漏洞 - 第807页-OGeek|极客世界-中国程序员成长平台

OGeek|极客世界-中国程序员成长平台 › 门户 ›漏洞

漏洞

RSS

下级分类:

CVE漏洞

CVE-2021-1563

Multiple vulnerabilities in the implementation of the Cisco Discovery Protocol and Link Layer Discovery Protocol (LLDP) for Cisco Video Surveillance 7000 Series IP Cameras could allow an unauthenticat ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:42 | 阅读：13 | 回复：0
CVE漏洞

CVE-2021-1544

A vulnerability in logging mechanisms of Cisco Webex Meetings client software could allow an authenticated, local attacker to gain access to sensitive information. This vulnerability is due to unsafe ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:42 | 阅读：9 | 回复：0
CVE漏洞

CVE-2021-1540

Multiple vulnerabilities in the authorization process of Cisco ASR 5000 Series Software (StarOS) could allow an authenticated, remote attacker to bypass authorization and execute a subset of CLI comma ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:42 | 阅读：14 | 回复：0
CVE漏洞

CVE-2021-1539

Multiple vulnerabilities in the authorization process of Cisco ASR 5000 Series Software (StarOS) could allow an authenticated, remote attacker to bypass authorization and execute a subset of CLI comma ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:42 | 阅读：17 | 回复：0
CVE漏洞

CVE-2021-1538

A vulnerability in the configuration dashboard of Cisco Common Services Platform Collector (CSPC) could allow an authenticated, remote attacker to execute arbitrary code. This vulnerability is due to ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:42 | 阅读：19 | 回复：0
CVE漏洞

CVE-2021-1537

A vulnerability in the installer software of Cisco ThousandEyes Recorder could allow an unauthenticated, local attacker to access sensitive information that is contained in the ThousandEyes Recorder i ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:42 | 阅读：20 | 回复：0
CVE漏洞

CVE-2021-1536

A vulnerability in Cisco Webex Meetings Desktop App for Windows, Cisco Webex Meetings Server, Cisco Webex Network Recording Player for Windows, and Cisco Webex Teams for Windows could allow an authent ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:42 | 阅读：12 | 回复：0
CVE漏洞

CVE-2021-1528

A vulnerability in the CLI of Cisco SD-WAN Software could allow an authenticated, local attacker to gain elevated privileges on an affected system. This vulnerability exists because the affected softw ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:42 | 阅读：12 | 回复：0
CVE漏洞

CVE-2021-1527

A vulnerability in Cisco Webex Player for Windows and MacOS could allow an attacker to cause the affected software to terminate or to gain access to memory state information that is related to the vul ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:42 | 阅读：22 | 回复：0
CVE漏洞

CVE-2021-1526

A vulnerability in Cisco Webex Player for Windows and MacOS could allow an attacker to execute arbitrary code on an affected system. This vulnerability is due to insufficient validation of values in W ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:42 | 阅读：22 | 回复：0
CVE漏洞

CVE-2021-1525

A vulnerability in Cisco Webex Meetings and Cisco Webex Meetings Server could allow an unauthenticated, remote attacker to redirect users to a malicious file. This vulnerability is due to improper val ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:42 | 阅读：38 | 回复：0
CVE漏洞

CVE-2021-1517

A vulnerability in the multimedia viewer feature of Cisco Webex Meetings and Cisco Webex Meetings Server could allow an authenticated, remote attacker to bypass security protections. This vulnerabilit ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:42 | 阅读：16 | 回复：0
CVE漏洞

CVE-2021-1503

A vulnerability in Cisco Webex Network Recording Player for Windows and MacOS and Cisco Webex Player for Windows and MacOS could allow an attacker to execute arbitrary code on an affected system. This ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:42 | 阅读：19 | 回复：0
CVE漏洞

CVE-2021-1502

A vulnerability in Cisco Webex Network Recording Player for Windows and MacOS and Cisco Webex Player for Windows and MacOS could allow an attacker to execute arbitrary code on an affected system. The ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:42 | 阅读：20 | 回复：0
CVE漏洞

CVE-2020-36142

BloofoxCMS 0.5.2.1 allows Directory traversal vulnerability by inserting '../' payloads within the 'fileurl' parameter.……

作者：菜鸟教程小白 | 时间：2022-2-5 10:42 | 阅读：16 | 回复：0
CVE漏洞

CVE-2020-36141

BloofoxCMS 0.5.2.1 allows Unrestricted File Upload vulnerability via bypass MIME Type validation by inserting 'image/jpeg' within the 'Content-Type' header.……

作者：菜鸟教程小白 | 时间：2022-2-5 10:42 | 阅读：17 | 回复：0
CVE漏洞

CVE-2020-36140

BloofoxCMS 0.5.2.1 allows Cross-Site Request Forgery (CSRF) via 'mode=settingspage=editor', as demonstrated by use of 'mode=settingspage=editor' to change any file content (Locally/Rem ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:42 | 阅读：14 | 回复：0
CVE漏洞

CVE-2020-36139

BloofoxCMS 0.5.2.1 allows Reflected Cross-Site Scripting (XSS) vulnerability by inserting a XSS payload within the 'fileurl' parameter.……

作者：菜鸟教程小白 | 时间：2022-2-5 10:42 | 阅读：18 | 回复：0
CVE漏洞

CVE-2021-33054

SOGo 2.x before 2.4.1 and 3.x through 5.x before 5.1.1 does not validate the signatures of any SAML assertions it receives. Any actor with network access to the deployment could impersonate users when ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:42 | 阅读：12 | 回复：0
CVE漏洞

CVE-2021-28091

Lasso all versions prior to 2.7.0 has improper verification of a cryptographic signature.……

