漏洞 - 第708页-OGeek|极客世界-中国程序员成长平台

OGeek|极客世界-中国程序员成长平台 › 门户 ›漏洞

漏洞

RSS

下级分类:

CVE漏洞

CVE-2021-3042

A local privilege escalation (PE) vulnerability exists in the Palo Alto Networks Cortex XDR agent on Windows platforms that enables an authenticated local Windows user to execute programs with SYSTEM ...……

作者：菜鸟教程小白 | 时间：2022-2-5 11:26 | 阅读：46 | 回复：0
CVE漏洞

CVE-2021-34429

For Eclipse Jetty versions 9.4.37-9.4.42, 10.0.1-10.0.5 11.0.1-11.0.5, URIs can be crafted using some encoded characters to access the content of the WEB-INF directory and/or bypass some security con ...……

作者：菜鸟教程小白 | 时间：2022-2-5 11:26 | 阅读：36 | 回复：0
CVE漏洞

CVE-2021-32750

MuWire is a file publishing and networking tool that protects the identity of its users by using I2P technology. Users of MuWire desktop client prior to version 0.8.8 can be de-anonymized by an attack ...……

作者：菜鸟教程小白 | 时间：2022-2-5 11:26 | 阅读：26 | 回复：0
CVE漏洞

CVE-2021-21587

Dell Wyse Management Suite versions 3.2 and earlier contain a full path disclosure vulnerability. A local unauthenticated attacker could exploit this vulnerability in order to obtain the path of files ...……

作者：菜鸟教程小白 | 时间：2022-2-5 11:26 | 阅读：44 | 回复：0
CVE漏洞

CVE-2021-21586

Wyse Management Suite versions 3.2 and earlier contain an absolute path traversal vulnerability. A remote authenticated malicious user could exploit this vulnerability in order to read arbitrary files ...……

作者：菜鸟教程小白 | 时间：2022-2-5 11:26 | 阅读：33 | 回复：0
CVE漏洞

CVE-2021-32743

Icinga is a monitoring system which checks the availability of network resources, notifies users of outages, and generates performance data for reporting. In versions prior to 2.11.10 and from version ...……

作者：菜鸟教程小白 | 时间：2022-2-5 11:26 | 阅读：36 | 回复：0
CVE漏洞

CVE-2021-29749

IBM Secure External Authentication Server 6.0.2 and IBM Secure Proxy 6.0.2 is vulnerable to server-side request forgery (SSRF). This may allow an authenticated attacker to send unauthorized requests f ...……

作者：菜鸟教程小白 | 时间：2022-2-5 11:26 | 阅读：27 | 回复：0
CVE漏洞

CVE-2021-29725

IBM Secure External Authentication Server 2.4.3.2, 6.0.1, 6.0.2 and IBM Secure Proxy 3.4.3.2, 6.0.1, 6.0.2 could allow a remote user to consume resources causing a denial of service due to a resource ...……

作者：菜鸟教程小白 | 时间：2022-2-5 11:26 | 阅读：20 | 回复：0
CVE漏洞

CVE-2021-27847

Division-By-Zero vulnerability in Libvips 8.10.5 in the function vips_eye_point, eye.c#L83, and function vips_mask_point, mask.c#L85.……

作者：菜鸟教程小白 | 时间：2022-2-5 11:26 | 阅读：34 | 回复：0
CVE漏洞

CVE-2021-27845

A Divide-by-zero vulnerability exists in JasPer Image Coding Toolkit 2.0 in jasper/src/libjasper/jpc/jpc_enc.c……

作者：菜鸟教程小白 | 时间：2022-2-5 11:26 | 阅读：20 | 回复：0
CVE漏洞

CVE-2021-20439

IBM Security Access Manager 9.0 and IBM Security Verify Access Docker 10.0.0 stores user credentials in plain clear text which can be read by an unauthorized user.……

作者：菜鸟教程小白 | 时间：2022-2-5 11:26 | 阅读：28 | 回复：0
CVE漏洞

CVE-2020-12734

DEPSTECH WiFi Digital Microscope 3 allows remote attackers to change the SSID and password, and demand a ransom payment from the rightful device owner, because there is no way to reset to Factory Defa ...……

作者：菜鸟教程小白 | 时间：2022-2-5 11:26 | 阅读：23 | 回复：0
CVE漏洞

CVE-2020-12733

Certain Shenzhen PENGLIXIN components on DEPSTECH WiFi Digital Microscope 3, as used by Shekar Endoscope, allow a TELNET connection with the molinkadmin password for the molink account.……

