漏洞 - 第782页-OGeek|极客世界-中国程序员成长平台

OGeek|极客世界-中国程序员成长平台 › 门户 ›漏洞

漏洞

RSS

下级分类:

CVE漏洞

CVE-2021-30641

Apache HTTP Server versions 2.4.39 to 2.4.46 Unexpected matching behavior with 'MergeSlashes OFF'……

作者：菜鸟教程小白 | 时间：2022-2-5 10:46 | 阅读：18 | 回复：0
CVE漏洞

CVE-2021-26691

In Apache HTTP Server versions 2.4.0 to 2.4.46 a specially crafted SessionHeader sent by an origin server could cause a heap overflow……

作者：菜鸟教程小白 | 时间：2022-2-5 10:46 | 阅读：14 | 回复：0
CVE漏洞

CVE-2021-26690

Apache HTTP Server versions 2.4.0 to 2.4.46 A specially crafted Cookie header handled by mod_session can cause a NULL pointer dereference and crash, leading to a possible Denial Of Service……

作者：菜鸟教程小白 | 时间：2022-2-5 10:46 | 阅读：27 | 回复：0
CVE漏洞

CVE-2020-35452

Apache HTTP Server versions 2.4.0 to 2.4.46 A specially crafted Digest nonce can cause a stack overflow in mod_auth_digest. There is no report of this overflow being exploitable, nor the Apache HTTP S ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:46 | 阅读：27 | 回复：0
CVE漏洞

CVE-2020-13950

Apache HTTP Server versions 2.4.41 to 2.4.46 mod_proxy_http can be made to crash (NULL pointer dereference) with specially crafted requests using both Content-Length and Transfer-Encoding headers, lea ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:46 | 阅读：20 | 回复：0
CVE漏洞

CVE-2020-13938

Apache HTTP Server versions 2.4.0 to 2.4.46 Unprivileged local users can stop httpd on Windows……

作者：菜鸟教程小白 | 时间：2022-2-5 10:46 | 阅读：25 | 回复：0
CVE漏洞

CVE-2019-17567

Apache HTTP Server versions 2.4.6 to 2.4.46 mod_proxy_wstunnel configured on an URL that is not necessarily Upgraded by the origin server was tunneling the whole connection regardless, thus allowing f ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:46 | 阅读：27 | 回复：0
CVE漏洞

CVE-2021-3588

The cli_feat_read_cb() function in src/gatt-database.c does not perform bounds checks on the 'offset' variable before using it as an index into an array for reading.……

作者：菜鸟教程小白 | 时间：2022-2-5 10:46 | 阅读：29 | 回复：0
CVE漏洞

CVE-2021-33393

lfs/backup in IPFire 2.25-core155 does not ensure that /var/ipfire/backup/bin/backup.pl is owned by the root account. It might be owned by an unprivileged account, which could potentially be used to i ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:46 | 阅读：14 | 回复：0
CVE漏洞

CVE-2021-0134

Improper input validation in an API for the Intel(R) Security Library before version 3.3 may allow a privileged user to potentially enable denial of service via network access.……

作者：菜鸟教程小白 | 时间：2022-2-5 10:46 | 阅读：19 | 回复：0
CVE漏洞

CVE-2021-0133

Key exchange without entity authentication in the Intel(R) Security Library before version 3.3 may allow an authenticated user to potentially enable escalation of privilege via network access.……

作者：菜鸟教程小白 | 时间：2022-2-5 10:46 | 阅读：14 | 回复：0
CVE漏洞

CVE-2021-0132

Missing release of resource after effective lifetime in an API for the Intel(R) Security Library before version 3.3 may allow a privileged user to potentially enable denial of service via network acce ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:46 | 阅读：16 | 回复：0
CVE漏洞

CVE-2021-0131

Use of cryptographically weak pseudo-random number generator (PRNG) in an API for the Intel(R) Security Library before version 3.3 may allow an authenticated user to potentially enable information dis ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:46 | 阅读：23 | 回复：0
CVE漏洞

