CVE漏洞

OStack程序员社区-中国程序员成长平台 › 门户 › 漏洞›CVE漏洞

RSS

CVE-2022-24345

In JetBrains IntelliJ IDEA before 2021.2.4, local code execution (without permission from a user) upon opening a project was possible.……

作者：菜鸟教程小白 | 时间：2022-6-23 08:32 | 阅读：58 | 回复：0
CVE-2022-24346

In JetBrains IntelliJ IDEA before 2021.3.1, local code execution via RLO (Right-to-Left Override) characters was possible.……

作者：菜鸟教程小白 | 时间：2022-6-23 08:32 | 阅读：44 | 回复：0
CVE-2022-24347

JetBrains YouTrack before 2021.4.36872 was vulnerable to stored XSS via a project icon.……

作者：菜鸟教程小白 | 时间：2022-6-23 08:32 | 阅读：21 | 回复：0
CVE-2021-38993

IBM AIX 7.1, 7.2, 7.3, and VIOS 3.1 could allow a non-privileged local user to exploit a vulnerability in the smbcd daemon to cause a denial of service. IBM X-Force ID: 212962.……

作者：菜鸟教程小白 | 时间：2022-6-23 08:32 | 阅读：30 | 回复：0
CVE-2021-22319

There is an improper verification vulnerability in smartphones. Successful exploitation of this vulnerability may cause integer overflows.……

作者：菜鸟教程小白 | 时间：2022-6-23 08:32 | 阅读：34 | 回复：0
CVE-2021-22394

There is a buffer overflow vulnerability in smartphones. Successful exploitation of this vulnerability may cause DoS of the apps during Multi-Screen Collaboration.……

作者：菜鸟教程小白 | 时间：2022-6-23 08:32 | 阅读：36 | 回复：0
CVE-2021-22395

There is a code injection vulnerability in smartphones. Successful exploitation of this vulnerability may affect service confidentiality.……

作者：菜鸟教程小白 | 时间：2022-6-23 08:32 | 阅读：15 | 回复：0
CVE-2021-22426

There is a memory address out of bounds in smartphones. Successful exploitation of this vulnerability may cause malicious code to be executed.……

作者：菜鸟教程小白 | 时间：2022-6-23 08:32 | 阅读：13 | 回复：0
CVE-2021-22429

There is a memory address out of bounds in smartphones. Successful exploitation of this vulnerability may cause malicious code to be executed.……

作者：菜鸟教程小白 | 时间：2022-6-23 08:32 | 阅读：13 | 回复：0
CVE-2021-22430

There is a logic bypass vulnerability in smartphones. Successful exploitation of this vulnerability may cause code injection.……

作者：菜鸟教程小白 | 时间：2022-6-23 08:32 | 阅读：16 | 回复：0
CVE-2021-22431

There is a vulnerability when configuring permission isolation in smartphones. Successful exploitation of this vulnerability may cause out-of-bounds access.……

作者：菜鸟教程小白 | 时间：2022-6-23 08:32 | 阅读：13 | 回复：0
CVE-2021-22432

There is a vulnerability when configuring permission isolation in smartphones. Successful exploitation of this vulnerability may cause out-of-bounds access.……

作者：菜鸟教程小白 | 时间：2022-6-23 08:32 | 阅读：14 | 回复：0
CVE-2021-22433

There is a memory address out of bounds in smartphones. Successful exploitation of this vulnerability may cause malicious code to be executed.……

作者：菜鸟教程小白 | 时间：2022-6-23 08:32 | 阅读：17 | 回复：0
CVE-2021-22434

There is a memory address out of bounds vulnerability in smartphones. Successful exploitation of this vulnerability may cause malicious code to be executed.……

作者：菜鸟教程小白 | 时间：2022-6-23 08:32 | 阅读：16 | 回复：0
CVE-2021-22437

There is a software integer overflow leading to a TOCTOU condition in smartphones. Successful exploitation of this vulnerability may cause random address access.……

作者：菜鸟教程小白 | 时间：2022-6-23 08:32 | 阅读：17 | 回复：0
CVE-2021-22441

Some Huawei products have an integer overflow vulnerability. Successful exploitation of this vulnerability may lead to kernel crash.……

作者：菜鸟教程小白 | 时间：2022-6-23 08:32 | 阅读：22 | 回复：0
CVE-2021-22448

There is an improper verification vulnerability in smartphones. Successful exploitation of this vulnerability may cause unauthorized read and write of some files.……

作者：菜鸟教程小白 | 时间：2022-6-23 08:32 | 阅读：22 | 回复：0
CVE-2021-22478

The interface of a certain HarmonyOS module has a UAF vulnerability. Successful exploitation of this vulnerability may lead to information leakage.……

作者：菜鸟教程小白 | 时间：2022-6-23 08:32 | 阅读：32 | 回复：0
CVE-2021-22479

The interface of a certain HarmonyOS module has an invalid address access vulnerability. Successful exploitation of this vulnerability may lead to kernel crash.……

作者：菜鸟教程小白 | 时间：2022-6-23 08:32 | 阅读：21 | 回复：0
CVE-2021-22480

The interface of a certain HarmonyOS module has an integer overflow vulnerability. Successful exploitation of this vulnerability may lead to heap memory overflow.……

作者：菜鸟教程小白 | 时间：2022-6-23 08:32 | 阅读：28 | 回复：0
CVE-2021-22489

There is a DoS vulnerability in smartphones. Successful exploitation of this vulnerability may affect service availability.……

