漏洞 - 第762页-OGeek|极客世界-中国程序员成长平台

OGeek|极客世界-中国程序员成长平台 › 门户 ›漏洞

漏洞

RSS

下级分类:

CVE漏洞

CVE-2021-29628

In FreeBSD 13.0-STABLE before n245764-876ffe28796c, 12.2-STABLE before r369857, 13.0-RELEASE before p1, and 12.2-RELEASE before p7, a system call triggering a fault could cause SMAP protections to be ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:48 | 阅读：7 | 回复：0
CVE漏洞

CVE-2020-1729

A flaw was found in SmallRye's API through version 1.6.1. The API can allow other code running within the application server to potentially obtain the ClassLoader, bypassing any permissions checks ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:48 | 阅读：8 | 回复：0
CVE漏洞

CVE-2020-1716

A flaw was found in the ceph-ansible playbook where it contained hardcoded passwords that were being used as default passwords while deploying Ceph services. Any authenticated attacker can abuse this ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:48 | 阅读：12 | 回复：0
CVE漏洞

CVE-2010-3843

The GTK version of ettercap uses a global settings file at /tmp/.ettercap_gtk and does not verify ownership of this file. When parsing this file for settings in gtkui_conf_read() (src/interfacesgtk/ec ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:48 | 阅读：11 | 回复：0
CVE漏洞

CVE-2021-33620

Squid before 4.15 and 5.x before 5.0.6 allows remote servers to cause a denial of service (affecting availability to all clients) via an HTTP response. The issue trigger is a header that can be expect ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:48 | 阅读：17 | 回复：0
CVE漏洞

CVE-2021-27032

Autodesk Licensing Installer was found to be vulnerable to privilege escalation issues. A malicious user with limited privileges could run any number of tools on a system to identify services that are ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:48 | 阅读：9 | 回复：0
CVE漏洞

CVE-2021-21734

Some PON MDU devices of ZTE stored sensitive information in plaintext, and users with login authority can obtain it by inputing command. This affects: ZTE PON MDU device ZXA10 F821 V1.7.0P3T22, ZXA10 ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:48 | 阅读：12 | 回复：0
CVE漏洞

CVE-2021-33591

An exposed remote debugging port in Naver Comic Viewer prior to 1.0.15.0 allowed a remote attacker to execute arbitrary code via a crafted HTML page.……

作者：菜鸟教程小白 | 时间：2022-2-5 10:48 | 阅读：7 | 回复：0
CVE漏洞

CVE-2021-20292

There is a flaw reported in the Linux kernel in versions before 5.9 in drivers/gpu/drm/nouveau/nouveau_sgdma.c in nouveau_sgdma_create_ttm in Nouveau DRM subsystem. The issue results from the lack of ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:48 | 阅读：15 | 回复：0
CVE漏洞

CVE-2021-20278

An authentication bypass vulnerability was found in Kiali in versions before 1.31.0 when the authentication strategy `OpenID` is used. When RBAC is enabled, Kiali assumes that some of the token valida ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:48 | 阅读：13 | 回复：0
CVE漏洞

CVE-2021-20240

A flaw was found in gdk-pixbuf in versions before 2.42.0. An integer wraparound leading to an out of bounds write can occur when a crafted GIF image is loaded. An attacker may cause applications to cr ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:48 | 阅读：11 | 回复：0
CVE漏洞

CVE-2021-20239

A flaw was found in the Linux kernel in versions before 5.4.92 in the BPF protocol. This flaw allows an attacker with a local account to leak information about kernel internal addresses. The highest t ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:48 | 阅读：10 | 回复：0
CVE漏洞

CVE-2021-20237

An uncontrolled resource consumption (memory leak) flaw was found in ZeroMQ's src/xpub.cpp in versions before 4.3.3. This flaw allows a remote unauthenticated attacker to send crafted PUB messages ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:48 | 阅读：14 | 回复：0
CVE漏洞

CVE-2021-20236

A flaw was found in the ZeroMQ server in versions before 4.3.3. This flaw allows a malicious client to cause a stack buffer overflow on the server by sending crafted topic subscription requests and th ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:48 | 阅读：9 | 回复：0
CVE漏洞

CVE-2021-20201

A flaw was found in spice in versions before 0.14.92. A DoS tool might make it easier for remote attackers to cause a denial of service (CPU consumption) by performing many renegotiations within a sin ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:48 | 阅读：11 | 回复：0
CVE漏洞

CVE-2021-20195

A flaw was found in keycloak in versions before 13.0.0. A Self Stored XSS attack vector escalating to a complete account takeover is possible due to user-supplied data fields not being properly encode ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:48 | 阅读：14 | 回复：0
CVE漏洞

CVE-2020-35506

A use-after-free vulnerability was found in the am53c974 SCSI host bus adapter emulation of QEMU in versions before 6.0.0 during the handling of the 'Information Transfer' command (CMD_TI). Th ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:48 | 阅读：24 | 回复：0
CVE漏洞

CVE-2020-35505

A NULL pointer dereference flaw was found in the am53c974 SCSI host bus adapter emulation of QEMU in versions before 6.0.0. This issue occurs while handling the 'Information Transfer' command. ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:48 | 阅读：21 | 回复：0
CVE漏洞

