漏洞 - 第706页-OGeek|极客世界-中国程序员成长平台

OGeek|极客世界-中国程序员成长平台 › 门户 ›漏洞

漏洞

RSS

下级分类:

CVE漏洞

CVE-2020-36456

An issue was discovered in the toolshed crate through 2020-11-15 for Rust. In CopyCellT, the Send trait lacks bounds on the contained type.……

作者：菜鸟教程小白 | 时间：2022-2-5 11:27 | 阅读：10 | 回复：0
CVE漏洞

CVE-2020-36455

An issue was discovered in the slock crate through 2020-11-17 for Rust. SlockT unconditionally implements Send and Sync.……

作者：菜鸟教程小白 | 时间：2022-2-5 11:27 | 阅读：10 | 回复：0
CVE漏洞

CVE-2020-36454

An issue was discovered in the parc crate through 2020-11-14 for Rust. LockWeakT has an unconditional implementation of Send without trait bounds on T.……

作者：菜鸟教程小白 | 时间：2022-2-5 11:27 | 阅读：28 | 回复：0
CVE漏洞

CVE-2020-36453

An issue was discovered in the scottqueue crate through 2020-11-15 for Rust. There are unconditional implementations of Send and Sync for QueueT.……

作者：菜鸟教程小白 | 时间：2022-2-5 11:27 | 阅读：51 | 回复：0
CVE漏洞

CVE-2020-36452

An issue was discovered in the array-tools crate before 0.3.2 for Rust. FixedCapacityDequeLike::clone() has a drop of uninitialized memory.……

作者：菜鸟教程小白 | 时间：2022-2-5 11:27 | 阅读：67 | 回复：0
CVE漏洞

CVE-2020-36451

An issue was discovered in the rcu_cell crate through 2020-11-14 for Rust. There are unconditional implementations of Send and Sync for RcuCellT.……

作者：菜鸟教程小白 | 时间：2022-2-5 11:27 | 阅读：67 | 回复：0
CVE漏洞

CVE-2020-36450

An issue was discovered in the bunch crate through 2020-11-12 for Rust. There are unconditional implementations of Send and Sync for BunchT.……

作者：菜鸟教程小白 | 时间：2022-2-5 11:27 | 阅读：68 | 回复：0
CVE漏洞

CVE-2020-36449

An issue was discovered in the kekbit crate before 0.3.4 for Rust. For ShmWriterH, Send is implemented without requiring H: Send.……

作者：菜鸟教程小白 | 时间：2022-2-5 11:27 | 阅读：49 | 回复：0
CVE漏洞

CVE-2020-36448

An issue was discovered in the cache crate through 2020-11-24 for Rust. There are unconditional implementations of Send and Sync for CacheK.……

作者：菜鸟教程小白 | 时间：2022-2-5 11:27 | 阅读：75 | 回复：0
CVE漏洞

CVE-2020-36447

An issue was discovered in the v9 crate through 2020-12-18 for Rust. There is an unconditional implementation of Sync for SyncRefT.……

作者：菜鸟教程小白 | 时间：2022-2-5 11:27 | 阅读：44 | 回复：0
CVE漏洞

CVE-2020-36446

An issue was discovered in the signal-simple crate through 2020-11-15 for Rust. There are unconditional implementations of Send and Sync for SyncChannelT.……

作者：菜鸟教程小白 | 时间：2022-2-5 11:27 | 阅读：53 | 回复：0
CVE漏洞

CVE-2020-36445

An issue was discovered in the convec crate through 2020-11-24 for Rust. There are unconditional implementations of Send and Sync for ConVecT.……

作者：菜鸟教程小白 | 时间：2022-2-5 11:27 | 阅读：59 | 回复：0
CVE漏洞

CVE-2020-36444

An issue was discovered in the async-coap crate through 2020-12-08 for Rust. Send and Sync are implemented for ArcGuardRC, T without trait bounds on RC.……

作者：菜鸟教程小白 | 时间：2022-2-5 11:27 | 阅读：43 | 回复：0
CVE漏洞

CVE-2020-36443

An issue was discovered in the libp2p-deflate crate before 0.27.1 for Rust. An uninitialized buffer is passed to AsyncRead::poll_read(), which is a user-provided trait function.……

