• 设为首页
  • 点击收藏
  • 手机版
    手机扫一扫访问
    迪恩网络手机版
  • 关注官方公众号
    微信扫一扫关注
    迪恩网络公众号
登陆 注册
描述文字
OGeek|极客世界-中国程序员成长平台 门户 漏洞

漏洞

RSS

下级分类:

  • CVE-2020-26559
    CVE漏洞
    CVE-2020-26559
    Bluetooth Mesh Provisioning in the Bluetooth Mesh profile 1.0 and 1.0.1 may permit a nearby device (participating in the provisioning protocol) to identify the AuthValue used given the Provisioner’s ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:46 | 阅读:21 | 回复:0
  • CVE-2020-26558
    CVE漏洞
    CVE-2020-26558
    Bluetooth LE and BR/EDR secure pairing in Bluetooth Core Specification 2.1 through 5.2 may permit a nearby man-in-the-middle attacker to identify the Passkey used during pairing (in the Passkey authen ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:46 | 阅读:32 | 回复:0
  • CVE-2020-26557
    CVE漏洞
    CVE-2020-26557
    Mesh Provisioning in the Bluetooth Mesh profile 1.0 and 1.0.1 may permit a nearby device (without possession of the AuthValue used in the provisioning protocol) to determine the AuthValue via a brute- ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:46 | 阅读:11 | 回复:0
  • CVE-2020-26556
    CVE漏洞
    CVE-2020-26556
    Mesh Provisioning in the Bluetooth Mesh profile 1.0 and 1.0.1 may permit a nearby device, able to conduct a successful brute-force attack on an insufficiently random AuthValue before the provisioning ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:46 | 阅读:16 | 回复:0
  • CVE-2020-26555
    CVE漏洞
    CVE-2020-26555
    Bluetooth legacy BR/EDR PIN code pairing in Bluetooth Core Specification 1.0B through 5.2 may permit an unauthenticated nearby device to spoof the BD_ADDR of the peer device to complete pairing withou ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:46 | 阅读:12 | 回复:0
  • CVE-2020-21041
    CVE漏洞
    CVE-2020-21041
    Buffer Overflow vulnerability exists in FFmpeg 4.1 via apng_do_inverse_blend in libavcodec/pngenc.c, which could let a remote malicious user cause a Denial of Service……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:46 | 阅读:26 | 回复:0
  • CVE-2020-20907
    CVE漏洞
    CVE-2020-20907
    MetInfo 7.0 beta is affected by a file modification vulnerability. Attackers can delete and modify ini files in app/system/language/admin/language_general.class.php and app/system/include/function/fil ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:46 | 阅读:19 | 回复:0
  • CVE-2021-32624
    CVE漏洞
    CVE-2021-32624
    Keystone 5 is an open source CMS platform to build Node.js applications. This security advisory relates to a newly discovered capability in our query infrastructure to directly or indirectly expose th ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:46 | 阅读:12 | 回复:0
  • CVE-2021-33502
    CVE漏洞
    CVE-2021-33502
    The normalize-url package before 4.5.1, 5.x before 5.3.1, and 6.x before 6.0.1 for Node.js has a ReDoS (regular expression denial of service) issue because it has exponential performance for data: URL ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:46 | 阅读:13 | 回复:0
  • CVE-2021-32629
    CVE漏洞
    CVE-2021-32629
    Cranelift is an open-source code generator maintained by Bytecode Alliance. It translates a target-independent intermediate representation into executable machine code. There is a bug in 0.73 of the C ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:46 | 阅读:17 | 回复:0
  • CVE-2021-29300
    CVE漏洞
    CVE-2021-29300
    The @ronomon/opened library before 1.5.2 is vulnerable to a command injection vulnerability which would allow a remote attacker to execute commands on the system if the library was used with untrusted ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:46 | 阅读:19 | 回复:0
  • CVE-2019-12348
    CVE漏洞
    CVE-2019-12348
    An issue was discovered in zzcms 2019. SQL Injection exists in user/ztconfig.php via the daohang or img POST parameter.……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:46 | 阅读:37 | 回复:0
  • CVE-2021-33516
    CVE漏洞
    CVE-2021-33516
