漏洞 - 第948页-OGeek|极客世界-中国程序员成长平台

OGeek|极客世界-中国程序员成长平台 › 门户 ›漏洞

漏洞

RSS

下级分类:

CVE漏洞

CVE-2021-21160

Heap buffer overflow in WebAudio in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.……

作者：菜鸟教程小白 | 时间：2022-2-5 09:43 | 阅读：29 | 回复：0
CVE漏洞

CVE-2021-21159

Heap buffer overflow in TabStrip in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.……

作者：菜鸟教程小白 | 时间：2022-2-5 09:43 | 阅读：35 | 回复：0
CVE漏洞

CVE-2021-20268

An out-of-bounds access flaw was found in the Linux kernel's implementation of the eBPF code verifier in the way a user running the eBPF script calls dev_map_init_map or sock_map_alloc. This flaw ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:43 | 阅读：39 | 回复：0
CVE漏洞

CVE-2021-20263

A flaw was found in the virtio-fs shared file system daemon (virtiofsd) of QEMU. The new 'xattrmap' option may cause the 'security.capability' xattr in the guest to not drop on file wr ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:43 | 阅读：26 | 回复：0
CVE漏洞

CVE-2021-20262

A flaw was found in Keycloak 12.0.0 where re-authentication does not occur while updating the password. This flaw allows an attacker to take over an account if they can obtain temporary, physical acce ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:43 | 阅读：33 | 回复：0
CVE漏洞

CVE-2021-20253

A flaw was found in ansible-tower. The default installation is vulnerable to Job Isolation escape allowing an attacker to elevate the privilege from a low privileged user to the awx user from outside ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:43 | 阅读：23 | 回复：0
CVE漏洞

CVE-2021-20243

A flaw was found in ImageMagick in MagickCore/resize.c. An attacker who submits a crafted file that is processed by ImageMagick could trigger undefined behavior in the form of math division by zero. T ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:43 | 阅读：38 | 回复：0
CVE漏洞

CVE-2021-20241

A flaw was found in ImageMagick in coders/jp2.c. An attacker who submits a crafted file that is processed by ImageMagick could trigger undefined behavior in the form of math division by zero. The high ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:43 | 阅读：42 | 回复：0
CVE漏洞

CVE-2020-28150

I-Net Software Clear Reports 20.10.136 web application accepts a user-controlled input that specifies a link to an external site, and uses the user supplied data in a Redirect.……

作者：菜鸟教程小白 | 时间：2022-2-5 09:43 | 阅读：49 | 回复：0
CVE漏洞

CVE-2021-3417

An internal product security audit of LXCO, prior to version 1.2.2, discovered that credentials for Lenovo XClarity Administrator (LXCA), if added as a Resource Manager, are encoded then written to an ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:43 | 阅读：39 | 回复：0
CVE漏洞

CVE-2020-8357

A denial of service vulnerability was reported in Lenovo PCManager, prior to version 3.0.200.2042, that could allow configuration files to be written to non-standard locations.……

作者：菜鸟教程小白 | 时间：2022-2-5 09:43 | 阅读：54 | 回复：0
CVE漏洞

CVE-2020-8356

An internal product security audit of LXCO, prior to version 1.2.2, discovered that optional passwords, if specified, for the Syslog and SMTP forwarders are written to an internal LXCO log file in cle ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:43 | 阅读：38 | 回复：0
CVE漏洞

CVE-2020-35451

There is a race condition in OozieSharelibCLI in Apache Oozie before version 5.2.1 which allows a malicious attacker to replace the files in Oozie's sharelib during it's creation.……

作者：菜鸟教程小白 | 时间：2022-2-5 09:43 | 阅读：45 | 回复：0
CVE漏洞

CVE-2021-27592

When a user opens manipulated Universal 3D (.U3D) files received from untrusted sources in SAP 3D Visual Enterprise Viewer, the application crashes and becomes temporarily unavailable to the user unti ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:43 | 阅读：48 | 回复：0
CVE漏洞

CVE-2021-27591

When a user opens manipulated Portable Document Format (.PDF) format files received from untrusted sources in SAP 3D Visual Enterprise Viewer version 9, the application crashes and becomes temporarily ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:43 | 阅读：30 | 回复：0
CVE漏洞

CVE-2021-27590

When a user opens manipulated Tag Image File Format (.TIFF) format files received from untrusted sources in SAP 3D Visual Enterprise Viewer version 9, the application crashes and becomes temporarily u ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:43 | 阅读：36 | 回复：0
CVE漏洞

CVE-2021-27589

When a user opens manipulated Scalable Vector Graphics (.SVG) format files received from untrusted sources in SAP 3D Visual Enterprise Viewer version 9, the application crashes and becomes temporarily ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:43 | 阅读：36 | 回复：0
CVE漏洞

CVE-2021-27588

When a user opens manipulated HPGL format files received from untrusted sources in SAP 3D Visual Enterprise Viewer version 9, the application crashes and becomes temporarily unavailable to the user un ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:43 | 阅读：28 | 回复：0
CVE漏洞

CVE-2021-27587

When a user opens manipulated Jupiter Tessellation (.JT) format files received from untrusted sources in SAP 3D Visual Enterprise Viewer version 9, the application crashes and becomes temporarily unav ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:43 | 阅读：52 | 回复：0
CVE漏洞

CVE-2021-27586

When a user opens manipulated Interchange File Format (.IFF) format files received from untrusted sources in SAP 3D Visual Enterprise Viewer version 9, the application crashes and becomes temporarily ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:43 | 阅读：55 | 回复：0
CVE漏洞

