漏洞 - 第786页-OGeek|极客世界-中国程序员成长平台

OGeek|极客世界-中国程序员成长平台 › 门户 ›漏洞

漏洞

RSS

下级分类:

CVE漏洞

CVE-2020-21053

Cross Site Scriptiong (XSS) vulnerability exists in FusionPBX 4.5.7 allows remote malicious users to inject arbitrary web script or HTML via an unsanitized query_string variable in app\devices\device_ ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:45 | 阅读：24 | 回复：0
CVE漏洞

CVE-2021-3438

A potential buffer overflow in the software drivers for certain HP LaserJet products and Samsung product printers could lead to an escalation of privilege.……

作者：菜鸟教程小白 | 时间：2022-2-5 10:45 | 阅读：27 | 回复：0
CVE漏洞

CVE-2021-28112

Draeger X-Dock Firmware before 03.00.13 has Active Debug Code on a debug port, leading to remote code execution by an authenticated attacker.……

作者：菜鸟教程小白 | 时间：2022-2-5 10:45 | 阅读：23 | 回复：0
CVE漏洞

CVE-2021-28111

Draeger X-Dock Firmware before 03.00.13 has Hard-Coded Credentials, leading to remote code execution by an authenticated attacker.……

作者：菜鸟教程小白 | 时间：2022-2-5 10:45 | 阅读：36 | 回复：0
CVE漏洞

CVE-2021-27434

Products with Unified Automation .NET based OPC UA Client/Server SDK Bundle: Versions V3.0.7 and prior (.NET 4.5, 4.0, and 3.5 Framework versions only) are vulnerable to an uncontrolled recursion, whi ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:45 | 阅读：55 | 回复：0
CVE漏洞

CVE-2021-25930

In OpenNMS Horizon, versions opennms-1-0-stable through opennms-27.1.0-1; OpenNMS Meridian, versions meridian-foundation-2015.1.0-1 through meridian-foundation-2019.1.18-1; meridian-foundation-2020.1. ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:45 | 阅读：15 | 回复：0
CVE漏洞

CVE-2020-24396

homee Brain Cube v2 (2.28.2 and 2.28.4) devices have sensitive SSH keys within downloadable and unencrypted firmware images. This allows remote attackers to use the support server as a SOCKS proxy.……

作者：菜鸟教程小白 | 时间：2022-2-5 10:45 | 阅读：26 | 回复：0
CVE漏洞

CVE-2020-24395

The USB firmware update script of homee Brain Cube v2 (2.28.2 and 2.28.4) devices allows an attacker with physical access to install compromised firmware. This occurs because of insufficient validatio ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:45 | 阅读：28 | 回复：0
CVE漏洞

CVE-2021-3536

A flaw was found in Wildfly in versions before 23.0.2.Final while creating a new role in domain mode via the admin console, it is possible to add a payload in the name field, leading to XSS. This affe ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:45 | 阅读：17 | 回复：0
CVE漏洞

CVE-2021-3480

A flaw was found in slapi-nis in versions before 0.56.7. A NULL pointer dereference during the parsing of the Binding DN could allow an unauthenticated attacker to crash the 389-ds-base directory serv ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:45 | 阅读：13 | 回复：0
CVE漏洞

CVE-2021-3426

There's a flaw in Python 3's pydoc. A local or adjacent attacker who discovers or is able to convince another local or adjacent user to start a pydoc server could access the server and use it ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:45 | 阅读：19 | 回复：0
CVE漏洞

CVE-2021-29659

ownCloud 10.7 has an incorrect access control vulnerability, leading to remote information disclosure. Due to a bug in the related API endpoint, the attacker can enumerate all users in a single reques ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:45 | 阅读：20 | 回复：0
CVE漏洞

CVE-2021-27467

A vulnerability has been found in multiple revisions of Emerson Rosemount X-STREAM Gas Analyzer. The affected product’s web interface allows an attacker to route click or keystroke to another page pr ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:45 | 阅读：29 | 回复：0
CVE漏洞