作者：菜鸟教程小白 | 时间：2022-2-5 11:26 | 阅读：31 | 回复：0
CVE漏洞

CVE-2020-12732

DEPSTECH WiFi Digital Microscope 3 has a default SSID of Jetion_xxxxxxxx with a password of 12345678.……

作者：菜鸟教程小白 | 时间：2022-2-5 11:26 | 阅读：30 | 回复：0
CVE漏洞

CVE-2021-32739

Icinga is a monitoring system which checks the availability of network resources, notifies users of outages, and generates performance data for reporting. From version 2.4.0 through version 2.12.4, a ...……

作者：菜鸟教程小白 | 时间：2022-2-5 11:26 | 阅读：34 | 回复：0
CVE漏洞

CVE-2020-25736

Acronis True Image 2019 update 1 through 2021 update 1 on macOS allows local privilege escalation due to an insecure XPC service configuration.……

作者：菜鸟教程小白 | 时间：2022-2-5 11:26 | 阅读：34 | 回复：0
CVE漏洞

CVE-2020-25593

Acronis True Image through 2021 on macOS allows local privilege escalation from admin to root due to insecure folder permissions.……

作者：菜鸟教程小白 | 时间：2022-2-5 11:26 | 阅读：42 | 回复：0
CVE漏洞

CVE-2020-15495

Acronis True Image 2019 update 1 through 2020 on macOS allows local privilege escalation due to an insecure XPC service configuration.……

作者：菜鸟教程小白 | 时间：2022-2-5 11:26 | 阅读：27 | 回复：0
CVE漏洞

CVE-2020-12731

The MagicMotion Flamingo 2 application for Android stores data on an sdcard under com.vt.magicmotion/files/Pictures, whence it can be read by other applications.……

作者：菜鸟教程小白 | 时间：2022-2-5 11:26 | 阅读：31 | 回复：0
CVE漏洞

CVE-2020-12730

MagicMotion Flamingo 2 lacks BLE encryption, enabling data sniffing and packet forgery.……

作者：菜鸟教程小白 | 时间：2022-2-5 11:26 | 阅读：32 | 回复：0
CVE漏洞

CVE-2020-12729

MagicMotion Flamingo 2 has a lack of access control for reading from device descriptors.……

作者：菜鸟教程小白 | 时间：2022-2-5 11:26 | 阅读：37 | 回复：0
CVE漏洞

CVE-2021-34692

iDrive RemotePC before 7.6.48 on Windows allows privilege escalation. A local and low-privileged user can force RemotePC to execute an attacker-controlled executable with SYSTEM privileges.……

作者：菜鸟教程小白 | 时间：2022-2-5 11:26 | 阅读：26 | 回复：0
CVE漏洞

CVE-2021-34691

iDrive RemotePC before 4.0.1 on Linux allows denial of service. A remote and unauthenticated attacker can disconnect a valid user session by connecting to an ephemeral port.……

作者：菜鸟教程小白 | 时间：2022-2-5 11:26 | 阅读：29 | 回复：0
CVE漏洞

CVE-2021-34690

iDrive RemotePC before 7.6.48 on Windows allows authentication bypass. A remote and unauthenticated attacker can bypass cloud authentication to connect and control a system via TCP port 5970 and 5980.……

作者：菜鸟教程小白 | 时间：2022-2-5 11:26 | 阅读：31 | 回复：0
CVE漏洞

CVE-2021-34689

iDrive RemotePC before 7.6.48 on Windows allows information disclosure. A locally authenticated attacker can read the system's Personal Key in world-readable %PROGRAMDATA% log files.……

作者：菜鸟教程小白 | 时间：2022-2-5 11:26 | 阅读：28 | 回复：0
CVE漏洞

CVE-2021-34688

iDrive RemotePC before 7.6.48 on Windows allows information disclosure. A locally authenticated attacker can read an encrypted version of the system's Personal Key in world-readable %PROGRAMDATA% ...……

作者：菜鸟教程小白 | 时间：2022-2-5 11:26 | 阅读：43 | 回复：0
CVE漏洞

CVE-2021-34687

iDrive RemotePC before 7.6.48 on Windows allows information disclosure. A man in the middle can recover a system's Personal Key when a client attempts to make a LAN connection. The Personal Key is ...……

