……

作者：菜鸟教程小白 | 时间：2022-2-5 11:27 | 阅读：22 | 回复：0
CVE漏洞

CVE-2020-36471

An issue was discovered in the generator crate before 0.7.0 for Rust. It does not ensure that a function (for yielding values) has Send bounds.……

作者：菜鸟教程小白 | 时间：2022-2-5 11:27 | 阅读：16 | 回复：0
CVE漏洞

CVE-2020-36470

An issue was discovered in the disrustor crate through 2020-12-17 for Rust. RingBuffer doe not properly limit the number of mutable references.……

作者：菜鸟教程小白 | 时间：2022-2-5 11:27 | 阅读：16 | 回复：0
CVE漏洞

CVE-2020-36469

An issue was discovered in the appendix crate through 2020-11-15 for Rust. For the generic K and V type parameters, Send and Sync are implemented unconditionally.……

作者：菜鸟教程小白 | 时间：2022-2-5 11:27 | 阅读：18 | 回复：0
CVE漏洞

CVE-2020-36468

An issue was discovered in the cgc crate through 2020-12-10 for Rust. Ptr::write performs non-atomic write operations on an underlying pointer.……

作者：菜鸟教程小白 | 时间：2022-2-5 11:27 | 阅读：11 | 回复：0
CVE漏洞

CVE-2020-36467

An issue was discovered in the cgc crate through 2020-12-10 for Rust. Ptr::get returns more than one mutable reference to the same object.……

作者：菜鸟教程小白 | 时间：2022-2-5 11:27 | 阅读：16 | 回复：0
CVE漏洞

CVE-2020-36466

An issue was discovered in the cgc crate through 2020-12-10 for Rust. Ptr implements Send and Sync for all types.……

作者：菜鸟教程小白 | 时间：2022-2-5 11:27 | 阅读：20 | 回复：0
CVE漏洞

CVE-2020-36465

An issue was discovered in the generic-array crate before 0.13.3 for Rust. It violates soundness by using the arr! macro to extend lifetimes.……

作者：菜鸟教程小白 | 时间：2022-2-5 11:27 | 阅读：33 | 回复：0
CVE漏洞

CVE-2020-36464

An issue was discovered in the heapless crate before 0.6.1 for Rust. The IntoIter Clone implementation clones an entire underlying Vec without considering whether it has already been partially consume ...……

作者：菜鸟教程小白 | 时间：2022-2-5 11:27 | 阅读：23 | 回复：0
CVE漏洞

CVE-2020-36463

An issue was discovered in the multiqueue crate through 2020-12-25 for Rust. There are unconditional implementations of Send for InnerSendRW, T, InnerRecvRW, T, FutInnerSendRW, T, and FutInnerRecvRW, ...……

作者：菜鸟教程小白 | 时间：2022-2-5 11:27 | 阅读：17 | 回复：0
CVE漏洞

CVE-2020-36462

An issue was discovered in the syncpool crate before 0.1.6 for Rust. There is an unconditional implementation of Send for Bucket2.……

作者：菜鸟教程小白 | 时间：2022-2-5 11:27 | 阅读：21 | 回复：0
CVE漏洞

CVE-2020-36461

An issue was discovered in the noise_search crate through 2020-12-10 for Rust. There are unconditional implementations of Send and Sync for MvccRwLock.……

作者：菜鸟教程小白 | 时间：2022-2-5 11:27 | 阅读：19 | 回复：0
CVE漏洞

CVE-2020-36460

An issue was discovered in the model crate through 2020-11-10 for Rust. The Shared data structure has an implementation of the Send and Sync traits without regard for the inner type.……

作者：菜鸟教程小白 | 时间：2022-2-5 11:27 | 阅读：5 | 回复：0
CVE漏洞

CVE-2020-36459

An issue was discovered in the dces crate through 2020-12-09 for Rust. The World type is marked as Send but lacks bounds on its EntityStore and ComponentStore.……

作者：菜鸟教程小白 | 时间：2022-2-5 11:27 | 阅读：5 | 回复：0
CVE漏洞

CVE-2020-36458

An issue was discovered in the lexer crate through 2020-11-10 for Rust. For ReaderResultT, E, there is an implementation of Sync with a trait bound of T: Send, E: Send.……

作者：菜鸟教程小白 | 时间：2022-2-5 11:27 | 阅读：9 | 回复：0
CVE漏洞

CVE-2020-36457

An issue was discovered in the lever crate before 0.1.1 for Rust. AtomicBoxT implements the Send and Sync traits for all types T.……

作者：菜鸟教程小白 | 时间：2022-2-5 11:27 | 阅读：6 | 回复：0