• 设为首页
  • 点击收藏
  • 手机版
    手机扫一扫访问
    迪恩网络手机版
  • 关注官方公众号
    微信扫一扫关注
    迪恩网络公众号
登陆 注册
描述文字
OGeek|极客世界-中国程序员成长平台 门户 漏洞

漏洞

RSS

下级分类:

  • CVE-2020-22165
    CVE漏洞
    CVE-2020-22165
    PHPGurukul Hospital Management System in PHP v4.0 has a SQL injection vulnerability in \hms\user-login.php. Remote unauthenticated users can exploit the vulnerability to obtain database sensitive info ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:51 | 阅读:29 | 回复:0
  • CVE-2020-22164
    CVE漏洞
    CVE-2020-22164
    PHPGurukul Hospital Management System in PHP v4.0 has a SQL injection vulnerability in \hms\check_availability.php. Remote unauthenticated users can exploit the vulnerability to obtain database sensit ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:51 | 阅读:22 | 回复:0
  • CVE-2020-18648
    CVE漏洞
    CVE-2020-18648
    Cross Site Request Forgery (CSRF) in JuQingCMS v1.0 allows remote attackers to gain local privileges via the component JuQingCMS_v1.0/admin/index.php?c=administratora=add.……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:51 | 阅读:15 | 回复:0
  • CVE-2020-18647
    CVE漏洞
    CVE-2020-18647
    Information Disclosure in NoneCMS v1.3 allows remote attackers to obtain sensitive information via the component /nonecms/vendor.……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:51 | 阅读:9 | 回复:0
  • CVE-2020-18646
    CVE漏洞
    CVE-2020-18646
    Information Disclosure in NoneCMS v1.3 allows remote attackers to obtain sensitive information via the component /public/index.php.……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:51 | 阅读:14 | 回复:0
  • CVE-2020-15732
    CVE漏洞
    CVE-2020-15732
    Improper Certificate Validation vulnerability in the Online Threat Prevention module as used in Bitdefender Total Security allows an attacker to potentially bypass HTTP Strict Transport Security (HSTS ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:51 | 阅读:17 | 回复:0
  • CVE-2021-35206
    CVE漏洞
    CVE-2021-35206
    Gitpod before 0.6.0 allows unvalidated redirects.……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:51 | 阅读:17 | 回复:0
  • CVE-2021-35046
    CVE漏洞
    CVE-2021-35046
    A session fixation vulnerability was discovered in Ice Hrm 29.0.0 OS which allows an attacker to hijack a valid user session via a crafted session cookie.……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:51 | 阅读:9 | 回复:0
  • CVE-2021-35045
    CVE漏洞
    CVE-2021-35045
    Cross site scripting (XSS) vulnerability in Ice Hrm 29.0.0.OS, allows attackers to execute arbitrary code via the parameters to the /app/ endpoint.……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:51 | 阅读:26 | 回复:0
  • CVE-2021-34244
    CVE漏洞
    CVE-2021-34244
    A cross site request forgery (CSRF) vulnerability was discovered in Ice Hrm 29.0.0.OS which allows attackers to create new admin accounts or change users' passwords.……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:51 | 阅读:19 | 回复:0
  • CVE-2021-34243
    CVE漏洞
    CVE-2021-34243
    A stored cross site scripting (XSS) vulnerability was discovered in Ice Hrm 29.0.0.OS which allows attackers to execute arbitrary web scripts or HTML via a crafted file uploaded into the Document Mana ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:51 | 阅读:8 | 回复:0
  • CVE-2010-4816
    CVE漏洞
    CVE-2010-4816
    It was found in FreeBSD 8.0, 6.3 and 4.9, and OpenBSD 4.6 that a null pointer dereference in ftpd/popen.c may lead to remote denial of service of the ftpd service.……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:51 | 阅读:26 | 回复:0
  • CVE-2010-4266
    CVE漏洞
    CVE-2010-4266
    It was found in vanilla forums before 2.0.10 a potential linkbait vulnerability in dispatcher.……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:51 | 阅读:48 | 回复:0
  • CVE-2010-4264
    CVE漏洞
    CVE-2010-4264