CVE-2020-35504

A NULL pointer dereference flaw was found in the SCSI emulation support of QEMU in versions before 6.0.0. This flaw allows a privileged guest user to crash the QEMU process on the host, resulting in a ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:48 | 阅读：22 | 回复：0
CVE漏洞

CVE-2020-27847

A vulnerability exists in the SAML connector of the github.com/dexidp/dex library used to process SAML Signature Validation. This flaw allows an attacker to bypass SAML authentication. The highest thr ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:48 | 阅读：17 | 回复：0
CVE漏洞

CVE-2020-27826

A flaw was found in Keycloak before version 12.0.0 where it is possible to update the user's metadata attributes using Account REST API. This flaw allows an attacker to change its own NameID attri ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:48 | 阅读：16 | 回复：0
CVE漏洞

CVE-2020-25715

A flaw was found in pki-core 10.9.0. A specially crafted POST request can be used to reflect a DOM-based cross-site scripting (XSS) attack to inject code into the search query form which can get autom ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:48 | 阅读：11 | 回复：0
CVE漏洞

CVE-2020-25710

A flaw was found in OpenLDAP in versions before 2.4.56. This flaw allows an attacker who sends a malicious packet processed by OpenLDAP to force a failed assertion in csnNormalize23(). The highest thr ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:48 | 阅读：14 | 回复：0
CVE漏洞

CVE-2021-32543

The CTS Web transaction system related to authentication management is implemented incorrectly. After login, remote attackers can manipulate cookies to access other accounts and trade in the stock mar ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:48 | 阅读：32 | 回复：0
CVE漏洞

CVE-2021-32542

The parameters of the specific functions in the CTS Web trading system do not filter special characters, which allows unauthenticated attackers can remotely perform reflected XSS and obtain the users ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:48 | 阅读：31 | 回复：0
CVE漏洞

CVE-2021-32541

The CTS Web transaction system related to authentication and session management is implemented incorrectly, which allows remote unauthenticated attackers can send a large number of valid usernames, an ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:48 | 阅读：20 | 回复：0
CVE漏洞

CVE-2021-32540

Add announcement function in the 101EIP system does not filter special characters, which allows authenticated users to inject JavaScript and perform a stored XSS attack.……

作者：菜鸟教程小白 | 时间：2022-2-5 10:48 | 阅读：20 | 回复：0
CVE漏洞

CVE-2021-32539

Add event in calendar function in the 101EIP system does not filter special characters in specific fields, which allows remote authenticated users to inject JavaScript and perform a stored XSS attack.……

作者：菜鸟教程小白 | 时间：2022-2-5 10:48 | 阅读：14 | 回复：0
CVE漏洞

CVE-2021-33408

Local File Inclusion vulnerability in Ab Initio ControlCenter before 4.0.2.6 allows remote attackers to retrieve arbitrary files. Fixed in v4.0.2.6 and v4.0.3.1.……

作者：菜鸟教程小白 | 时间：2022-2-5 10:48 | 阅读：10 | 回复：0
CVE漏洞

CVE-2021-27852

Deserialization of Untrusted Data vulnerability in CheckboxWeb.dll of Checkbox Survey allows an unauthenticated remote attacker to execute arbitrary code. This issue affects: Checkbox Survey versions ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:48 | 阅读：8 | 回复：0
CVE漏洞

CVE-2020-15465

** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2020. Notes: none.……

作者：菜鸟教程小白 | 时间：2022-2-5 10:48 | 阅读：12 | 回复：0
CVE漏洞

CVE-2020-15464

** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2020. Notes: none.……

作者：菜鸟教程小白 | 时间：2022-2-5 10:48 | 阅读：16 | 回复：0
CVE漏洞

CVE-2020-15463

** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2020. Notes: none.……

作者：菜鸟教程小白 | 时间：2022-2-5 10:48 | 阅读：12 | 回复：0
CVE漏洞

CVE-2020-15462

** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2020. Notes: none.……

作者：菜鸟教程小白 | 时间：2022-2-5 10:48 | 阅读：16 | 回复：0
CVE漏洞

CVE-2020-15461

** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2020. Notes: none.……

作者：菜鸟教程小白 | 时间：2022-2-5 10:48 | 阅读：17 | 回复：0
CVE漏洞

CVE-2020-15460

** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2020. Notes: none.……

作者：菜鸟教程小白 | 时间：2022-2-5 10:48 | 阅读：11 | 回复：0
CVE漏洞

CVE-2020-15459

** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2020. Notes: none.……

作者：菜鸟教程小白 | 时间：2022-2-5 10:48 | 阅读：10 | 回复：0
CVE漏洞

CVE-2020-15458

** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2020. Notes: none.……

作者：菜鸟教程小白 | 时间：2022-2-5 10:48 | 阅读：14 | 回复：0
CVE漏洞

CVE-2020-15457

** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2020. Notes: none.……

作者：菜鸟教程小白 | 时间：2022-2-5 10:48 | 阅读：15 | 回复：0
CVE漏洞

CVE-2020-15456

** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2020. Notes: none.……

作者：菜鸟教程小白 | 时间：2022-2-5 10:48 | 阅读：17 | 回复：0