漏洞 - 第965页-OGeek|极客世界-中国程序员成长平台

OGeek|极客世界-中国程序员成长平台 › 门户 ›漏洞

漏洞

RSS

下级分类:

CVE漏洞

CVE-2021-26956

An issue was discovered in the xcb crate through 2021-02-04 for Rust. It has a soundness violation because bytes from an X server can be interpreted as any data type returned by xcb::xproto::GetProper ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:40 | 阅读：30 | 回复：0
CVE漏洞

CVE-2021-26955

An issue was discovered in the xcb crate through 2021-02-04 for Rust. It has a soundness violation because xcb::xproto::GetAtomNameReply::name() calls std::str::from_utf8_unchecked() on unvalidated by ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:40 | 阅读：35 | 回复：0
CVE漏洞

CVE-2021-26954

An issue was discovered in the qwutils crate before 0.3.1 for Rust. When a Clone panic occurs, insert_slice_clone can perform a double drop.……

作者：菜鸟教程小白 | 时间：2022-2-5 09:40 | 阅读：42 | 回复：0
CVE漏洞

CVE-2021-26953

An issue was discovered in the postscript crate before 0.14.0 for Rust. It might allow attackers to obtain sensitive information from uninitialized memory locations via a user-provided Read implementa ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:40 | 阅读：30 | 回复：0
CVE漏洞

CVE-2021-26952

An issue was discovered in the ms3d crate before 0.1.3 for Rust. It might allow attackers to obtain sensitive information from uninitialized memory locations via IoReader::read.……

作者：菜鸟教程小白 | 时间：2022-2-5 09:40 | 阅读：34 | 回复：0
CVE漏洞

CVE-2021-26951

An issue was discovered in the calamine crate before 0.17.0 for Rust. It allows attackers to overwrite heap-memory locations because Vec::set_len is used without proper memory claiming, and this unini ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:40 | 阅读：45 | 回复：0
CVE漏洞

CVE-2021-21502

Dell PowerScale OneFS versions 8.1.0 – 9.1.0 contain a use of SSH key past account expiration vulnerability. A user on the network with the ISI_PRIV_AUTH_SSH RBAC privilege that has an expired accoun ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:40 | 阅读：21 | 回复：0
CVE漏洞

CVE-2020-35125

A cross-site scripting (XSS) vulnerability in the forms component of Mautic before 3.2.4 allows remote attackers to inject executable JavaScript via mautic (a different attack method than CVE-2020-351 ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:40 | 阅读：29 | 回复：0
CVE漏洞

CVE-2020-26196

Dell EMC PowerScale OneFS versions 8.1.0-9.1.0 contain a Backup/Restore Privilege implementation issue. A user with the BackupAdmin role may potentially exploit this vulnerability resulting in the abi ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:40 | 阅读：26 | 回复：0
CVE漏洞

CVE-2020-26195

Dell EMC PowerScale OneFS versions 8.1.2 – 9.1.0 contain an issue where the OneFS SMB directory auto-create may erroneously create a directory for a user. A remote unauthenticated attacker may take a ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:40 | 阅读：22 | 回复：0
CVE漏洞

CVE-2020-26194

Dell EMC PowerScale OneFS versions 8.1.2 and 8.2.2 contain an Incorrect Permission Assignment for a Critical Resource vulnerability. This may allow a non-admin user with either ISI_PRIV_LOGIN_CONSOLE ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:40 | 阅读：28 | 回复：0
CVE漏洞

CVE-2020-26193

Dell EMC PowerScale OneFS versions 8.1.0 - 9.1.0 contain an improper input validation vulnerability. A user with the ISI_PRIV_CLUSTER privilege may exploit this vulnerability, leading to the execution ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:40 | 阅读：27 | 回复：0
CVE漏洞

CVE-2020-26192

Dell EMC PowerScale OneFS versions 8.2.0 - 9.1.0 contain a privilege escalation vulnerability. A non-admin user with either ISI_PRIV_LOGIN_CONSOLE or ISI_PRIV_LOGIN_SSH may potentially exploit this vu ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:40 | 阅读：28 | 回复：0
CVE漏洞

CVE-2020-26191

Dell EMC PowerScale OneFS versions 8.1.0 - 9.1.0 contain a privilege escalation vulnerability. A user with ISI_PRIV_JOB_ENGINE may use the PermissionRepair job to grant themselves the highest level of ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:40 | 阅读：27 | 回复：0
CVE漏洞

CVE-2021-21479

In SCIMono before 0.0.19, it is possible for an attacker to inject and execute java expression compromising the availability and integrity of the system.……

作者：菜鸟教程小白 | 时间：2022-2-5 09:40 | 阅读：24 | 回复：0
CVE漏洞

CVE-2021-21478

SAP Web Dynpro ABAP allow an attacker to redirect users to a malicious site due to Reverse Tabnabbing vulnerabilities.……

作者：菜鸟教程小白 | 时间：2022-2-5 09:40 | 阅读：22 | 回复：0
CVE漏洞

CVE-2021-21477

SAP Commerce Cloud, versions - 1808,1811,1905,2005,2011, enables certain users with required privileges to edit drools rules, an authenticated attacker with this privilege will be able to inject malic ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:40 | 阅读：19 | 回复：0
CVE漏洞

CVE-2021-21476

SAP UI5 versions before 1.38.49, 1.52.49, 1.60.34, 1.71.31, 1.78.18, 1.84.5, 1.85.4, 1.86.1 allows an unauthenticated attacker to redirect users to a malicious site due to Reverse Tabnabbing vulnerabi ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:40 | 阅读：39 | 回复：0
CVE漏洞

