漏洞 - 第740页-OGeek|极客世界-中国程序员成长平台

OGeek|极客世界-中国程序员成长平台 › 门户 ›漏洞

漏洞

RSS

下级分类:

CVE漏洞

CVE-2019-25048

LibreSSL 2.9.1 through 3.2.1 has a heap-based buffer over-read in do_print_ex (called from asn1_item_print_ctx and ASN1_item_print).……

作者：菜鸟教程小白 | 时间：2022-2-5 10:53 | 阅读：33 | 回复：0
CVE漏洞

CVE-2018-25018

UnRAR 5.6.1.7 through 5.7.4 and 6.0.3 has an out-of-bounds write during a memcpy in QuickOpen::ReadRaw when called from QuickOpen::ReadNext.……

作者：菜鸟教程小白 | 时间：2022-2-5 10:53 | 阅读：32 | 回复：0
CVE漏洞

CVE-2018-25017

RawSpeed (aka librawspeed) 3.1 has a heap-based buffer overflow in TableLookUp::setTable.……

作者：菜鸟教程小白 | 时间：2022-2-5 10:53 | 阅读：51 | 回复：0
CVE漏洞

CVE-2017-20006

UnRAR 5.6.1.2 and 5.6.1.3 has a heap-based buffer overflow in Unpack::CopyString (called from Unpack::Unpack5 and CmdExtract::ExtractCurrentFile).……

作者：菜鸟教程小白 | 时间：2022-2-5 10:53 | 阅读：36 | 回复：0
CVE漏洞

CVE-2021-28804

A command injection vulnerabilities have been reported to affect QTS and QuTS hero. If exploited, this vulnerability allows attackers to execute arbitrary commands in a compromised application. This i ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:53 | 阅读：40 | 回复：0
CVE漏洞

CVE-2021-28803

This issue affects: QNAP Systems Inc. Q'center versions prior to 1.11.1004.……

作者：菜鸟教程小白 | 时间：2022-2-5 10:53 | 阅读：38 | 回复：0
CVE漏洞

CVE-2021-28802

A command injection vulnerabilities have been reported to affect QTS and QuTS hero. If exploited, this vulnerability allows attackers to execute arbitrary commands in a compromised application. This i ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:53 | 阅读：37 | 回复：0
CVE漏洞

CVE-2020-36196

A stored XSS vulnerability has been reported to affect QNAP NAS running QuLog Center. If exploited, this vulnerability allows attackers to inject malicious code. This issue affects: QNAP Systems Inc. ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:53 | 阅读：32 | 回复：0
CVE漏洞

CVE-2020-36194

An XSS vulnerability has been reported to affect QNAP NAS running QTS and QuTS hero. If exploited, this vulnerability allows attackers to inject malicious code. This issue affects: QNAP Systems Inc. Q ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:53 | 阅读：39 | 回复：0
CVE漏洞

CVE-2021-22345

There is an Input Verification Vulnerability in Huawei Smartphone. Successful exploitation of this vulnerability may cause out-of-bounds memory write.……

作者：菜鸟教程小白 | 时间：2022-2-5 10:53 | 阅读：45 | 回复：0
CVE漏洞

CVE-2021-22352

There is a Configuration Defect Vulnerability in Huawei Smartphone. Successful exploitation of this vulnerability may allow attackers to hijack the device and forge UIs to induce users to execute mali ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:53 | 阅读：29 | 回复：0
CVE漏洞

CVE-2021-22351

There is a Credentials Management Errors Vulnerability in Huawei Smartphone. Successful exploitation of this vulnerability may induce users to grant permissions on modifying items in the configuration ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:53 | 阅读：65 | 回复：0
CVE漏洞

CVE-2021-22350

There is a Memory Buffer Improper Operation Limit Vulnerability in Huawei Smartphone. Successful exploitation of this vulnerability may cause the device to crash and restart.……

作者：菜鸟教程小白 | 时间：2022-2-5 10:53 | 阅读：50 | 回复：0
CVE漏洞

CVE-2021-22349

There is an Input Verification Vulnerability in Huawei Smartphone. Successful exploitation of insufficient input verification may cause the system to restart.……