作者：菜鸟教程小白 | 时间：2022-2-5 10:42 | 阅读：29 | 回复：0
CVE漏洞

CVE-2021-27657

Successful exploitation of this vulnerability could give an authenticated Metasys user an unintended level of access to the server file system, allowing them to access or modify system files by sendin ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:42 | 阅读：39 | 回复：0
CVE漏洞

CVE-2021-30475

aom_dsp/noise_model.c in libaom in AOMedia before 2021-03-24 has a buffer overflow.……

作者：菜鸟教程小白 | 时间：2022-2-5 10:42 | 阅读：16 | 回复：0
CVE漏洞

CVE-2021-22516

Insertion of Sensitive Information into Log File vulnerability in Micro Focus Secure API Manager (SAPIM) product, affecting version 2.0.0. The vulnerability could lead to sensitive information being i ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:42 | 阅读：23 | 回复：0
CVE漏洞

CVE-2020-27302

A stack buffer overflow in Realtek RTL8710 (and other Ameba-based devices) can lead to remote code execution via the memcpy function, when an attacker in Wi-Fi range sends a crafted Encrypted GTK valu ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:42 | 阅读：16 | 回复：0
CVE漏洞

CVE-2020-27301

A stack buffer overflow in Realtek RTL8710 (and other Ameba-based devices) can lead to remote code execution via the AES_UnWRAP function, when an attacker in Wi-Fi range sends a crafted Encrypted GTK ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:42 | 阅读：19 | 回复：0
CVE漏洞

CVE-2021-3565

A flaw was found in tpm2-tools in versions before 5.1.1 and before 4.3.2. tpm2_import used a fixed AES key for the inner wrapper, potentially allowing a MITM attacker to unwrap the inner portion and r ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:42 | 阅读：15 | 回复：0
CVE漏洞

CVE-2020-7469

In FreeBSD 12.2-STABLE before r367402, 11.4-STABLE before r368202, 12.2-RELEASE before p1, 12.1-RELEASE before p11 and 11.4-RELEASE before p5 the handler for a routing option caches a pointer into the ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:42 | 阅读：19 | 回复：0
CVE漏洞

CVE-2021-26994

Clustered Data ONTAP versions prior to 9.7P13 and 9.8P3 are susceptible to a vulnerability which could allow single workloads to cause a Denial of Service (DoS) on a cluster node.……

作者：菜鸟教程小白 | 时间：2022-2-5 10:42 | 阅读：13 | 回复：0
CVE漏洞

CVE-2020-36382

OpenVPN Access Server 2.7.3 to 2.8.7 allows remote attackers to trigger an assert during the user authentication phase via incorrect authentication token data in an early phase of the user authenticat ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:42 | 阅读：13 | 回复：0
CVE漏洞

CVE-2020-15077

OpenVPN Access Server 2.8.7 and earlier versions allows a remote attackers to bypass authentication and access control channel data on servers configured with deferred authentication, which can be use ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:42 | 阅读：21 | 回复：0
CVE漏洞

CVE-2021-3491

The io_uring subsystem in the Linux kernel allowed the MAX_RW_COUNT limit to be bypassed in the PROVIDE_BUFFERS operation, which led to negative values being usedin mem_rw when reading /proc/PID/mem. ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:42 | 阅读：23 | 回复：0
CVE漏洞

CVE-2021-3490

The eBPF ALU32 bounds tracking for bitwise ops (AND, OR and XOR) in the Linux kernel did not properly update 32-bit bounds, which could be turned into out of bounds reads and writes in the Linux kerne ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:42 | 阅读：27 | 回复：0
CVE漏洞

CVE-2021-3489

The eBPF RINGBUF bpf_ringbuf_reserve() function in the Linux kernel did not check that the allocated size was smaller than the ringbuf size, allowing an attacker to perform out-of-bounds writes within ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:42 | 阅读：34 | 回复：0
CVE漏洞

CVE-2021-33840

The server in Luca through 1.1.14 allows remote attackers to cause a denial of service (insertion of many fake records related to COVID-19) because Phone Number data lacks a digital signature.……

作者：菜鸟教程小白 | 时间：2022-2-5 10:42 | 阅读：42 | 回复：0
CVE漏洞

CVE-2021-33839

Luca through 1.7.4 on Android allows remote attackers to obtain sensitive information about COVID-19 tracking because the QR code of a Public Location can be intentionally confused with the QR code of ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:42 | 阅读：31 | 回复：0
CVE漏洞

CVE-2021-33838

Luca through 1.7.4 on Android allows remote attackers to obtain sensitive information about COVID-19 tracking because requests related to Check-In State occur shortly after requests for Phone Number R ...……

作者：菜鸟教程小白 | 时间：2022-2-5 10:42 | 阅读：28 | 回复：0
CVE漏洞

CVE-2020-36009

OBottle 2.0 in \c\g.php contains an arbitrary file download vulnerability.……

作者：菜鸟教程小白 | 时间：2022-2-5 10:42 | 阅读：27 | 回复：0
CVE漏洞

CVE-2020-36008

OBottle 2.0 in \c\t.php contains an arbitrary file write vulnerability.……

作者：菜鸟教程小白 | 时间：2022-2-5 10:42 | 阅读：30 | 回复：0
CVE漏洞

CVE-2020-36007

AppCMS 2.0.101 in /admin/template/tpl_app.php has a cross site scripting attack vulnerability which allows the attacker to obtain sensitive information of other users.……

作者：菜鸟教程小白 | 时间：2022-2-5 10:42 | 阅读：24 | 回复：0
CVE漏洞

CVE-2020-36006

AppCMS 2.0.101 in /admin/info.php has an arbitrary file deletion vulnerability which allows attackers to delete arbitrary files on the site.……

作者：菜鸟教程小白 | 时间：2022-2-5 10:42 | 阅读：36 | 回复：0