CVE-2021-21475

Under specific circumstances SAP Master Data Management, versions - 710, 710.750, allows an unauthorized attacker to exploit insufficient validation of path information provided by users, thus charact ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:40 | 阅读：37 | 回复：0
CVE漏洞

CVE-2021-21474

SAP HANA Database, versions - 1.0, 2.0, accepts SAML tokens with MD5 digest, an attacker who manages to obtain an MD5-digest signed SAML Assertion issued for an SAP HANA instance might be able to tamp ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:40 | 阅读：42 | 回复：0
CVE漏洞

CVE-2021-21472

SAP Software Provisioning Manager 1.0 (SAP NetWeaver Master Data Management Server 7.1) does not have an option to set password during its installation, this allows an authenticated attacker to perfor ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:40 | 阅读：59 | 回复：0
CVE漏洞

CVE-2021-21444

SAP Business Objects BI Platform, versions - 410, 420, 430, allows multiple X-Frame-Options headers entries in the response headers, which may not be predictably treated by all user agents. This could ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:40 | 阅读：35 | 回复：0
CVE漏洞

CVE-2020-14343

A vulnerability was discovered in the PyYAML library in versions before 5.4, where it is susceptible to arbitrary code execution when it processes untrusted YAML files through the full_load method or ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:40 | 阅读：35 | 回复：0
CVE漏洞

CVE-2021-26937

encoding.c in GNU Screen through 4.8.0 allows remote attackers to cause a denial of service (invalid write access and application crash) or possibly have unspecified other impact via a crafted UTF-8 c ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:40 | 阅读：46 | 回复：0
CVE漏洞

CVE-2021-26551

An issue was discovered in SmartFoxServer 2.17.0. An attacker can execute arbitrary Python code, and bypass the javashell.py protection mechanism, by creating /config/ConsoleModuleUnlock.txt and editi ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:40 | 阅读：31 | 回复：0
CVE漏洞

CVE-2021-26550

An issue was discovered in SmartFoxServer 2.17.0. Cleartext password disclosure can occur via /config/server.xml.……

作者：菜鸟教程小白 | 时间：2022-2-5 09:40 | 阅读：38 | 回复：0
CVE漏洞

CVE-2021-26549

An XSS issue was discovered in SmartFoxServer 2.17.0. Input passed to the AdminTool console is not properly sanitized before being returned to the user. This can be exploited to execute arbitrary HTML ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:40 | 阅读：39 | 回复：0
CVE漏洞

CVE-2020-22839

Reflected cross-site scripting vulnerability (XSS) in the evoadm.php file in b2evolution cms version 6.11.6-stable allows remote attackers to inject arbitrary webscript or HTML code via the tab3 param ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:40 | 阅读：40 | 回复：0
CVE漏洞

CVE-2021-3191

Idelji Web ViewPoint Suite, as used in conjunction with HPE NonStop, allows Remote Unauthorized Access for T0320L01^ABY and T0320L01^ACD, T0952L01^AAR through T0952L01^AAX, and T0986L01^AAD through T0 ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:40 | 阅读：33 | 回复：0
CVE漏洞

CVE-2021-22267

Idelji Web ViewPoint Suite, as used in conjunction with HPE NonStop, allows a remote replay attack for T0320L01^ABP through T0320L01^ABZ, T0952L01^AAH through T0952L01^AAR, T0986L01 through T0986L01^A ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:40 | 阅读：32 | 回复：0
CVE漏洞

CVE-2020-28645

Deleting users with certain names caused system files to be deleted. Risk is higher for systems which allow users to register themselves and have the data directory in the web root. This affects ownCl ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:40 | 阅读：21 | 回复：0
CVE漏洞

CVE-2020-28644

The CSRF (Cross Site Request Forgery) token check was improperly implemented on cookie authenticated requests against some ocs API endpoints. This affects ownCloud/core version 10.6.……

作者：菜鸟教程小白 | 时间：2022-2-5 09:40 | 阅读：34 | 回复：0
CVE漏洞

CVE-2021-1650

Windows Runtime C++ Template Library Elevation of Privilege Vulnerability……

作者：菜鸟教程小白 | 时间：2022-2-5 09:40 | 阅读：56 | 回复：0
CVE漏洞

CVE-2021-1649

Active Template Library Elevation of Privilege Vulnerability……

作者：菜鸟教程小白 | 时间：2022-2-5 09:40 | 阅读：73 | 回复：0
CVE漏洞

CVE-2021-1648

Microsoft splwow64 Elevation of Privilege Vulnerability……

作者：菜鸟教程小白 | 时间：2022-2-5 09:40 | 阅读：48 | 回复：0
CVE漏洞

CVE-2021-1647

Microsoft Defender Remote Code Execution Vulnerability……

作者：菜鸟教程小白 | 时间：2022-2-5 09:40 | 阅读：73 | 回复：0
CVE漏洞

CVE-2021-1646

Windows WLAN Service Elevation of Privilege Vulnerability……

作者：菜鸟教程小白 | 时间：2022-2-5 09:40 | 阅读：64 | 回复：0
CVE漏洞

CVE-2021-1645

Windows Docker Information Disclosure Vulnerability……

作者：菜鸟教程小白 | 时间：2022-2-5 09:40 | 阅读：52 | 回复：0
CVE漏洞

CVE-2021-1644

HEVC Video Extensions Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-1643.……

作者：菜鸟教程小白 | 时间：2022-2-5 09:40 | 阅读：55 | 回复：0
CVE漏洞

CVE-2021-1643

HEVC Video Extensions Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-1644.……

作者：菜鸟教程小白 | 时间：2022-2-5 09:40 | 阅读：64 | 回复：0