CVE漏洞

OStack程序员社区-中国程序员成长平台 › 门户 › 漏洞›CVE漏洞

RSS

CVE-2021-34341

Ming 0.4.8 has an out-of-bounds read vulnerability in the function decompileIF() in the decompile.c file that causes a direct segmentation fault and leads to denial of service.……

作者：菜鸟教程小白 | 时间：2022-6-23 10:50 | 阅读：123 | 回复：0
CVE-2021-34342

Ming 0.4.8 has an out-of-bounds read vulnerability in the function newVar_N() in decompile.c which causes a huge information leak.……

作者：菜鸟教程小白 | 时间：2022-6-23 10:50 | 阅读：75 | 回复：0
CVE-2021-35251

Sensitive information could be displayed when a detailed technical error message is posted. This information could disclose environmental details about the Web Help Desk installation.……

作者：菜鸟教程小白 | 时间：2022-6-23 10:50 | 阅读：75 | 回复：0
CVE-2021-3558

** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none.……

作者：菜鸟教程小白 | 时间：2022-6-23 10:50 | 阅读：60 | 回复：0
CVE-2021-3660

Cockpit (and its plugins) do not seem to protect itself against clickjacking. It is possible to render a page from a cockpit server via another website, inside an iFrame HTML entry. This may be used b ...……

作者：菜鸟教程小白 | 时间：2022-6-23 10:50 | 阅读：50 | 回复：0
CVE-2021-3698

A flaw was found in Cockpit in versions prior to 260 in the way it handles the certificate verification performed by the System Security Services Daemon (SSSD). This flaw allows client certificates to ...……

作者：菜鸟教程小白 | 时间：2022-6-23 10:50 | 阅读：47 | 回复：0
CVE-2021-3732

A security issue was found in Linux kernel’s OverlayFS subsystem where a local attacker who has the ability to mount the TmpFS filesystem with OverlayFS can abuse a logic bug in the overlayfs code wh ...……

作者：菜鸟教程小白 | 时间：2022-6-23 10:50 | 阅读：41 | 回复：0
CVE-2021-3733

There's a flaw in urllib's AbstractBasicAuthHandler class. An attacker who controls a malicious HTTP server that an HTTP client (such as web browser) connects to, could trigger a Regular Expre ...……

作者：菜鸟教程小白 | 时间：2022-6-23 10:50 | 阅读：42 | 回复：0
CVE-2021-3739

A NULL pointer dereference flaw was found in the btrfs_rm_device function in fs/btrfs/volumes.c in the Linux Kernel, where triggering the bug requires ‘CAP_SYS_ADMIN’. This flaw allows a local attac ...……

作者：菜鸟教程小白 | 时间：2022-6-23 10:50 | 阅读：53 | 回复：0
CVE-2021-3981

A flaw in grub2 was found where its configuration file, known as grub.cfg, is being created with the wrong permission set allowing non privileged users to read its content. This represents a low sever ...……

作者：菜鸟教程小白 | 时间：2022-6-23 10:50 | 阅读：50 | 回复：0
CVE-2021-40047

There is a vulnerability of memory not being released after effective lifetime in the Bastet module. Successful exploitation of this vulnerability may affect integrity.……

作者：菜鸟教程小白 | 时间：2022-6-23 10:50 | 阅读：53 | 回复：0
CVE-2021-40048

There is an incorrect buffer size calculation vulnerability in the video framework. Successful exploitation of this vulnerability will affect availability.……

作者：菜鸟教程小白 | 时间：2022-6-23 10:50 | 阅读：49 | 回复：0
CVE-2021-40049

There is a permission control vulnerability in the PMS module. Successful exploitation of this vulnerability can lead to sensitive system information being obtained without authorization.……

作者：菜鸟教程小白 | 时间：2022-6-23 10:50 | 阅读：40 | 回复：0
CVE-2021-40050

There is an out-of-bounds read vulnerability in the IFAA module. Successful exploitation of this vulnerability may cause stack overflow.……

作者：菜鸟教程小白 | 时间：2022-6-23 10:50 | 阅读：38 | 回复：0
CVE-2021-40051

There is an unauthorized access vulnerability in system components. Successful exploitation of this vulnerability will affect confidentiality.……

作者：菜鸟教程小白 | 时间：2022-6-23 10:50 | 阅读：37 | 回复：0
CVE-2021-40052

There is an incorrect buffer size calculation vulnerability in the video framework. Successful exploitation of this vulnerability may affect availability.……

作者：菜鸟教程小白 | 时间：2022-6-23 10:50 | 阅读：31 | 回复：0
CVE-2021-40053

There is a permission control vulnerability in the Nearby module. Successful exploitation of this vulnerability will affect availability and integrity.……

作者：菜鸟教程小白 | 时间：2022-6-23 10:50 | 阅读：31 | 回复：0
CVE-2021-40054

There is an integer underflow vulnerability in the atcmdserver module. Successful exploitation of this vulnerability may affect integrity.……

作者：菜鸟教程小白 | 时间：2022-6-23 10:50 | 阅读：32 | 回复：0
CVE-2021-40055

There is a man-in-the-middle attack vulnerability during system update download in recovery mode. Successful exploitation of this vulnerability may affect integrity.……

作者：菜鸟教程小白 | 时间：2022-6-23 10:50 | 阅读：37 | 回复：0
CVE-2021-40056

There is a vulnerability of copying input buffer without checking its size in the video framework. Successful exploitation of this vulnerability may affect availability.……

作者：菜鸟教程小白 | 时间：2022-6-23 10:50 | 阅读：39 | 回复：0
CVE-2021-40057

There is a heap-based and stack-based buffer overflow vulnerability in the video framework. Successful exploitation of this vulnerability may affect availability.……