作者：菜鸟教程小白 | 时间：2022-2-5 10:53 | 阅读：35 | 回复：0
CVE漏洞

CVE-2021-22348

There is a Memory Buffer Improper Operation Limit Vulnerability in Huawei Smartphone. Successful exploitation of this vulnerability may cause code to execute.……

作者：菜鸟教程小白 | 时间：2022-2-5 10:53 | 阅读：26 | 回复：0
CVE漏洞

CVE-2021-22346

There is an Improper Permission Management Vulnerability in Huawei Smartphone. Successful exploitation of this vulnerability may lead to the disclosure of user habits.……

作者：菜鸟教程小白 | 时间：2022-2-5 10:53 | 阅读：25 | 回复：0
CVE漏洞

CVE-2021-34075

In Artica Pandora FMS =754 in the File Manager component, there is sensitive information exposed on the client side which attackers can access.……

作者：菜鸟教程小白 | 时间：2022-2-5 10:53 | 阅读：27 | 回复：0
CVE漏洞

CVE-2021-32736

think-helper defines a set of helper functions for ThinkJS. In versions of think-helper prior to 1.1.3, the software receives input from an upstream component that specifies attributes that are to be ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:53 | 阅读：26 | 回复：0
CVE漏洞

CVE-2021-22368

There is a Permission Control Vulnerability in Huawei Smartphone. Successful exploitation of this vulnerability may affect normal use of the device.……

作者：菜鸟教程小白 | 时间：2022-2-5 10:53 | 阅读：43 | 回复：0
CVE漏洞

CVE-2021-22367

There is a Key Management Errors Vulnerability in Huawei Smartphone. Successful exploitation of this vulnerability may lead to authentication bypass.……

作者：菜鸟教程小白 | 时间：2022-2-5 10:53 | 阅读：30 | 回复：0
CVE漏洞

CVE-2021-22354

There is an Information Disclosure Vulnerability in Huawei Smartphone. Successful exploitation of this vulnerability may cause out-of-bounds read.……

作者：菜鸟教程小白 | 时间：2022-2-5 10:53 | 阅读：28 | 回复：0
CVE漏洞

CVE-2021-22353

There is a Memory Buffer Improper Operation Limit Vulnerability in Huawei Smartphone. Successful exploitation of this vulnerability may cause the kernel to restart.……

作者：菜鸟教程小白 | 时间：2022-2-5 10:53 | 阅读：46 | 回复：0
CVE漏洞

CVE-2021-21676

Jenkins requests-plugin Plugin 2.2.7 and earlier does not perform a permission check in an HTTP endpoint, allowing attackers with Overall/Read permission to send test emails to an attacker-specified e ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:53 | 阅读：42 | 回复：0
CVE漏洞

CVE-2021-21675

A cross-site request forgery (CSRF) vulnerability in Jenkins requests-plugin Plugin 2.2.12 and earlier allows attackers to create requests and/or have administrators apply pending requests.……

作者：菜鸟教程小白 | 时间：2022-2-5 10:53 | 阅读：33 | 回复：0
CVE漏洞

CVE-2021-21674

A missing permission check in Jenkins requests-plugin Plugin 2.2.6 and earlier allows attackers with Overall/Read permission to view the list of pending requests.……

作者：菜鸟教程小白 | 时间：2022-2-5 10:53 | 阅读：36 | 回复：0
CVE漏洞

CVE-2021-21673

Jenkins CAS Plugin 1.6.0 and earlier improperly determines that a redirect URL after login is legitimately pointing to Jenkins, allowing attackers to perform phishing attacks.……

作者：菜鸟教程小白 | 时间：2022-2-5 10:53 | 阅读：23 | 回复：0
CVE漏洞

CVE-2021-21672

Jenkins Selenium HTML report Plugin 1.0 and earlier does not configure its XML parser to prevent XML external entity (XXE) attacks.……

