漏洞 - 第789页-OGeek|极客世界-中国程序员成长平台

OGeek|极客世界-中国程序员成长平台 › 门户 ›漏洞

漏洞

RSS

下级分类:

CVE漏洞

CVE-2021-27635

SAP NetWeaver AS for JAVA, versions - 7.20, 7.30, 7.31, 7.40, 7.50, allows an attacker authenticated as an administrator to connect over a network and submit a specially crafted XML file in the applic ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:45 | 阅读：6 | 回复：0
CVE漏洞

CVE-2021-27634

SAP NetWeaver AS for ABAP (RFC Gateway), versions - KRNL32NUC - 7.22,7.22EXT, KRNL64NUC - 7.22,7.22EXT,7.49, KRNL64UC - 8.04,7.22,7.22EXT,7.49,7.53,7.73, KERNEL - 7.22,8.04,7.49,7.53,7.73,7.77,7.81,7. ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:45 | 阅读：14 | 回复：0
CVE漏洞

CVE-2021-27633

SAP NetWeaver AS for ABAP (RFC Gateway), versions - KRNL32NUC - 7.22,7.22EXT, KRNL64NUC - 7.22,7.22EXT,7.49, KRNL64UC - 8.04,7.22,7.22EXT,7.49,7.53,7.73, KERNEL - 7.22,8.04,7.49,7.53,7.73,7.77,7.81,7. ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:45 | 阅读：9 | 回复：0
CVE漏洞

CVE-2021-27632

SAP NetWeaver ABAP Server and ABAP Platform (Enqueue Server), versions - KRNL32NUC - 7.22,7.22EXT, KRNL64NUC - 7.22,7.22EXT,7.49, KRNL64UC - 8.04,7.22,7.22EXT,7.49,7.53,7.73, KERNEL - 7.22,8.04,7.49,7 ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:45 | 阅读：12 | 回复：0
CVE漏洞

CVE-2021-27631

SAP NetWeaver ABAP Server and ABAP Platform (Enqueue Server), versions - KRNL32NUC - 7.22,7.22EXT, KRNL64NUC - 7.22,7.22EXT,7.49, KRNL64UC - 8.04,7.22,7.22EXT,7.49,7.53,7.73, KERNEL - 7.22,8.04,7.49,7 ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:45 | 阅读：7 | 回复：0
CVE漏洞

CVE-2021-27630

SAP NetWeaver ABAP Server and ABAP Platform (Enqueue Server), versions - KRNL32NUC - 7.22,7.22EXT, KRNL64NUC - 7.22,7.22EXT,7.49, KRNL64UC - 8.04,7.22,7.22EXT,7.49,7.53,7.73, KERNEL - 7.22,8.04,7.49,7 ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:45 | 阅读：9 | 回复：0
CVE漏洞

CVE-2021-27629

SAP NetWeaver ABAP Server and ABAP Platform (Enqueue Server), versions - KRNL32NUC - 7.22,7.22EXT, KRNL64NUC - 7.22,7.22EXT,7.49, KRNL64UC - 8.04,7.22,7.22EXT,7.49,7.53,7.73, KERNEL - 7.22,8.04,7.49,7 ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:45 | 阅读：5 | 回复：0
CVE漏洞

CVE-2021-27628

SAP NetWeaver ABAP Server and ABAP Platform (Dispatcher), versions - KRNL32NUC - 7.22,7.22EXT, KRNL32UC - 7.22,7.22EXT, KRNL64NUC - 7.22,7.22EXT,7.49, KRNL64UC - 8.04,7.22,7.22EXT,7.49,7.53,7.73, KERN ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:45 | 阅读：7 | 回复：0
CVE漏洞

CVE-2021-27627

SAP Internet Graphics Service, versions - 7.20,7.20EXT,7.53,7.20_EX2,7.81, allows an unauthenticated attacker after retrieving an existing system state value can submit a malicious IGS request over a ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:45 | 阅读：10 | 回复：0
CVE漏洞

CVE-2021-27626

SAP Internet Graphics Service, versions - 7.20,7.20EXT,7.53,7.20_EX2,7.81, allows an unauthenticated attacker after retrieving an existing system state value can submit a malicious IGS request over a ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:45 | 阅读：10 | 回复：0
CVE漏洞