CVE-2021-27465

A vulnerability has been found in multiple revisions of Emerson Rosemount X-STREAM Gas Analyzer. The affected applications do not validate webpage input, which could allow an attacker to inject arbitr ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:45 | 阅读：17 | 回复：0
CVE漏洞

CVE-2021-27463

A vulnerability has been found in multiple revisions of Emerson Rosemount X-STREAM Gas Analyzer. The affected applications utilize persistent cookies where the session cookie attribute is not properly ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:45 | 阅读：12 | 回复：0
CVE漏洞

CVE-2021-27461

A vulnerability has been found in multiple revisions of Emerson Rosemount X-STREAM Gas Analyzer. The affected webserver applications allow access to stored data that can be obtained by using specially ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:45 | 阅读：10 | 回复：0
CVE漏洞

CVE-2021-27459

A vulnerability has been found in multiple revisions of Emerson Rosemount X-STREAM Gas Analyzer. The webserver of the affected products allows unvalidated files to be uploaded, which an attacker could ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:45 | 阅读：11 | 回复：0
CVE漏洞

CVE-2021-27457

A vulnerability has been found in multiple revisions of Emerson Rosemount X-STREAM Gas Analyzer. The affected products utilize a weak encryption algorithm for storage of sensitive data, which may allo ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:45 | 阅读：9 | 回复：0
CVE漏洞

CVE-2020-15522

Bouncy Castle BC Java before 1.66, BC C# .NET before 1.8.7, BC-FJA before 1.0.1.2, 1.0.2.1, and BC-FNA before 1.0.1.1 have a timing issue within the EC math library that can expose information about t ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:45 | 阅读：6 | 回复：0
CVE漏洞

CVE-2021-20721

KonaWiki2 versions prior to 2.2.4 allows a remote attacker to upload arbitrary files via unspecified vectors. If the file contains PHP scripts, arbitrary code may be executed.……

作者：菜鸟教程小白 | 时间：2022-2-5 10:45 | 阅读：9 | 回复：0
CVE漏洞

CVE-2021-20720

SQL injection vulnerability in the KonaWiki2 versions prior to 2.2.4 allows remote attackers to execute arbitrary SQL commands and to obtain/alter the information stored in the database via unspecifie ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:45 | 阅读：5 | 回复：0
CVE漏洞

CVE-2021-20719

RFNTPS firmware versions System_01000004 and earlier, and Web_01000004 and earlier allow an attacker on the same network segment to execute arbitrary OS commands with a root privilege via unspecified ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:45 | 阅读：12 | 回复：0
CVE漏洞

CVE-2021-0077

Insecure inherited permissions in the installer for the Intel(R) VTune(TM) Profiler before version 2021.1.1 may allow an authenticated user to potentially enable escalation of privilege via local acce ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:45 | 阅读：13 | 回复：0
CVE漏洞

CVE-2021-0074

Improper permissions in the installer for the Intel(R) Computing Improvement Program software before version 2.4.5982 may allow an authenticated user to potentially enable escalation of privilege via ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:45 | 阅读：21 | 回复：0
CVE漏洞

CVE-2021-0073

Insufficient control flow management in Intel(R) DSA before version 20.11.50.9 may allow an authenticated user to potentially enable escalation of privilege via local access.……

作者：菜鸟教程小白 | 时间：2022-2-5 10:45 | 阅读：13 | 回复：0
CVE漏洞

CVE-2021-0067

nbsp;Improper access control in system firmware for some Intel(R) NUCs may allow a privileged user to potentially enable escalation of privilege via local access.……

作者：菜鸟教程小白 | 时间：2022-2-5 10:45 | 阅读：23 | 回复：0
CVE漏洞

CVE-2021-0058

Incorrect default permissions in the Intel(R) NUC M15 Laptop Kit Driver Pack software before updated version 1.1 may allow an authenticated user to potentially enable escalation of privilege via local ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:45 | 阅读：10 | 回复：0
CVE漏洞