作者：菜鸟教程小白 | 时间：2022-2-5 10:53 | 阅读：32 | 回复：0
CVE漏洞

CVE-2021-21671

Jenkins 2.299 and earlier, LTS 2.289.1 and earlier does not invalidate the previous session on login.……

作者：菜鸟教程小白 | 时间：2022-2-5 10:53 | 阅读：20 | 回复：0
CVE漏洞

CVE-2021-21670

Jenkins 2.299 and earlier, LTS 2.289.1 and earlier allows users to cancel queue items and abort builds of jobs for which they have Item/Cancel permission even when they do not have Item/Read permissio ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:53 | 阅读：23 | 回复：0
CVE漏洞

CVE-2021-35973

NETGEAR WAC104 devices before 1.0.4.15 are affected by an authentication bypass vulnerability in /usr/sbin/mini_httpd, allowing an unauthenticated attacker to invoke any action by adding the currentse ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:53 | 阅读：45 | 回复：0
CVE漏洞

CVE-2021-35971

Veeam Backup and Replication 10 before 10.0.1.4854 P20210609 and 11 before 11.0.0.837 P20210507 mishandles deserialization during Microsoft .NET remoting.……

作者：菜鸟教程小白 | 时间：2022-2-5 10:53 | 阅读：27 | 回复：0
CVE漏洞

CVE-2021-35970

Talk 4 in Coral before 4.12.1 allows remote attackers to discover e-mail addresses and other sensitive information via GraphQL because permission checks use an incorrect data type.……

作者：菜鸟教程小白 | 时间：2022-2-5 10:53 | 阅读：52 | 回复：0
CVE漏洞

CVE-2021-22374

There is an Improper Validation of Array Index Vulnerability in Huawei Smartphone. Successful exploitation of this vulnerability may cause stability risks.……

作者：菜鸟教程小白 | 时间：2022-2-5 10:53 | 阅读：36 | 回复：0
CVE漏洞

CVE-2021-22373

There is a Defects Introduced in the Design Process Vulnerability in Huawei Smartphone. Successful exploitation of this vulnerability may affect service integrity and availability.……

作者：菜鸟教程小白 | 时间：2022-2-5 10:53 | 阅读：32 | 回复：0
CVE漏洞

CVE-2021-22371

There is an Improper Permission Management Vulnerability in Huawei Smartphone. Successful exploitation of this vulnerability may affect service confidentiality.……

作者：菜鸟教程小白 | 时间：2022-2-5 10:53 | 阅读：33 | 回复：0
CVE漏洞

CVE-2021-22369

There is a Time-of-check Time-of-use (TOCTOU) Race Condition Vulnerability in Huawei Smartphone. Successful exploitation of these vulnerabilities may escalate the permission to that of the root user.……

作者：菜鸟教程小白 | 时间：2022-2-5 10:53 | 阅读：45 | 回复：0
CVE漏洞

CVE-2021-22323

There is an Integer Overflow Vulnerability in Huawei Smartphone. Successful exploitation of these vulnerabilities may escalate the permission to that of the root user.……

作者：菜鸟教程小白 | 时间：2022-2-5 10:53 | 阅读：36 | 回复：0
CVE漏洞

CVE-2021-3630

An out-of-bounds write vulnerability was found in DjVuLibre in DJVU::DjVuTXT::decode() in DjVuText.cpp via a crafted djvu file which may lead to crash and segmentation fault. This flaw affects DjVuLib ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:53 | 阅读：35 | 回复：0
CVE漏洞

CVE-2021-22380

There is a Cleartext Transmission of Sensitive Information Vulnerability in Huawei Smartphone. Successful exploitation of this vulnerability may affect service confidentiality and availability.……

作者：菜鸟教程小白 | 时间：2022-2-5 10:53 | 阅读：29 | 回复：0
CVE漏洞

CVE-2021-22376

A component of the HarmonyOS has a Improper Privilege Management vulnerability. Local attackers may exploit this vulnerability to bypass user restrictions.……

作者：菜鸟教程小白 | 时间：2022-2-5 10:53 | 阅读：34 | 回复：0