作者：菜鸟教程小白 | 时间：2022-6-23 08:32 | 阅读：28 | 回复：0
CVE-2021-26617

This issues due to insufficient verification of the various input values from user’s input. The vulnerability allows remote attackers to execute malicious code in Firstmall via navercheckout_add func ...……

作者：菜鸟教程小白 | 时间：2022-6-23 08:32 | 阅读：26 | 回复：0
CVE-2021-37027

There is a DoS vulnerability in smartphones. Successful exploitation of this vulnerability may affect service integrity.……

作者：菜鸟教程小白 | 时间：2022-6-23 08:32 | 阅读：33 | 回复：0
CVE-2021-37103

There is an improper permission management vulnerability in the Wallet apps. Successful exploitation of this vulnerability may affect service confidentiality.……

作者：菜鸟教程小白 | 时间：2022-6-23 08:32 | 阅读：27 | 回复：0
CVE-2021-37504

A cross-site scripting (XSS) vulnerability in the fileNameStr parameter of jQuery-Upload-File v4.0.11 allows attackers to execute arbitrary web scripts or HTML via a crafted file with a Javascript pay ...……

作者：菜鸟教程小白 | 时间：2022-6-23 08:32 | 阅读：26 | 回复：0
CVE-2021-40043

The laser command injection vulnerability exists on AIS-BW80H-00 versions earlier than AIS-BW80H-00 9.0.3.4(H100SP13C00). The devices cannot effectively defend against external malicious interference. ...……

作者：菜鸟教程小白 | 时间：2022-6-23 08:32 | 阅读：18 | 回复：0
CVE-2021-40046

PCManager versions 11.1.1.95 has a privilege escalation vulnerability. Successful exploit could allow the attacker to access certain resource beyond its privilege.……

作者：菜鸟教程小白 | 时间：2022-6-23 08:32 | 阅读：20 | 回复：0
CVE-2021-42244

A cross-site scripting (XSS) vulnerability in PaquitoSoftware Notimoo v1.2 allows attackers to execute arbitrary web scripts or HTML via a crafted title or message in a notification.……

作者：菜鸟教程小白 | 时间：2022-6-23 08:32 | 阅读：20 | 回复：0
CVE-2022-0615

Use-after-free in eset_rtp kernel module used in ESET products for Linux allows potential attacker to trigger denial-of-service condition on the system.……

作者：菜鸟教程小白 | 时间：2022-6-23 08:32 | 阅读：21 | 回复：0
CVE-2022-0655

** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none.……

作者：菜鸟教程小白 | 时间：2022-6-23 08:32 | 阅读：20 | 回复：0
CVE-2022-21209

The affected product is vulnerable to an out-of-bounds read while processing project files, which allows an attacker to craft a project file that would allow arbitrary code execution.……

作者：菜鸟教程小白 | 时间：2022-6-23 08:32 | 阅读：22 | 回复：0
CVE-2022-21798

The affected product is vulnerable due to cleartext transmission of credentials seen in the CIMPLICITY network, which can be easily spoofed and used to log in to make operational changes to the system ...……

作者：菜鸟教程小白 | 时间：2022-6-23 08:32 | 阅读：23 | 回复：0
CVE-2022-23921

Exploitation of this vulnerability may result in local privilege escalation and code execution. GE maintains exploitation of this vulnerability is only possible if the attacker has login access to a m ...……

作者：菜鸟教程小白 | 时间：2022-6-23 08:32 | 阅读：21 | 回复：0
CVE-2022-23985

The affected product is vulnerable to an out-of-bounds write while processing project files, which allows an attacker to craft a project file that would allow arbitrary code execution.……

作者：菜鸟教程小白 | 时间：2022-6-23 08:32 | 阅读：20 | 回复：0
CVE-2022-25019

** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2021-38602. Reason: This candidate is a reservation duplicate of CVE-2021-38602. Notes: All CVE users should reference CVE-2021-38602 ins ...……

作者：菜鸟教程小白 | 时间：2022-6-23 08:32 | 阅读：21 | 回复：0
CVE-2022-25170

The affected product is vulnerable to a stack-based buffer overflow while processing project files, which may allow an attacker to execute arbitrary code……

作者：菜鸟教程小白 | 时间：2022-6-23 08:32 | 阅读：21 | 回复：0
CVE-2021-23495

The package karma before 6.3.16 are vulnerable to Open Redirect due to missing validation of the return_url query parameter.……

作者：菜鸟教程小白 | 时间：2022-6-23 08:32 | 阅读：24 | 回复：0
CVE-2021-42952

Zepl Notebooks before 2021-10-25 are affected by a sandbox escape vulnerability. Upon launching Remote Code Execution from the Notebook, users can then use that to subsequently escape the running cont ...……

作者：菜鸟教程小白 | 时间：2022-6-23 08:32 | 阅读：27 | 回复：0
CVE-2021-44132

A command injection vulnerability in the function formImportOMCIShell of C-DATA ONU4FERW V2.1.13_X139 allows attackers to execute arbitrary commands via a crafted file.……

作者：菜鸟教程小白 | 时间：2022-6-23 08:32 | 阅读：22 | 回复：0
CVE-2022-24442

JetBrains YouTrack before 2021.4.40426 was vulnerable to SSTI (Server-Side Template Injection) via FreeMarker templates.……

作者：菜鸟教程小白 | 时间：2022-6-23 08:32 | 阅读：24 | 回复：0