    It was found in vanilla forums before 2.0.10 a cross-site scripting vulnerability where a filename could contain arbitrary code to execute on the client side.……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:51 | 阅读:9 | 回复:0
  • CVE-2021-0608
    CVE漏洞
    CVE-2021-0608
    In handleAppLaunch of AppLaunchActivity.java, there is a possible arbitrary activity launch due to a confused deputy. This could lead to local escalation of privilege with no additional execution priv ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:51 | 阅读:20 | 回复:0
  • CVE-2021-0607
    CVE漏洞
    CVE-2021-0607
    In iaxxx_calc_i2s_div of iaxxx-codec.c, there is a possible hardware port write with user controlled data due to a missing bounds check. This could lead to local escalation of privilege with no additi ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:51 | 阅读:11 | 回复:0
  • CVE-2021-0606
    CVE漏洞
    CVE-2021-0606
    In drm_syncobj_handle_to_fd of drm_syncobj.c, there is a possible use after free due to incorrect refcounting. This could lead to local escalation of privilege with System execution privileges needed. ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:51 | 阅读:12 | 回复:0
  • CVE-2021-0605
    CVE漏洞
    CVE-2021-0605
    In pfkey_dump of af_key.c, there is a possible out-of-bounds read due to a missing bounds check. This could lead to local information disclosure in the kernel with System execution privileges needed. ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:51 | 阅读:8 | 回复:0
  • CVE-2021-0553
    CVE漏洞
    CVE-2021-0553
    In onBindViewHolder of AppSwitchPreference.java, there is a possible bypass of device admin setttings due to unclear UI. This could lead to local escalation of privilege with User execution privileges ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:51 | 阅读:7 | 回复:0
  • CVE-2021-0552
    CVE漏洞
    CVE-2021-0552
    In getEndItemSliceAction of MediaOutputSlice.java, there is a possible permission bypass due to an unsafe PendingIntent. This could lead to local information disclosure with User execution privileges ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:51 | 阅读:7 | 回复:0
  • CVE-2021-0551
    CVE漏洞
    CVE-2021-0551
    In bind of MediaControlPanel.java, there is a possible way to lock up the system UI using a malicious media file due to improper input validation. This could lead to remote denial of service with no a ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:51 | 阅读:14 | 回复:0
  • CVE-2021-0550
    CVE漏洞
    CVE-2021-0550
    In onLoadFailed of AnnotateActivity.java, there is a possible way to gain WRITE_EXTERNAL_STORAGE permissions without user consent due to a confused deputy. This could lead to local escalation of privi ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:51 | 阅读:13 | 回复:0
  • CVE-2021-0549
    CVE漏洞
    CVE-2021-0549
    In sspRequestCallback of BondStateMachine.java, there is a possible leak of Bluetooth MAC addresses due to log information disclosure. This could lead to local information disclosure with System execu ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:51 | 阅读:14 | 回复:0
  • CVE-2021-0548
    CVE漏洞
    CVE-2021-0548
    In rw_i93_send_to_lower of rw_i93.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges ne ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:51 | 阅读:24 | 回复:0
  • CVE-2021-0547
    CVE漏洞
    CVE-2021-0547
    In onReceive of NetInitiatedActivity.java, there is a possible way to supply an attacker-controlled value to a GPS HAL handler due to a missing permission check. This could lead to local escalation of ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:51 | 阅读:12 | 回复:0
  • CVE-2021-0546
    CVE漏洞
    CVE-2021-0546
    In phNxpNciHal_print_res_status of phNxpNciHal.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privile ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:51 | 阅读:18 | 回复:0
  • CVE-2021-0545
    CVE漏洞
    CVE-2021-0545