    An issue was discovered in GUPnP before 1.0.7 and 1.1.x and 1.2.x before 1.2.5. It allows DNS rebinding. A remote web server can exploit this vulnerability to trick a victim's browser into trigger ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:46 | 阅读:24 | 回复:0
  • CVE-2021-3485
    CVE漏洞
    CVE-2021-3485
    An Improper Input Validation vulnerability in the Product Update feature of Bitdefender Endpoint Security Tools for Linux allows a man-in-the-middle attacker to abuse the DownloadFile function of the ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:46 | 阅读:17 | 回复:0
  • CVE-2021-20557
    CVE漏洞
    CVE-2021-20557
    IBM Security Guardium 11.2 could allow a remote authenticated attacker to execute arbitrary commands on the system by sending a specially crafted request. IBM X-Force ID: 199184.……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:46 | 阅读:26 | 回复:0
  • CVE-2021-20428
    CVE漏洞
    CVE-2021-20428
    IBM Security Guardium 11.2 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further a ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:46 | 阅读:15 | 回复:0
  • CVE-2021-20426
    CVE漏洞
    CVE-2021-20426
    IBM Security Guardium 11.2 contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound authentication, outbound communication to external components, or ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:46 | 阅读:19 | 回复:0
  • CVE-2021-20419
    CVE漏洞
    CVE-2021-20419
    IBM Security Guardium 11.2 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 196280.……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:46 | 阅读:17 | 回复:0
  • CVE-2021-20389
    CVE漏洞
    CVE-2021-20389
    IBM Security Guardium 11.2 stores user credentials in plain clear text which can be read by a local user. IBM X-Force ID: 195770.……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:46 | 阅读:17 | 回复:0
  • CVE-2021-20386
    CVE漏洞
    CVE-2021-20386
    IBM Security Guardium 11.2 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:46 | 阅读:18 | 回复:0
  • CVE-2021-20385
    CVE漏洞
    CVE-2021-20385
    IBM Security Guardium 11.2 could allow a remote authenticated attacker to execute arbitrary commands on the system. By sending a specially-crafted request, an attacker could exploit this vulnerability ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:46 | 阅读:22 | 回复:0
  • CVE-2020-4990
    CVE漏洞
    CVE-2020-4990
    IBM Security Guardium 11.2 is vulnerable to SQL injection. A remote attacker could send specially crafted SQL statements, which could allow the attacker to view, add, modify or delete information in t ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:46 | 阅读:15 | 回复:0
  • CVE-2021-32075
    CVE漏洞
    CVE-2021-32075
    Re-Logic Terraria before 1.4.2.3 performs Insecure Deserialization.……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:46 | 阅读:23 | 回复:0
  • CVE-2020-28911
    CVE漏洞
    CVE-2020-28911
    Incorrect Access Control in Nagios Fusion 4.1.8 and earlier allows low-privileged authenticated users to extract passwords used to manage fused servers via the test_server command in ajaxhelper.php.……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:46 | 阅读:17 | 回复:0
  • CVE-2020-28910
    CVE漏洞
    CVE-2020-28910
    Creation of a Temporary Directory with Insecure Permissions in Nagios XI 5.7.5 and earlier allows for Privilege Escalation via creation of symlinks, which are mishandled in getprofile.sh.……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:46 | 阅读:13 | 回复:0
  • CVE-2020-28909
    CVE漏洞
    CVE-2020-28909
    Incorrect File Permissions in Nagios Fusion 4.1.8 and earlier allows for Privilege Escalation to root via modification of scripts. Low-privileges users are able to modify files that can be executed by ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:46 | 阅读:21 | 回复:0
  • CVE-2020-28908
    CVE漏洞
    CVE-2020-28908
    Command Injection in Nagios Fusion 4.1.8 and earlier allows for Privilege Escalation to nagios.……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:46 | 阅读:18 | 回复:0
  • CVE-2020-28907
    CVE漏洞
    CVE-2020-28907