CVE-2021-0057

Uncontrolled search path in the Intel(R) NUC M15 Laptop Kit Driver Pack software before updated version 1.1 may allow an authenticated user to potentially enable escalation of privilege via local acce ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:45 | 阅读：8 | 回复：0
CVE漏洞

CVE-2021-0056

Insecure inherited permissions for the Intel(R) NUC M15 Laptop Kit Driver Pack software before updated version 1.1 may allow an authenticated user to potentially enable escalation of privilege via loc ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:45 | 阅读：13 | 回复：0
CVE漏洞

CVE-2021-0055

Insecure inherited permissions for some Intel(R) NUC 9 Extreme Laptop Kit LAN Drivers before version 10.42 may allow an authenticated user to potentially enable escalation of privilege via local acces ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:45 | 阅读：18 | 回复：0
CVE漏洞

CVE-2021-0054

Improper buffer restrictions in system firmware for some Intel(R) NUCs may allow a privileged user to potentially enable escalation of privilege via local access.……

作者：菜鸟教程小白 | 时间：2022-2-5 10:45 | 阅读：13 | 回复：0
CVE漏洞

CVE-2021-0052

Incorrect default privileges in the Intel(R) Computing Improvement Program before version 2.4.6522 may allow an authenticated user to potentially enable an escalation of privilege via local access.……

作者：菜鸟教程小白 | 时间：2022-2-5 10:45 | 阅读：5 | 回复：0
CVE漏洞

CVE-2021-0051

Improper input validation in the Intel(R) SPS versions before SPS_E5_04.04.04.023.0, SPS_E5_04.04.03.228.0 or SPS_SoC-A_05.00.03.098.0 may allow a privileged user to potentially enable denial of servi ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:45 | 阅读：13 | 回复：0
CVE漏洞

CVE-2021-0001

Observable timing discrepancy in Intel(R) IPP before version 2020 update 1 may allow authorized user to potentially enable information disclosure via local access.……

作者：菜鸟教程小白 | 时间：2022-2-5 10:45 | 阅读：8 | 回复：0
CVE漏洞

CVE-2020-24489

Incomplete cleanup in some Intel(R) VT-d products may allow an authenticated user to potentially enable escalation of privilege via local access.……

作者：菜鸟教程小白 | 时间：2022-2-5 10:45 | 阅读：5 | 回复：0
CVE漏洞

CVE-2020-24475

Improper initialization in the BMC firmware for some Intel(R) Server Boards, Server Systems and Compute Modules before version 2.48.ce3e3bd2 may allow an authenticated user to potentially enable denia ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:45 | 阅读：5 | 回复：0
CVE漏洞

CVE-2020-24474

Buffer overflow in the BMC firmware for some Intel(R) Server Boards, Server Systems and Compute Modules before version 2.48.ce3e3bd2 may allow an authenticated user to potentially enable escalation of ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:45 | 阅读：11 | 回复：0
CVE漏洞

CVE-2020-24473

Out of bounds write in the BMC firmware for some Intel(R) Server Boards, Server Systems and Compute Modules before version 2.48.ce3e3bd2 may allow an authenticated user to potentially enable escalatio ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:45 | 阅读：18 | 回复：0
CVE漏洞

CVE-2021-33894

In Progress MOVEit Transfer before 2019.0.6 (11.0.6), 2019.1.x before 2019.1.5 (11.1.5), 2019.2.x before 2019.2.2 (11.2.2), 2020.x before 2020.0.5 (12.0.5), 2020.1.x before 2020.1.4 (12.1.4), and 2021 ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:45 | 阅读：19 | 回复：0
CVE漏洞

CVE-2021-29049

Cross-site scripting (XSS) vulnerability in the Portal Workflow module's edit process page in Liferay DXP 7.0 before fix pack 99, 7.1 before fix pack 23, 7.2 before fix pack 12 and 7.3 before fix ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:45 | 阅读：14 | 回复：0