作者：菜鸟教程小白 | 时间：2022-2-5 11:26 | 阅读：36 | 回复：0
CVE漏洞

CVE-2021-34558

The crypto/tls package of Go through 1.16.5 does not properly assert that the type of public key in an X.509 certificate matches the expected type when doing a RSA based key exchange, allowing a malic ...……

作者：菜鸟教程小白 | 时间：2022-2-5 11:26 | 阅读：36 | 回复：0
CVE漏洞

CVE-2020-15496

Acronis True Image for Mac before 2021 Update 4 allowed local privilege escalation due to insecure folder permissions.……

作者：菜鸟教程小白 | 时间：2022-2-5 11:26 | 阅读：30 | 回复：0
CVE漏洞

CVE-2021-33505

A local malicious user can circumvent the Falco detection engine through 0.28.1 by running a program that alters arguments of system calls being executed. Issue is fixed in Falco versions = 0.29.1.……

作者：菜鸟教程小白 | 时间：2022-2-5 11:26 | 阅读：25 | 回复：0
CVE漏洞

CVE-2021-31999

A Reliance on Untrusted Inputs in a Security Decision vulnerability in Rancher allows users in the cluster to act as others users in the cluster by forging the Impersonate-User or Impersonate-Group he ...……

作者：菜鸟教程小白 | 时间：2022-2-5 11:26 | 阅读：27 | 回复：0
CVE漏洞

CVE-2021-25320

A Improper Access Control vulnerability in Rancher, allows users in the cluster to make request to cloud providers by creating requests with the cloud-credential ID. Rancher in this case would attach ...……

作者：菜鸟教程小白 | 时间：2022-2-5 11:26 | 阅读：22 | 回复：0
CVE漏洞

CVE-2021-25318

A Incorrect Permission Assignment for Critical Resource vulnerability in Rancher allows users in the cluster to modify resources they should not have access to. This issue affects: Rancher versions pr ...……

作者：菜鸟教程小白 | 时间：2022-2-5 11:26 | 阅读：39 | 回复：0
CVE漏洞

CVE-2020-36420

** UNSUPPORTED WHEN ASSIGNED ** Polipo through 1.1.1, when NDEBUG is omitted, allows denial of service via a reachable assertion during parsing of a malformed Range header. NOTE: This vulnerability on ...……

作者：菜鸟教程小白 | 时间：2022-2-5 11:26 | 阅读：56 | 回复：0
CVE漏洞

CVE-2020-24133

A heap buffer overflow vulnerability in the r_asm_swf_disass function of Radare2-extras before commit e74a93c allows attackers to execute arbitrary code or carry out denial of service (DOS) attacks.……

作者：菜鸟教程小白 | 时间：2022-2-5 11:26 | 阅读：29 | 回复：0
CVE漏洞

CVE-2021-35211

Microsoft discovered a remote code execution (RCE) vulnerability in the SolarWinds Serv-U product utilizing a Remote Memory Escape Vulnerability. If exploited, a threat actor may be able to gain privi ...……

作者：菜鸟教程小白 | 时间：2022-2-5 11:26 | 阅读：27 | 回复：0
CVE漏洞

CVE-2021-22867

A path traversal vulnerability was identified in GitHub Enterprise Server that could be exploited when building a GitHub Pages site. User-controlled configuration options used by GitHub Pages were not ...……

作者：菜鸟教程小白 | 时间：2022-2-5 11:26 | 阅读：27 | 回复：0
CVE漏洞

CVE-2020-29157

An issue in RAONWIZ K Editor v2018.0.0.10 allows attackers to perform a DLL hijacking attack when the service or system is restarted.……

作者：菜鸟教程小白 | 时间：2022-2-5 11:26 | 阅读：27 | 回复：0
CVE漏洞

CVE-2020-18155

SQL Injection vulnerability in Subrion CMS v4.2.1 in the search page if a website uses a PDO connection.……

作者：菜鸟教程小白 | 时间：2022-2-5 11:26 | 阅读：32 | 回复：0
CVE漏洞

CVE-2021-34174

A vulnerability exists in Broadcom BCM4352 and BCM43684 chips. Any wireless router using BCM4352 and BCM43684 will be affected, such as ASUS AX6100. An attacker may cause a Denial of Service (DoS) to ...……

作者：菜鸟教程小白 | 时间：2022-2-5 11:26 | 阅读：25 | 回复：0