漏洞 - 第750页-OGeek|极客世界-中国程序员成长平台

OGeek|极客世界-中国程序员成长平台 › 门户 ›漏洞

漏洞

RSS

下级分类:

CVE漏洞

CVE-2021-29085

Improper neutralization of special elements in output used by a downstream component ('Injection') vulnerability in file sharing management component in Synology DiskStation Manager (DSM) befo ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:51 | 阅读：24 | 回复：0
CVE漏洞

CVE-2021-29084

Improper neutralization of special elements in output used by a downstream component ('Injection') vulnerability in Security Advisor report management component in Synology DiskStation Manager ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:51 | 阅读：17 | 回复：0
CVE漏洞

CVE-2021-27649

Use after free vulnerability in file transfer protocol component in Synology DiskStation Manager (DSM) before 6.2.3-25426-3 allows remote attackers to execute arbitrary code via unspecified vectors.……

作者：菜鸟教程小白 | 时间：2022-2-5 10:51 | 阅读：10 | 回复：0
CVE漏洞

CVE-2021-34397

Bootloader contains a vulnerability in NVIDIA MB2, which may cause free-the-wrong-heap, which may lead to limited denial of service.……

作者：菜鸟教程小白 | 时间：2022-2-5 10:51 | 阅读：18 | 回复：0
CVE漏洞

CVE-2021-34396

Bootloader contains a vulnerability in access permission settings where unauthorized software may be able to overwrite NVIDIA MB2 code, which would result in limited denial of service.……

作者：菜鸟教程小白 | 时间：2022-2-5 10:51 | 阅读：13 | 回复：0
CVE漏洞

CVE-2021-34395

Trusty TLK contains a vulnerability in its access permission settings where it does not properly restrict access to a resource from a user with local privileges, which might lead to limited informatio ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:51 | 阅读：9 | 回复：0
CVE漏洞

CVE-2021-34394

Trusty contains a vulnerability in the NVIDIA OTE protocol that is present in all TAs. An incorrect message stream deserialization allows an attacker to use the malicious CA that is run by the user to ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:51 | 阅读：9 | 回复：0
CVE漏洞

CVE-2021-34393

Trusty contains a vulnerability in TSEC TA which deserializes the incoming messages even though the TSEC TA does not expose any command. This vulnerability might allow an attacker to exploit the deser ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:51 | 阅读：20 | 回复：0
CVE漏洞

CVE-2021-34392

Trusty TLK contains a vulnerability in the NVIDIA TLK kernel where an integer overflow in the tz_map_shared_mem function can bypass boundary checks, which might lead to denial of service.……

作者：菜鸟教程小白 | 时间：2022-2-5 10:51 | 阅读：24 | 回复：0
CVE漏洞

CVE-2021-34391

Trusty contains a vulnerability in the NVIDIA TLK kernel function where a lack of checks allows the exploitation of an integer overflow through a specific SMC call that is triggered by the user, which ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:51 | 阅读：23 | 回复：0
CVE漏洞

CVE-2021-34390

Trusty contains a vulnerability in the NVIDIA TLK kernel function where a lack of checks allows the exploitation of an integer overflow through a specific SMC call that is triggered by the user, which ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:51 | 阅读：31 | 回复：0
CVE漏洞

CVE-2021-34372

Trusty (the trusted OS produced by NVIDIA for Jetson devices) driver contains a vulnerability in the NVIDIA OTE protocol message parsing code where an integer overflow in a malloc() size calculation l ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:51 | 阅读：11 | 回复：0
CVE漏洞

CVE-2020-36394

pam_setquota.c in the pam_setquota module before 2020-05-29 for Linux-PAM allows local attackers to set their quota on an arbitrary filesystem, in certain situations where the attacker's home dire ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:51 | 阅读：5 | 回复：0
CVE漏洞

CVE-2021-32701

ORY Oathkeeper is an Identity Access Proxy (IAP) and Access Control Decision API that authorizes HTTP requests based on sets of Access Rules. When you make a request to an endpoint that requires the ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:51 | 阅读：13 | 回复：0
CVE漏洞

CVE-2021-32700

Ballerina is an open source programming language and platform for cloud application programmers. Ballerina versions 1.2.x and SL releases up to alpha 3 have a potential for a supply chain attack via M ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:51 | 阅读：7 | 回复：0
CVE漏洞

CVE-2021-32699

Wings is the control plane software for the open source Pterodactyl game management system. All versions of Pterodactyl Wings prior to `1.4.4` are vulnerable to system resource exhaustion due to impro ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:51 | 阅读：18 | 回复：0
CVE漏洞

CVE-2021-22383

There is an out-of-bounds read vulnerability in eCNS280_TD V100R005C10 and eSE620X vESS V100R001C10SPC200, V100R001C20SPC200, V200R001C00SPC300. The vulnerability is due to a message-handling function ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:51 | 阅读：10 | 回复：0
CVE漏洞

CVE-2021-22382

Huawei LTE USB Dongle products have an improper permission assignment vulnerability. An attacker can locally access and log in to a PC to induce a user to install a specially crafted application. Afte ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:51 | 阅读：9 | 回复：0
CVE漏洞

CVE-2021-22378

There is a race condition vulnerability in eCNS280_TD V100R005C00 and V100R005C10. There is a timing window exists in which the database can be operated by another thread that is operating concurrentl ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:51 | 阅读：9 | 回复：0
CVE漏洞

CVE-2021-22377

There is a command injection vulnerability in S12700 V200R019C00SPC500, S2700 V200R019C00SPC500, S5700 V200R019C00SPC500, S6700 V200R019C00SPC500 and S7700 V200R019C00SPC500. A module does not verify ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:51 | 阅读：6 | 回复：0
CVE漏洞