CVE-2021-27585

When a user opens manipulated Computer Graphics Metafile (.CGM) format files received from untrusted sources in SAP 3D Visual Enterprise Viewer version 9, the application crashes and becomes temporari ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:43 | 阅读：50 | 回复：0
CVE漏洞

CVE-2021-27584

When a user opens manipulated PhotoShop Document (.PSD) format files received from untrusted sources in SAP 3D Visual Enterprise Viewer version 9, the application crashes and becomes temporarily unava ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:43 | 阅读：39 | 回复：0
CVE漏洞

CVE-2021-25915

Prototype pollution vulnerability in 'changeset' versions 0.0.1 through 0.2.5 allows an attacker to cause a denial of service and may lead to remote code execution.……

作者：菜鸟教程小白 | 时间：2022-2-5 09:43 | 阅读：41 | 回复：0
CVE漏洞

CVE-2021-21493

When a user opens manipulated Graphics Interchange Format (.GIF) format files received from untrusted sources in SAP 3D Visual Enterprise Viewer version 9, the application crashes and becomes temporar ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:43 | 阅读：55 | 回复：0
CVE漏洞

CVE-2021-21488

Knowledge Management versions 7.01, 7.02, 7.30, 7.31, 7.40, 7.50 allows a remote attacker with basic privileges to deserialize user-controlled data without verification, leading to insecure deserializ ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:43 | 阅读：59 | 回复：0
CVE漏洞

CVE-2021-21487

SAP Payment Engine version 500, does not perform necessary authorization checks for an authenticated user, resulting in escalation of privileges.……

作者：菜鸟教程小白 | 时间：2022-2-5 09:43 | 阅读：59 | 回复：0
CVE漏洞

CVE-2021-21486

SAP Enterprise Financial Services versions, 101, 102, 103, 104, 105, 600, 603, 604, 605, 606, 616, 617, 618, 800, does not perform necessary authorization checks for an authenticated user, resulting i ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:43 | 阅读：46 | 回复：0
CVE漏洞

CVE-2021-21484

LDAP authentication in SAP HANA Database version 2.0 can be bypassed if the attached LDAP directory server is configured to enable unauthenticated bind.……

作者：菜鸟教程小白 | 时间：2022-2-5 09:43 | 阅读：48 | 回复：0
CVE漏洞

CVE-2021-21481

The MigrationService, which is part of SAP NetWeaver versions 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50, does not perform an authorization check. This might allow an unauthorized attacker to access con ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:43 | 阅读：46 | 回复：0
CVE漏洞

CVE-2021-21480

SAP MII allows users to create dashboards and save them as JSP through the SSCE (Self Service Composition Environment). An attacker can intercept a request to the server, inject malicious JSP code in ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:43 | 阅读：45 | 回复：0
CVE漏洞

CVE-2021-20341

IBM Cloud Pak for Multicloud Management Monitoring 2.2 returns potentially sensitive information in headers which could lead to further attacks against the system. IBM X-Force ID: 194513.……

作者：菜鸟教程小白 | 时间：2022-2-5 09:43 | 阅读：54 | 回复：0
CVE漏洞

CVE-2021-28006

Web Based Quiz System 1.0 is affected by cross-site scripting (XSS) in admin.php through the options parameter.……

作者：菜鸟教程小白 | 时间：2022-2-5 09:43 | 阅读：51 | 回复：0
CVE漏洞

CVE-2021-20276

A flaw was found in privoxy before 3.0.32. Invalid memory access with an invalid pattern passed to pcre_compile() may lead to denial of service.……

作者：菜鸟教程小白 | 时间：2022-2-5 09:43 | 阅读：38 | 回复：0
CVE漏洞

CVE-2021-20275

A flaw was found in privoxy before 3.0.32. A invalid read of size two may occur in chunked_body_is_complete() leading to denial of service.……

作者：菜鸟教程小白 | 时间：2022-2-5 09:43 | 阅读：35 | 回复：0
CVE漏洞

CVE-2021-20274

A flaw was found in privoxy before 3.0.32. A crash may occur due a NULL-pointer dereference when the socks server misbehaves.……

作者：菜鸟教程小白 | 时间：2022-2-5 09:43 | 阅读：43 | 回复：0
CVE漏洞

CVE-2021-20273

A flaw was found in privoxy before 3.0.32. A crash can occur via a crafted CGI request if Privoxy is toggled off.……

作者：菜鸟教程小白 | 时间：2022-2-5 09:43 | 阅读：44 | 回复：0
CVE漏洞

CVE-2021-20272

A flaw was found in privoxy before 3.0.32. An assertion failure could be triggered with a crafted CGI request leading to server crash.……

作者：菜鸟教程小白 | 时间：2022-2-5 09:43 | 阅读：41 | 回复：0
CVE漏洞

CVE-2021-24033

react-dev-utils prior to v11.0.4 exposes a function, getProcessForPort, where an input argument is concatenated into a command string to be executed. This function is typically used from react-scripts ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:43 | 阅读：51 | 回复：0
CVE漏洞

CVE-2021-21361

The `com.bmuschko:gradle-vagrant-plugin` Gradle plugin contains an information disclosure vulnerability due to the logging of the system environment variables. When this Gradle plugin is executed in p ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:43 | 阅读：47 | 回复：0
CVE漏洞

CVE-2021-21360

Products.GenericSetup is a mini-framework for expressing the configured state of a Zope Site as a set of filesystem artifacts. In Products.GenericSetup before version 2.1.1 there is an information dis ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:43 | 阅读：50 | 回复：0