CVE-2021-0129

Improper access control in BlueZ may allow an authenticated user to potentially enable information disclosure via adjacent access.……

作者：菜鸟教程小白 | 时间：2022-2-5 10:46 | 阅读：29 | 回复：0
CVE漏洞

CVE-2021-0112

Unquoted service path in the Intel Unite(R) Client for Windows before version 4.2.25031 may allow an authenticated user to potentially enable an escalation of privilege via local access.……

作者：菜鸟教程小白 | 时间：2022-2-5 10:46 | 阅读：18 | 回复：0
CVE漏洞

CVE-2021-0108

Uncontrolled search path in the Intel Unite(R) Client for Windows before version 4.2.25031 may allow an authenticated user to potentially enable an escalation of privilege via local access.……

作者：菜鸟教程小白 | 时间：2022-2-5 10:46 | 阅读：16 | 回复：0
CVE漏洞

CVE-2021-0106

Incorrect default permissions in the Intel(R) Optane(TM) DC Persistent Memory for Windows software versions before 2.00.00.3842 or 1.00.00.3515 may allow an authenticated user to potentially enable es ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:46 | 阅读：16 | 回复：0
CVE漏洞

CVE-2021-0104

Uncontrolled search path element in the installer for the Intel(R) Rapid Storage Technology software, before versions 17.9.0.34, 18.0.0.640 and 18.1.0.24, may allow an authenticated user to potentiall ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:46 | 阅读：35 | 回复：0
CVE漏洞

CVE-2021-0102

Insecure inherited permissions in the Intel Unite(R) Client for Windows before version 4.2.25031 may allow an authenticated user to potentially enable an escalation of privilege via local access.……

作者：菜鸟教程小白 | 时间：2022-2-5 10:46 | 阅读：19 | 回复：0
CVE漏洞

CVE-2021-0100

Incorrect default permissions in the installer for the Intel(R) SSD Data Center Tool, versions downloaded before 12/31/2020, may allow an authenticated user to potentially enable escalation of privile ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:46 | 阅读：12 | 回复：0
CVE漏洞

CVE-2021-0098

Improper access control in the Intel Unite(R) Client for Windows before version 4.2.25031 may allow an authenticated user to potentially enable an escalation of privilege via local access.……

作者：菜鸟教程小白 | 时间：2022-2-5 10:46 | 阅读：25 | 回复：0
CVE漏洞

CVE-2021-0094

Improper link resolution before file access in Intel(R) DSA before version 20.11.50.9 may allow an authenticated user to potentially enable an escalation of privilege via local access.……

作者：菜鸟教程小白 | 时间：2022-2-5 10:46 | 阅读：14 | 回复：0
CVE漏洞

CVE-2021-0090

Uncontrolled search path element in Intel(R) DSA before version 20.11.50.9 may allow an authenticated user to potentially enable an escalation of privilege via local access.……

作者：菜鸟教程小白 | 时间：2022-2-5 10:46 | 阅读：12 | 回复：0
CVE漏洞

CVE-2021-0089

Observable response discrepancy in some Intel(R) Processors may allow an authorized user to potentially enable information disclosure via local access.……

作者：菜鸟教程小白 | 时间：2022-2-5 10:46 | 阅读：15 | 回复：0
CVE漏洞

CVE-2021-0086

Observable response discrepancy in floating-point operations for some Intel(R) Processors may allow an authorized user to potentially enable information disclosure via local access.……

作者：菜鸟教程小白 | 时间：2022-2-5 10:46 | 阅读：7 | 回复：0
CVE漏洞

CVE-2020-28906

Incorrect File Permissions in Nagios XI 5.7.5 and earlier and Nagios Fusion 4.1.8 and earlier allows for Privilege Escalation to root. Low-privileged users are able to modify files that are included ( ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:45 | 阅读：24 | 回复：0
CVE漏洞

CVE-2020-28905

Improper Input Validation in Nagios Fusion 4.1.8 and earlier allows an authenticated attacker to execute remote code via table pagination.……