CVE-2021-22363

There is a resource management error vulnerability in eCNS280_TD V100R005C10SPC650. An attacker needs to perform specific operations to exploit the vulnerability on the affected device. Due to imprope ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:51 | 阅读：15 | 回复：0
CVE漏洞

CVE-2021-22342

There is an information leak vulnerability in Huawei products. A module does not deal with specific input sufficiently. High privilege attackers can exploit this vulnerability by performing some opera ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:51 | 阅读：9 | 回复：0
CVE漏洞

CVE-2021-3044

An improper authorization vulnerability in Palo Alto Networks Cortex XSOAR enables a remote unauthenticated attacker with network access to the Cortex XSOAR server to perform unauthorized actions thro ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:51 | 阅读：8 | 回复：0
CVE漏洞

CVE-2021-32644

Ampache is an open source web based audio/video streaming application and file manager. Due to a lack of input filtering versions 4.x.y are vulnerable to code injection in random.php. The attack requi ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:51 | 阅读：6 | 回复：0
CVE漏洞

CVE-2021-22366

There is an out-of-bounds read vulnerability in eSE620X vESS V100R001C10SPC200, V100R001C20SPC200, V200R001C00SPC300. The vulnerability is due to a function that handles an internal message contains a ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:51 | 阅读：12 | 回复：0
CVE漏洞

CVE-2021-22365

There is an out of bounds read vulnerability in eSE620X vESS V100R001C10SPC200, V100R001C20SPC200, V200R001C00SPC300. A local attacker can exploit this vulnerability by sending specific message to the ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:51 | 阅读：11 | 回复：0
CVE漏洞

CVE-2021-22361

There is an improper authorization vulnerability in eCNS280 V100R005C00, V100R005C10 and eSE620X vESS V100R001C10SPC200, V100R001C20SPC200. A file access is not authorized correctly. Attacker with low ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:51 | 阅读：17 | 回复：0
CVE漏洞

CVE-2020-18654

Cross Site Scripting (XSS) in Wuzhi CMS v4.1.0 allows remote attackers to execute arbitrary code via the Title parameter in the component /coreframe/app/guestbook/myissue.php.……

作者：菜鸟教程小白 | 时间：2022-2-5 10:51 | 阅读：27 | 回复：0
CVE漏洞

CVE-2021-34428

For Eclipse Jetty versions = 9.4.40, = 10.0.2, = 11.0.2, if an exception is thrown from the SessionListener#sessionDestroyed() method, then the session ID is not invalidated in the session ID manager. ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:51 | 阅读：22 | 回复：0
CVE漏洞

CVE-2020-22176

PHPGurukul Hospital Management System in PHP v4.0 has a sensitive information disclosure vulnerability in multiple areas. Remote unauthenticated users can exploit the vulnerability to obtain user sens ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:51 | 阅读：21 | 回复：0
CVE漏洞

CVE-2020-22175

PHPGurukul Hospital Management System in PHP v4.0 has a SQL injection vulnerability in \hms\admin\betweendates-detailsreports.php. Remote unauthenticated users can exploit the vulnerability to obtain ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:51 | 阅读：6 | 回复：0
CVE漏洞

CVE-2020-22174

PHPGurukul Hospital Management System in PHP v4.0 has a SQL injection vulnerability in \hms\book-appointment.php. Remote unauthenticated users can exploit the vulnerability to obtain database sensitiv ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:51 | 阅读：10 | 回复：0
CVE漏洞

CVE-2020-22173

PHPGurukul Hospital Management System in PHP v4.0 has a SQL injection vulnerability in \hms\edit-profile.php. Remote unauthenticated users can exploit the vulnerability to obtain database sensitive in ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:51 | 阅读：15 | 回复：0
CVE漏洞

CVE-2020-22172

PHPGurukul Hospital Management System in PHP v4.0 has a SQL injection vulnerability in \hms\get_doctor.php. Remote unauthenticated users can exploit the vulnerability to obtain database sensitive info ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:51 | 阅读：12 | 回复：0
CVE漏洞

CVE-2020-22171

PHPGurukul Hospital Management System in PHP v4.0 has a SQL injection vulnerability in \hms\registration.php. Remote unauthenticated users can exploit the vulnerability to obtain database sensitive in ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:51 | 阅读：6 | 回复：0
CVE漏洞

CVE-2020-22170

PHPGurukul Hospital Management System in PHP v4.0 has a SQL injection vulnerability in \hms\get_doctor.php. Remote unauthenticated users can exploit the vulnerability to obtain database sensitive info ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:51 | 阅读：14 | 回复：0
CVE漏洞

CVE-2020-22169

PHPGurukul Hospital Management System in PHP v4.0 has a SQL injection vulnerability in \hms\appointment-history.php. Remote unauthenticated users can exploit the vulnerability to obtain database sensi ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:51 | 阅读：21 | 回复：0
CVE漏洞

CVE-2020-22168

PHPGurukul Hospital Management System in PHP v4.0 has a SQL injection vulnerability in \hms\change-emaild.php. Remote unauthenticated users can exploit the vulnerability to obtain database sensitive i ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:51 | 阅读：20 | 回复：0
CVE漏洞

CVE-2020-22167

PHPGurukul Hospital Management System in PHP v4.0 has a Persistent Cross-Site Scripting vulnerability in \hms\admin\appointment-history.php. Remote registered users can exploit the vulnerability to ob ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:51 | 阅读：7 | 回复：0
CVE漏洞

CVE-2020-22166

PHPGurukul Hospital Management System in PHP v4.0 has a SQL injection vulnerability in \hms\forgot-password.php. Remote unauthenticated users can exploit the vulnerability to obtain database sensitive ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:51 | 阅读：24 | 回复：0