CVE-2021-27625

SAP Internet Graphics Service, versions - 7.20,7.20EXT,7.53,7.20_EX2,7.81, allows an unauthenticated attacker after retrieving an existing system state value can submit a malicious IGS request over a ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:45 | 阅读：25 | 回复：0
CVE漏洞

CVE-2021-27624

SAP Internet Graphics Service, versions - 7.20,7.20EXT,7.53,7.20_EX2,7.81, allows an unauthenticated attacker after retrieving an existing system state value can submit a malicious IGS request over a ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:45 | 阅读：6 | 回复：0
CVE漏洞

CVE-2021-27623

SAP Internet Graphics Service, versions - 7.20,7.20EXT,7.53,7.20_EX2,7.81, allows an unauthenticated attacker after retrieving an existing system state value can submit a malicious IGS request over a ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:45 | 阅读：10 | 回复：0
CVE漏洞

CVE-2021-27622

SAP Internet Graphics Service, versions - 7.20,7.20EXT,7.53,7.20_EX2,7.81, allows an unauthenticated attacker after retrieving an existing system state value can submit a malicious IGS request over a ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:45 | 阅读：8 | 回复：0
CVE漏洞

CVE-2021-27621

Information Disclosure vulnerability in UserAdmin application in SAP NetWeaver Application Server for Java, versions - 7.11,7.20,7.30,7.31,7.40 and 7.50 allows attackers to access restricted informati ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:45 | 阅读：16 | 回复：0
CVE漏洞

CVE-2021-27620

SAP Internet Graphics Service, versions - 7.20,7.20EXT,7.53,7.20_EX2,7.81, allows an unauthenticated attacker after retrieving an existing system state value can submit a malicious IGS request over a ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:45 | 阅读：8 | 回复：0
CVE漏洞

CVE-2021-27615

SAP Manufacturing Execution versions - 15.1, 1.5.2, 15.3, 15.4, does not contain some HTTP security headers in their HTTP response. The lack of these headers in response can be exploited by the attack ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:45 | 阅读：12 | 回复：0
CVE漏洞

CVE-2021-27607

SAP NetWeaver ABAP Server and ABAP Platform (Dispatcher), versions - KRNL32NUC - 7.22,7.22EXT, KRNL32UC - 7.22,7.22EXT, KRNL64NUC - 7.22,7.22EXT,7.49, KRNL64UC - 8.04,7.22,7.22EXT,7.49,7.53,7.73, KERN ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:45 | 阅读：13 | 回复：0
CVE漏洞

CVE-2021-27606

SAP NetWeaver ABAP Server and ABAP Platform (Enqueue Server), versions - KRNL32NUC - 7.22,7.22EXT, KRNL64NUC - 7.22,7.22EXT,7.49, KRNL64UC - 8.04,7.22,7.22EXT,7.49,7.53,7.73, KERNEL - 7.22,8.04,7.49,7 ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:45 | 阅读：7 | 回复：0
CVE漏洞

CVE-2021-27597

SAP NetWeaver AS for ABAP (RFC Gateway), versions - KRNL32NUC - 7.22,7.22EXT, KRNL64NUC - 7.22,7.22EXT,7.49, KRNL64UC - 8.04,7.22,7.22EXT,7.49,7.53,7.73, KERNEL - 7.22,8.04,7.49,7.53,7.73,7.77,7.81,7. ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:45 | 阅读：6 | 回复：0
CVE漏洞

CVE-2021-21490

SAP NetWeaver AS for ABAP (Web Survey), versions - 700, 702, 710, 711, 730, 731, 750, 750, 752, 75A, 75F, does not sufficiently encode input and output parameters which results in reflected cross site ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:45 | 阅读：8 | 回复：0
CVE漏洞

CVE-2021-21473

SAP NetWeaver AS ABAP and ABAP Platform, versions - 700, 702, 710, 711, 730, 731, 740, 750, 751, 752, 753, 754, 755, contains function module SRM_RFC_SUBMIT_REPORT which fails to validate authorizatio ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:45 | 阅读：25 | 回复：0
CVE漏洞

CVE-2021-33668

Due to improper input sanitization, specially crafted LDAP queries can be injected by an unauthenticated user. This could partially impact the confidentiality of the application.……

