漏洞 - 第941页-OGeek|极客世界-中国程序员成长平台

OGeek|极客世界-中国程序员成长平台 › 门户 ›漏洞

漏洞

RSS

下级分类:

CVE漏洞

CVE-2021-21008

Adobe Animate version 21.0 (and earlier) is affected by an uncontrolled search path element that could result in arbitrary code execution in the context of the current user. Exploitation of this issue ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:44 | 阅读：37 | 回复：0
CVE漏洞

CVE-2021-21007

Adobe Illustrator version 25.0 (and earlier) is affected by an uncontrolled search path element that could result in arbitrary code execution in the context of the current user. Exploitation of this i ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:44 | 阅读：43 | 回复：0
CVE漏洞

CVE-2021-21006

Adobe Photoshop version 22.1 (and earlier) is affected by a heap buffer overflow vulnerability when handling a specially crafted font file. Successful exploitation could lead to arbitrary code executi ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:44 | 阅读：48 | 回复：0
CVE漏洞

CVE-2020-9209

There is a privilege escalation vulnerability in SMC2.0 product. Some files in a directory of a module are located improperly. It does not apply the directory limitation. Attackers can exploit this vu ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:44 | 阅读：47 | 回复：0
CVE漏洞

CVE-2020-1866

There is an out-of-bounds read vulnerability in several products. The software reads data past the end of the intended buffer when parsing certain crafted DHCP messages. Successful exploit could cause ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:44 | 阅读：64 | 回复：0
CVE漏洞

CVE-2020-1865

There is an out-of-bounds read vulnerability in Huawei CloudEngine products. The software reads data past the end of the intended buffer when parsing certain PIM message, an adjacent attacker could se ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:44 | 阅读：40 | 回复：0
CVE漏洞

CVE-2020-14102

There is command injection when ddns processes the hostname, which causes the administrator user to obtain the root privilege of the router. This affects Xiaomi router AX1800rom version 1.0.336 and X ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:44 | 阅读：31 | 回复：0
CVE漏洞

CVE-2020-14101

The data collection SDK of the router web management interface caused the leakage of the token. This affects Xiaomi router AX1800rom version 1.0.336 and Xiaomi route RM1800 root version 1.0.26.……

作者：菜鸟教程小白 | 时间：2022-2-5 09:44 | 阅读：52 | 回复：0
CVE漏洞

CVE-2020-14098

The login verification can be bypassed by using the problem that the time is not synchronized after the router restarts. This affects Xiaomi router AX1800rom version 1.0.336 and Xiaomi route RM1800 r ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:44 | 阅读：35 | 回复：0
CVE漏洞

CVE-2020-14097

Wrong nginx configuration, causing specific paths to be downloaded without authorization. This affects Xiaomi router AX6 ROM version 1.0.18.……

作者：菜鸟教程小白 | 时间：2022-2-5 09:44 | 阅读：44 | 回复：0
CVE漏洞

CVE-2013-1053

In crypt.c of remote-login-service, the cryptographic algorithm used to cache usernames and passwords is insecure. An attacker could use this vulnerability to recover usernames and passwords from the ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:44 | 阅读：46 | 回复：0
CVE漏洞

CVE-2021-1360

Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to execute arbitrary code ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:44 | 阅读：33 | 回复：0
CVE漏洞

CVE-2021-1311

A vulnerability in the reclaim host role feature of Cisco Webex Meetings and Cisco Webex Meetings Server could allow an authenticated, remote attacker to take over the host role during a meeting. This ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:44 | 阅读：32 | 回复：0
CVE漏洞

CVE-2021-1310

A vulnerability in the web-based management interface of Cisco Webex Meetings could allow an unauthenticated, remote attacker to redirect a user to an untrusted web page, bypassing the warning mechani ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:44 | 阅读：39 | 回复：0
CVE漏洞

CVE-2021-1307

Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to execute arbitrary code ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:44 | 阅读：40 | 回复：0
CVE漏洞

CVE-2021-1267

A vulnerability in the dashboard widget of Cisco Firepower Management Center (FMC) Software could allow an authenticated, remote attacker to cause a denial of service (DoS) condition on an affected de ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:44 | 阅读：38 | 回复：0
CVE漏洞

CVE-2021-1258

A vulnerability in the upgrade component of Cisco AnyConnect Secure Mobility Client could allow an authenticated, local attacker with low privileges to read arbitrary files on the underlying operating ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:44 | 阅读：40 | 回复：0
CVE漏洞

CVE-2021-1246

Multiple vulnerabilities in the web-based management interface of Cisco Finesse could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack and obtain potentially co ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:44 | 阅读：41 | 回复：0
CVE漏洞

CVE-2021-1245

Multiple vulnerabilities in the web-based management interface of Cisco Finesse could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack and obtain potentially co ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:44 | 阅读：44 | 回复：0
CVE漏洞