作者：菜鸟教程小白 | 时间：2022-6-23 10:50 | 阅读：35 | 回复：0
CVE-2021-40058

There is a heap-based buffer overflow vulnerability in the video framework. Successful exploitation of this vulnerability may affect availability.……

作者：菜鸟教程小白 | 时间：2022-6-23 10:50 | 阅读：42 | 回复：0
CVE-2021-40060

There is a heap-based buffer overflow vulnerability in the video framework. Successful exploitation of this vulnerability may affect availability.……

作者：菜鸟教程小白 | 时间：2022-6-23 10:50 | 阅读：44 | 回复：0
CVE-2022-23956

Potential vulnerabilities have been identified in the BIOS for some HP PC products which may allow denial of service.……

作者：菜鸟教程小白 | 时间：2022-6-23 10:49 | 阅读：104 | 回复：0
CVE-2021-41001

An authenticated remote code execution vulnerability was discovered in the AOS-CX Network Analytics Engine (NAE) in Aruba CX 6200F Switch Series, Aruba 6300 Switch Series, Aruba 6400 Switch Series, Ar ...……

作者：菜鸟教程小白 | 时间：2022-6-23 10:49 | 阅读：130 | 回复：0
CVE-2021-41003

Multiple unauthenticated command injection vulnerabilities were discovered in the AOS-CX API interface in Aruba CX 6200F Switch Series, Aruba 6300 Switch Series, Aruba 6400 Switch Series, Aruba 8320 S ...……

作者：菜鸟教程小白 | 时间：2022-6-23 10:49 | 阅读：102 | 回复：0
CVE-2021-45074

JFrog Artifactory before 7.29.3 and 6.23.38, is vulnerable to Broken Access Control, a low-privileged user is able to delete other known users OAuth token, which will force a reauthentication on an ac ...……

作者：菜鸟教程小白 | 时间：2022-6-23 10:49 | 阅读：101 | 回复：0
CVE-2021-46270

JFrog Artifactory before 7.31.10, is vulnerable to Broken Access Control where a project admin user is able to list all available repository names due to insufficient permission validation.……

作者：菜鸟教程小白 | 时间：2022-6-23 10:49 | 阅读：107 | 回复：0
CVE-2022-0711

A flaw was found in the way HAProxy processed HTTP responses containing the Set-Cookie2 header. This flaw could allow an attacker to send crafted HTTP response packets which lead to an infinite loop, ...……

作者：菜鸟教程小白 | 时间：2022-6-23 10:49 | 阅读：101 | 回复：0
CVE-2022-23954

Potential vulnerabilities have been identified in the BIOS for some HP PC products which may allow denial of service.……

作者：菜鸟教程小白 | 时间：2022-6-23 10:49 | 阅读：132 | 回复：0
CVE-2022-23955

Potential vulnerabilities have been identified in the BIOS for some HP PC products which may allow denial of service.……

作者：菜鸟教程小白 | 时间：2022-6-23 10:49 | 阅读：251 | 回复：0
CVE-2022-23957

Potential vulnerabilities have been identified in the BIOS for some HP PC products which may allow denial of service.……

作者：菜鸟教程小白 | 时间：2022-6-23 10:49 | 阅读：144 | 回复：0
CVE-2022-23958

Potential vulnerabilities have been identified in the BIOS for some HP PC products which may allow denial of service.……

作者：菜鸟教程小白 | 时间：2022-6-23 10:49 | 阅读：114 | 回复：0
CVE-2021-23180

A flaw was found in htmldoc in v1.9.12 and before. Null pointer dereference in file_extension(),in file.c may lead to execute arbitrary code and denial of service.……

作者：菜鸟教程小白 | 时间：2022-6-23 10:49 | 阅读：101 | 回复：0
CVE-2021-23191

A security issue was found in htmldoc v1.9.12 and before. A NULL pointer dereference in the function image_load_jpeg() in image.cxx may result in denial of service.……

作者：菜鸟教程小白 | 时间：2022-6-23 10:49 | 阅读：102 | 回复：0
CVE-2021-23192

A flaw was found in the way samba implemented DCE/RPC. If a client to a Samba server sent a very large DCE/RPC request, and chose to fragment it, an attacker could replace later fragments with their o ...……

作者：菜鸟教程小白 | 时间：2022-6-23 10:49 | 阅读：86 | 回复：0
CVE-2021-23206

A flaw was found in htmldoc in v1.9.12 and prior. A stack buffer overflow in parse_table() in ps-pdf.cxx may lead to execute arbitrary code and denial of service.……

作者：菜鸟教程小白 | 时间：2022-6-23 10:49 | 阅读：61 | 回复：0
CVE-2021-23222

A man-in-the-middle attacker can inject false responses to the client's first few queries, despite the use of SSL certificate verification and encryption.……

作者：菜鸟教程小白 | 时间：2022-6-23 10:49 | 阅读：62 | 回复：0
CVE-2021-38266

The Portal Security module in Liferay Portal 7.2.1 and earlier, and Liferay DXP 7.0 before fix pack 90, 7.1 before fix pack 17 and 7.2 before fix pack 5 does not correctly import users from LDAP, whic ...……

作者：菜鸟教程小白 | 时间：2022-6-23 10:49 | 阅读：71 | 回复：0
CVE-2021-3623

A flaw was found in libtpms. The flaw can be triggered by specially-crafted TPM 2 command packets containing illegal values and may lead to an out-of-bounds access when the volatile state of the TPM 2 ...……

作者：菜鸟教程小白 | 时间：2022-6-23 10:49 | 阅读：73 | 回复：0