    In phNxpNciHal_print_res_status of phNxpNciHal.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege in the NFC server with System ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:51 | 阅读:13 | 回复:0
  • CVE-2021-0544
    CVE漏洞
    CVE-2021-0544
    In phNxpNciHal_print_res_status of phNxpNciHal.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privile ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:51 | 阅读:15 | 回复:0
  • CVE-2021-0543
    CVE漏洞
    CVE-2021-0543
    In phNxpNciHal_process_ext_rsp of phNxpNciHal_ext.cc, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with System execution privile ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:51 | 阅读:10 | 回复:0
  • CVE-2021-0542
    CVE漏洞
    CVE-2021-0542
    In updateNotification of BeamTransferManager.java, there is a missing permission check. This could lead to local information disclosure of paired Bluetooth addresses with no additional execution privi ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:51 | 阅读:18 | 回复:0
  • CVE-2021-0541
    CVE漏洞
    CVE-2021-0541
    In phNxpNciHal_ext_process_nfc_init_rsp of phNxpNciHal_ext.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure in the NFC server w ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:51 | 阅读:16 | 回复:0
  • CVE-2021-0540
    CVE漏洞
    CVE-2021-0540
    In halWrapperDataCallback of hal_wrapper.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges ne ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:51 | 阅读:23 | 回复:0
  • CVE-2021-0539
    CVE漏洞
    CVE-2021-0539
    In archiveStoredConversation of MmsService.java, there is a possible way to archive message conversation without user consent due to a missing permission check. This could lead to local escalation of ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:51 | 阅读:26 | 回复:0
  • CVE-2021-0538
    CVE漏洞
    CVE-2021-0538
    In onCreate of EmergencyCallbackModeExitDialog.java, there is a possible exit of emergency callback mode due to a tapjacking/overlay attack. This could lead to local escalation of privilege with User ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:51 | 阅读:25 | 回复:0
  • CVE-2021-0537
    CVE漏洞
    CVE-2021-0537
    In onCreate of WiFiInstaller.java, there is a possible way to install a malicious Hotspot 2.0 configuration due to a tapjacking/overlay attack. This could lead to local escalation of privilege with Us ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:51 | 阅读:29 | 回复:0
  • CVE-2021-0536
    CVE漏洞
    CVE-2021-0536
    In dropFile of WiFiInstaller, there is a way to delete files accessible to CertInstaller due to a confused deputy. This could lead to local escalation of privilege with no additional execution privile ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:51 | 阅读:18 | 回复:0
  • CVE-2010-3446
    CVE漏洞
    CVE-2010-3446
    ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none.……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:51 | 阅读:19 | 回复:0
  • CVE-2010-3300
    CVE漏洞
    CVE-2010-3300
    It was found that all OWASP ESAPI for Java up to version 2.0 RC2 are vulnerable to padding oracle attacks.……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:51 | 阅读:27 | 回复:0
  • CVE-2010-2804
    CVE漏洞
    CVE-2010-2804
    ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Notes: none.……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:51 | 阅读:23 | 回复:0
  • CVE-2010-2525
    CVE漏洞
    CVE-2010-2525
    A flaw was discovered in gfs2 file system’s handling of acls (access control lists). An unprivileged local attacker could exploit this flaw to gain access or execute any file stored in the gfs2 file ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:51 | 阅读:23 | 回复:0

关注我们

极客给你想要的成长

关注极客中国获取最新资讯

加入Q群 官方微博
热门推荐
More+
专题导读
More+
热门话题
More+
阅读排行榜

扫描微信二维码

查看手机版网站

随时了解更新最新资讯

139-2527-9053

在线客服(服务时间 9:00~18:00)

在线QQ客服
地址:深圳市南山区西丽大学城创智工业园
电邮:jeky_zhao#qq.com
移动电话:139-2527-9053

Powered by 互联科技 X3.4© 2001-2213 极客世界.|Sitemap