作者：菜鸟教程小白 | 时间：2022-2-5 11:27 | 阅读：36 | 回复：0
CVE漏洞

CVE-2020-36442

An issue was discovered in the beef crate before 0.5.0 for Rust. beef::Cow has no Sync bound on its Send trait.……

作者：菜鸟教程小白 | 时间：2022-2-5 11:27 | 阅读：38 | 回复：0
CVE漏洞

CVE-2020-36441

An issue was discovered in the abox crate before 0.4.1 for Rust. It implements Send and Sync for AtomicBoxT with no requirement for T: Send and T: Sync.……

作者：菜鸟教程小白 | 时间：2022-2-5 11:27 | 阅读：38 | 回复：0
CVE漏洞

CVE-2020-36440

An issue was discovered in the libsbc crate before 0.1.5 for Rust. For DecoderR, it implements Send for any R: Read.……

作者：菜鸟教程小白 | 时间：2022-2-5 11:27 | 阅读：38 | 回复：0
CVE漏洞

CVE-2020-36439

An issue was discovered in the ticketed_lock crate before 0.3.0 for Rust. There are unconditional implementations of Send for ReadTicketT and WriteTicketT.……

作者：菜鸟教程小白 | 时间：2022-2-5 11:27 | 阅读：26 | 回复：0
CVE漏洞

CVE-2020-36438

An issue was discovered in the tiny_future crate before 0.4.0 for Rust. FutureT does not have bounds on its Send and Sync traits.……

作者：菜鸟教程小白 | 时间：2022-2-5 11:27 | 阅读：39 | 回复：0
CVE漏洞

CVE-2020-36437

An issue was discovered in the conqueue crate before 0.4.0 for Rust. There are unconditional implementations of Send and Sync for QueueSenderT.……

作者：菜鸟教程小白 | 时间：2022-2-5 11:27 | 阅读：31 | 回复：0
CVE漏洞

CVE-2020-36436

An issue was discovered in the unicycle crate before 0.7.1 for Rust. PinSlabT and UnorderedT, S do not have bounds on their Send and Sync traits.……

作者：菜鸟教程小白 | 时间：2022-2-5 11:27 | 阅读：31 | 回复：0
CVE漏洞

CVE-2020-36435

An issue was discovered in the ruspiro-singleton crate before 0.4.1 for Rust. In Singleton, Send and Sync do not have bounds checks.……

作者：菜鸟教程小白 | 时间：2022-2-5 11:27 | 阅读：31 | 回复：0
CVE漏洞

CVE-2020-36434

An issue was discovered in the sys-info crate before 0.8.0 for Rust. sys_info::disk_info calls can trigger a double free.……

作者：菜鸟教程小白 | 时间：2022-2-5 11:27 | 阅读：34 | 回复：0
CVE漏洞

CVE-2020-36433

An issue was discovered in the chunky crate through 2020-08-25 for Rust. The Chunk API does not honor an alignment requirement.……

作者：菜鸟教程小白 | 时间：2022-2-5 11:27 | 阅读：36 | 回复：0
CVE漏洞

CVE-2020-36432

An issue was discovered in the alg_ds crate through 2020-08-25 for Rust. There is a drop of uninitialized memory in Matrix::new().……

作者：菜鸟教程小白 | 时间：2022-2-5 11:27 | 阅读：43 | 回复：0
CVE漏洞

CVE-2021-38185

GNU cpio through 2.13 allows attackers to execute arbitrary code via a crafted pattern file, because of a dstring.c ds_fgetstr integer overflow that triggers an out-of-bounds heap write. NOTE: it is u ...……

作者：菜鸟教程小白 | 时间：2022-2-5 11:27 | 阅读：47 | 回复：0
CVE漏洞

CVE-2021-38173

Btrbk before 0.31.2 allows command execution because of the mishandling of remote hosts filtering SSH commands using ssh_filter_btrbk.sh in authorized_keys.……