作者：菜鸟教程小白 | 时间：2022-2-5 10:45 | 阅读：11 | 回复：0
CVE漏洞

CVE-2021-3533

A flaw was found in Ansible if an ansible user sets ANSIBLE_ASYNC_DIR to a subdirectory of a world writable directory. When this occurs, there is a race condition on the managed machine. A malicious, ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:45 | 阅读：12 | 回复：0
CVE漏洞

CVE-2021-3532

A flaw was found in Ansible where the secret information present in async_files are getting disclosed when the user changes the jobdir to a world readable directory. Any secret information in an async ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:45 | 阅读：13 | 回复：0
CVE漏洞

CVE-2021-34370

** DISPUTED ** Accela Civic Platform through 20.1 allows ssoAdapter/logoutAction.do successURL XSS. NOTE: the vendor states there are configurable security flags and we are unable to reproduce them wi ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:45 | 阅读：33 | 回复：0
CVE漏洞

CVE-2021-34369

** DISPUTED ** portlets/contact/ref/refContactDetail.do in Accela Civic Platform through 20.1 allows remote attackers to obtain sensitive information via a modified contactSeqNumber value. NOTE: the v ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:45 | 阅读：12 | 回复：0
CVE漏洞

CVE-2021-33842

Improper Authentication vulnerability in the cookie parameter of Circutor SGE-PLC1000 firmware version 0.9.2b allows an attacker to perform operations as an authenticated user. In order to exploit thi ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:45 | 阅读：26 | 回复：0
CVE漏洞

CVE-2021-33841

SGE-PLC1000 device, in its 0.9.2b firmware version, does not handle some requests correctly, allowing a remote attacker to inject code into the operating system with maximum privileges.……

作者：菜鸟教程小白 | 时间：2022-2-5 10:45 | 阅读：25 | 回复：0
CVE漏洞

CVE-2021-33829

A cross-site scripting (XSS) vulnerability in the HTML Data Processor in CKEditor 4 4.14.0 through 4.16.x before 4.16.1 allows remote attackers to inject executable JavaScript code through a crafted c ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:45 | 阅读：17 | 回复：0
CVE漏洞

CVE-2021-26314

Potential floating point value injection in all supported CPU products, in conjunction with software vulnerabilities relating to speculative execution with incorrect floating point results, may cause ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:45 | 阅读：27 | 回复：0
CVE漏洞

CVE-2021-26313

Potential speculative code store bypass in all supported CPU products, in conjunction with software vulnerabilities relating to speculative execution of overwritten instructions, may cause an incorrec ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:45 | 阅读：18 | 回复：0
CVE漏洞

CVE-2021-34364

The Refined GitHub browser extension before 21.6.8 might allow XSS via a link in a document. NOTE: github.com sends Content-Security-Policy headers to, in general, address XSS and other concerns.……

作者：菜鸟教程小白 | 时间：2022-2-5 10:45 | 阅读：23 | 回复：0
CVE漏洞

CVE-2021-1937

Reachable assertion is possible while processing peer association WLAN message from host and nonstandard incoming packet in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Con ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:45 | 阅读：10 | 回复：0
CVE漏洞

CVE-2021-1900

Possible use after free in Display due to race condition while creating an external display in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industr ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:45 | 阅读：14 | 回复：0
CVE漏洞

CVE-2020-11306

Possible integer overflow in RPMB counter due to lack of length check on user provided data in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industr ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:45 | 阅读：14 | 回复：0
CVE漏洞

CVE-2020-11304

Possible out of bound read in DRM due to improper buffer length check. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon M ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:45 | 阅读：13 | 回复：0
CVE漏洞

CVE-2020-11298

While waiting for a response to a callback or listener request, non-secure clients can change permissions to shared memory buffers used by HLOS Invoke Call to secure kernel in Snapdragon Auto, Snapdra ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:45 | 阅读：19 | 回复：0
CVE漏洞

CVE-2020-11292

Possible buffer overflow in voice service due to lack of input validation of parameters in QMI Voice API in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapd ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:45 | 阅读：9 | 回复：0
CVE漏洞

CVE-2020-11291

Possible buffer overflow while updating ikev2 parameters for delete payloads received during informational exchange due to lack of check of input validation for certain parameters received from the eP ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:45 | 阅读：17 | 回复：0