    Incorrect SSL certificate validation in Nagios Fusion 4.1.8 and earlier allows for Escalation of Privileges or Code Execution as root via vectors related to download of an untrusted update package in ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:46 | 阅读:14 | 回复:0
  • CVE-2021-29754
    CVE漏洞
    CVE-2021-29754
    IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 is vulnerable to a privilege escalation vulnerability when using the SAML Web Inbound Trust Association Interceptor (TAI). IBM X-Force ID: 20200 ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:46 | 阅读:24 | 回复:0
  • CVE-2021-28689
    CVE漏洞
    CVE-2021-28689
    x86: Speculative vulnerabilities with bare (non-shim) 32-bit PV guests 32-bit x86 PV guest kernels run in ring 1. At the time when Xen was developed, this area of the i386 architecture was rarely used ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:46 | 阅读:12 | 回复:0
  • CVE-2021-28687
    CVE漏洞
    CVE-2021-28687
    HVM soft-reset crashes toolstack libxl requires all data structures passed across its public interface to be initialized before use and disposed of afterwards by calling a specific set of functions. M ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:46 | 阅读:22 | 回复:0
  • CVE-2021-25425
    CVE漏洞
    CVE-2021-25425
    Improper check vulnerability in Samsung Health prior to version 6.17 allows attacker to read internal cache data via exported component.……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:46 | 阅读:17 | 回复:0
  • CVE-2021-25424
    CVE漏洞
    CVE-2021-25424
    Improper authentication vulnerability in Tizen bluetooth-frwk prior to Firmware update JUN-2021 Release allows bluetooth attacker to take over the user's bluetooth device without user awareness. ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:46 | 阅读:15 | 回复:0
  • CVE-2021-25423
    CVE漏洞
    CVE-2021-25423
    Improper log management vulnerability in Watch Active2 PlugIn prior to 2.2.08.21033151 version allows attacker with log permissions to leak Wi-Fi password connected to the user smartphone via log.……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:46 | 阅读:17 | 回复:0
  • CVE-2021-25422
    CVE漏洞
    CVE-2021-25422
    Improper log management vulnerability in Watch Active PlugIn prior to version 2.2.07.21033151 allows attacker with log permissions to leak Wi-Fi password connected to the user smartphone within log.……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:46 | 阅读:17 | 回复:0
  • CVE-2021-25421
    CVE漏洞
    CVE-2021-25421
    Improper log management vulnerability in Galaxy Watch3 PlugIn prior to version 2.2.09.21033151 allows attacker with log permissions to leak Wi-Fi password connected to the user smartphone within log.……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:46 | 阅读:6 | 回复:0
  • CVE-2021-25420
    CVE漏洞
    CVE-2021-25420
    Improper log management vulnerability in Galaxy Watch PlugIn prior to version 2.2.05.21033151 allows attacker with log permissions to leak Wi-Fi password connected to the user smartphone within log.……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:46 | 阅读:6 | 回复:0
  • CVE-2021-25419
    CVE漏洞
    CVE-2021-25419
    Non-compliance of recommended secure coding scheme in Samsung Internet prior to version 14.0.1.62 allows attackers to display fake URL in address bar via phising URL link.……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:46 | 阅读:14 | 回复:0
  • CVE-2021-25418
    CVE漏洞
    CVE-2021-25418
    Improper component protection vulnerability in Samsung Internet prior to version 14.0.1.62 allows untrusted applications to execute arbitrary activity in specific condition.……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:46 | 阅读:34 | 回复:0
  • CVE-2021-25417
    CVE漏洞
    CVE-2021-25417
    Improper authorization in SDP SDK prior to SMR JUN-2021 Release 1 allows access to internal storage.……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:46 | 阅读:21 | 回复:0

关注我们

极客给你想要的成长

关注极客中国获取最新资讯

加入Q群 官方微博
热门推荐
More+
专题导读
More+
热门话题
More+
阅读排行榜

扫描微信二维码

查看手机版网站

随时了解更新最新资讯

139-2527-9053

在线客服(服务时间 9:00~18:00)

在线QQ客服
地址:深圳市南山区西丽大学城创智工业园
电邮:jeky_zhao#qq.com
移动电话:139-2527-9053

Powered by 互联科技 X3.4© 2001-2213 极客世界.|Sitemap