作者：菜鸟教程小白 | 时间：2022-2-5 10:45 | 阅读：22 | 回复：0
CVE漏洞

CVE-2020-28904

Execution with Unnecessary Privileges in Nagios Fusion 4.1.8 and earlier allows for Privilege Escalation as nagios via installation of a malicious component containing PHP code.……

作者：菜鸟教程小白 | 时间：2022-2-5 10:45 | 阅读：23 | 回复：0
CVE漏洞

CVE-2020-28903

Improper input validation in Nagios Fusion 4.1.8 and earlier allows a remote attacker with control over a fused server to inject arbitrary HTML, aka XSS.……

作者：菜鸟教程小白 | 时间：2022-2-5 10:45 | 阅读：19 | 回复：0
CVE漏洞

CVE-2020-28902

Command Injection in Nagios Fusion 4.1.8 and earlier allows Privilege Escalation from apache to root in cmd_subsys.php.……

作者：菜鸟教程小白 | 时间：2022-2-5 10:45 | 阅读：20 | 回复：0
CVE漏洞

CVE-2020-28901

Command Injection in Nagios Fusion 4.1.8 and earlier allows for Privilege Escalation or Code Execution as root via vectors related to corrupt component installation in cmd_subsys.php.……

作者：菜鸟教程小白 | 时间：2022-2-5 10:45 | 阅读：25 | 回复：0
CVE漏洞

CVE-2020-28900

Insufficient Verification of Data Authenticity in Nagios Fusion 4.1.8 and earlier and Nagios XI 5.7.5 and earlier allows for Escalation of Privileges or Code Execution as root via vectors related to a ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:45 | 阅读：15 | 回复：0
CVE漏洞

CVE-2020-26006

Project Worlds Online Examination System 1.0 is affected by Cross Site Scripting (XSS) via account.php.……

作者：菜鸟教程小白 | 时间：2022-2-5 10:45 | 阅读：24 | 回复：0
CVE漏洞

CVE-2020-25411

Projectworlds Online Examination System 1.0 is vulnerable to CSRF, which allows a remote attacker to delete the existing user.……

作者：菜鸟教程小白 | 时间：2022-2-5 10:45 | 阅读：20 | 回复：0
CVE漏洞

CVE-2020-25409

Projectsworlds College Management System Php 1.0 is vulnerable to SQL injection issues over multiple parameters.……

作者：菜鸟教程小白 | 时间：2022-2-5 10:45 | 阅读：20 | 回复：0
CVE漏洞

CVE-2020-25408

A Cross-Site Request Forgery (CSRF) vulnerability exists in ProjectWorlds College Management System Php 1.0 that allows a remote attacker to modify, delete, or make a new entry of the student, faculty ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:45 | 阅读：9 | 回复：0
CVE漏洞

CVE-2021-3559

A flaw was found in libvirt in the virConnectListAllNodeDevices API in versions before 7.0.0. It only affects hosts with a PCI device and driver that supports mediated devices (e.g., GRID driver). Thi ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:45 | 阅读：16 | 回复：0
CVE漏洞

CVE-2021-21989

VMware Workstation (16.x prior to 16.1.2) and Horizon Client for Windows (5.x prior to 5.5.2) contain out-of-bounds read vulnerability in the Cortado ThinPrint component (TTC Parser). A malicious acto ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:45 | 阅读：16 | 回复：0
CVE漏洞

CVE-2021-21988

VMware Workstation (16.x prior to 16.1.2) and Horizon Client for Windows (5.x prior to 5.5.2) contain out-of-bounds read vulnerability in the Cortado ThinPrint component (JPEG2000 Parser). A malicious ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:45 | 阅读：20 | 回复：0
CVE漏洞

CVE-2021-21987

VMware Workstation (16.x prior to 16.1.2) and Horizon Client for Windows (5.x prior to 5.5.2) contain out-of-bounds read vulnerability in the Cortado ThinPrint component (TTC Parser). A malicious acto ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:45 | 阅读：17 | 回复：0