作者：菜鸟教程小白 | 时间：2022-2-5 11:27 | 阅读：32 | 回复：0
CVE漏洞

CVE-2021-38169

Roxy-WI through 5.2.2.0 allows command injection via /app/funct.py and /api/api_funct.py.……

作者：菜鸟教程小白 | 时间：2022-2-5 11:27 | 阅读：34 | 回复：0
CVE漏洞

CVE-2021-38168

Roxy-WI through 5.2.2.0 allows authenticated SQL injection via select_servers.……

作者：菜鸟教程小白 | 时间：2022-2-5 11:27 | 阅读：44 | 回复：0
CVE漏洞

CVE-2021-38167

Roxy-WI through 5.2.2.0 allows SQL Injection via check_login. An unauthenticated attacker can extract a valid uuid to bypass authentication.……

作者：菜鸟教程小白 | 时间：2022-2-5 11:27 | 阅读：53 | 回复：0
CVE漏洞

CVE-2021-38166

In kernel/bpf/hashtab.c in the Linux kernel through 5.13.8, there is an integer overflow and out-of-bounds write when many elements are placed in a single bucket. NOTE: exploitation might be impractic ...……

作者：菜鸟教程小白 | 时间：2022-2-5 11:27 | 阅读：25 | 回复：0
CVE漏洞

CVE-2021-38165

Lynx through 2.8.9 mishandles the userinfo subcomponent of a URI, which allows remote attackers to discover cleartext credentials because they may appear in SNI data.……

作者：菜鸟教程小白 | 时间：2022-2-5 11:27 | 阅读：27 | 回复：0
CVE漏洞

CVE-2021-38159

In certain Progress MOVEit Transfer versions before 2021.0.4 (aka 13.0.4), SQL injection in the MOVEit Transfer web application could allow an unauthenticated remote attacker to gain access to the dat ...……

作者：菜鸟教程小白 | 时间：2022-2-5 11:27 | 阅读：40 | 回复：0
CVE漏洞

CVE-2021-29923

Go before 1.17 does not properly consider extraneous zero characters at the beginning of an IP address octet, which (in some situations) allows attackers to bypass access control that is based on IP a ...……

作者：菜鸟教程小白 | 时间：2022-2-5 11:27 | 阅读：36 | 回复：0
CVE漏洞

CVE-2021-29922

library/std/src/net/parser.rs in Rust before 1.53.0 does not properly consider extraneous zero characters at the beginning of an IP address string, which (in some situations) allows attackers to bypas ...……

作者：菜鸟教程小白 | 时间：2022-2-5 11:27 | 阅读：36 | 回复：0
CVE漏洞

CVE-2021-38160

** DISPUTED ** In drivers/char/virtio_console.c in the Linux kernel before 5.13.4, data corruption or loss can be triggered by an untrusted device that supplies a buf-len value exceeding the buffer si ...……

作者：菜鸟教程小白 | 时间：2022-2-5 11:27 | 阅读：36 | 回复：0
CVE漏洞

CVE-2021-38148

Obsidian before 0.12.12 does not require user confirmation for non-http/https URLs.……

作者：菜鸟教程小白 | 时间：2022-2-5 11:27 | 阅读：29 | 回复：0
CVE漏洞

CVE-2020-28088

An arbitrary file upload vulnerability in /jeecg-boot/sys/common/upload of jeecg-boot CMS 2.3 allows attackers to execute arbitrary code.……

作者：菜鸟教程小白 | 时间：2022-2-5 11:27 | 阅读：32 | 回复：0
CVE漏洞

CVE-2020-28087

A SQL injection vulnerability in /jeecg boot/sys/dict/loadtreedata of jeecg-boot CMS 2.3 allows attackers to access sensitive database information.……

作者：菜鸟教程小白 | 时间：2022-2-5 11:27 | 阅读：38 | 回复：0
CVE漏洞

CVE-2020-21358

A cross site request forgery (CSRF) in Wage-CMS 1.5.x-dev allows attackers to arbitrarily add users.……

作者：菜鸟教程小白 | 时间：2022-2-5 11:27 | 阅读：33 | 回复：0