CVE-2021-1242

A vulnerability in Cisco Webex Teams could allow an unauthenticated, remote attacker to manipulate file names within the messaging interface. The vulnerability exists because the affected software mis ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:44 | 阅读：56 | 回复：0
CVE漏洞

CVE-2021-1240

A vulnerability in the loading process of specific DLLs in Cisco Proximity Desktop for Windows could allow an authenticated, local attacker to load a malicious library. To exploit this vulnerability, ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:44 | 阅读：33 | 回复：0
CVE漏洞

CVE-2021-0398

In bindServiceLocked of ActiveServices.java, there is a possible foreground service launch due to a confused deputy. This could lead to local escalation of privilege with User execution privileges nee ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:44 | 阅读：52 | 回复：0
CVE漏洞

CVE-2021-0397

In sdp_copy_raw_data of sdp_discovery.cc, there is a possible system compromise due to a double free. This could lead to remote code execution with no additional execution privileges needed. User inte ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:44 | 阅读：68 | 回复：0
CVE漏洞

CVE-2021-0396

In Builtins::Generate_ArgumentsAdaptorTrampoline of builtins-arm.cc and related files, there is a possible out of bounds write due to an incorrect bounds check. This could lead to remote code executio ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:44 | 阅读：68 | 回复：0
CVE漏洞

CVE-2021-0395

In StopServicesAndLogViolations of reboot.cpp, there is possible memory corruption due to a use after free. This could lead to local escalation of privilege with no additional execution privileges nee ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:44 | 阅读：66 | 回复：0
CVE漏洞

CVE-2021-0394

In android_os_Parcel_readString8 of android_os_Parcel.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional exec ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:44 | 阅读：67 | 回复：0
CVE漏洞

CVE-2021-0393

In Scanner::LiteralBuffer::NewCapacity of scanner.cc, there is a possible out of bounds write due to an integer overflow. This could lead to remote code execution if an attacker can supply a malicious ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:44 | 阅读：51 | 回复：0
CVE漏洞

CVE-2021-0392

In main of main.cpp, there is a possible memory corruption due to a double free. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:44 | 阅读：54 | 回复：0
CVE漏洞

CVE-2021-0391

In onCreate() of ChooseTypeAndAccountActivity.java, there is a possible way to learn the existence of an account, without permissions, due to a tapjacking/overlay attack. This could lead to local esca ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:44 | 阅读：78 | 回复：0
CVE漏洞

CVE-2021-0390

In various methods of WifiNetworkSuggestionsManager.java, there is a possible modification of suggested networks due to a missing permission check. This could lead to local escalation of privilege by ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:44 | 阅读：64 | 回复：0
CVE漏洞

CVE-2021-0378

In getNbits of pvmp3_getbits.cpp, there is a possible out of bounds read due to a heap buffer overflow. This could lead to remote information disclosure with no additional execution privileges needed. ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:44 | 阅读：74 | 回复：0
CVE漏洞

CVE-2021-0377

In DeltaPerformer::Write of delta_performer.cc, there is a possible use of untrusted input due to improper input validation. This could lead to a local bypass of defense in depth protections with no a ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:44 | 阅读：58 | 回复：0
CVE漏洞

CVE-2021-0376

In checkUriPermission and related functions of MediaProvider.java, there is a possible way to access external files due to a permissions bypass. This could lead to local escalation of privilege with n ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:44 | 阅读：62 | 回复：0
CVE漏洞

CVE-2021-0375

In onPackageModified of VoiceInteractionManagerService.java, there is a possible change of default applications due to an insecure default value. This could lead to local escalation of privilege with ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:44 | 阅读：56 | 回复：0
CVE漏洞

CVE-2021-0374

In BnAudioPolicyService::onTransact of IAudioPolicyService.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execut ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:44 | 阅读：49 | 回复：0
CVE漏洞

CVE-2021-0372

In getMediaOutputSliceAction of RemoteMediaSlice.java, there is a possible permission bypass due to an unsafe PendingIntent. This could lead to local escalation of privilege with User execution privil ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:44 | 阅读：59 | 回复：0
CVE漏洞

CVE-2021-0371

In nci_proc_rf_management_ntf of nci_hrcv.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges ne ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:44 | 阅读：77 | 回复：0
CVE漏洞

CVE-2021-0370

In Write of NxpMfcReader.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege in the NFC server with System execution privileges ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:44 | 阅读：81 | 回复：0
CVE漏洞

CVE-2021-0369

In CrossProfileAppsServiceImpl.java, there is the possibility of an application's INTERACT_ACROSS_PROFILES grant state not displaying properly in the setting UI due to a logic error in the code. T ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:44 | 阅读：93 | 回复：0
CVE漏洞

CVE-2021-0368

In oggpack_look of bitwise.c, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. Use ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:44 | 阅读：72 | 回复：0