• 设为首页
  • 点击收藏
  • 手机版
    手机扫一扫访问
    迪恩网络手机版
  • 关注官方公众号
    微信扫一扫关注
    公众号
登陆 注册
OStack程序员社区-中国程序员成长平台 门户 漏洞CVE漏洞

CVE漏洞

RSS
  • CVE-2021-43522
    CVE-2021-43522
    An issue was discovered in Insyde InsydeH2O with kernel 5.1 through 2021-11-08, 5.2 through 2021-11-08, and 5.3 through 2021-11-08. A StorageSecurityCommandDxe SMM memory corruption vulnerability allo ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:26 | 阅读:103 | 回复:0
  • CVE-2022-24069
    CVE-2022-24069
    An issue was discovered in AhciBusDxe in Insyde InsydeH2O with kernel 5.0 before 05.08.41, 5.1 before 05.16.29, 5.2 before 05.26.29, 5.3 before 05.35.29, 5.4 before 05.43.29, and 5.5 before 05.51.29. ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:26 | 阅读:193 | 回复:0
  • CVE-2020-5953
    CVE-2020-5953
    A vulnerability exists in System Management Interrupt (SWSMI) handler of InsydeH2O UEFI Firmware code located in SWSMI handler that dereferences gRT (EFI_RUNTIME_SERVICES) pointer to call a GetVariabl ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:26 | 阅读:105 | 回复:0
  • CVE-2021-33625
    CVE-2021-33625
    An issue was discovered in Kernel 5.x in Insyde InsydeH2O, affecting HddPassword. Software SMI services that use the Communicate() function of the EFI_SMM_COMMUNICATION_PROTOCOL do not check whether t ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:26 | 阅读:61 | 回复:0
  • CVE-2021-33627
    CVE-2021-33627
    An issue was discovered in Insyde InsydeH2O 5.x, affecting FwBlockServiceSmm. Software SMI services that use the Communicate() function of the EFI_SMM_COMMUNICATION_PROTOCOL do not check whether the a ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:26 | 阅读:73 | 回复:0
  • CVE-2021-41837
    CVE-2021-41837
    An issue was discovered in AhciBusDxe in the kernel 5.0 through 5.5 in Insyde InsydeH2O. Because of an Untrusted Pointer Dereference that causes SMM memory corruption, an attacker may be able to write ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:26 | 阅读:48 | 回复:0
  • CVE-2021-41838
    CVE-2021-41838
    An issue was discovered in SdHostDriver in the kernel 5.0 through 5.5 in Insyde InsydeH2O. There is an SMM callout that allows an attacker to access the System Management Mode and execute arbitrary co ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:26 | 阅读:38 | 回复:0
  • CVE-2021-41839
    CVE-2021-41839
    An issue was discovered in NvmExpressDxe in the kernel 5.0 through 5.5 in Insyde InsydeH2O. Because of an Untrusted Pointer Dereference that causes SMM memory corruption, an attacker may be able to wr ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:26 | 阅读:41 | 回复:0
  • CVE-2021-41840
    CVE-2021-41840
    An issue was discovered in NvmExpressDxe in the kernel 5.0 through 5.5 in Insyde InsydeH2O. There is an SMM callout that allows an attacker to access the System Management Mode and execute arbitrary c ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:26 | 阅读:40 | 回复:0
  • CVE-2021-41841
    CVE-2021-41841
    An issue was discovered in AhciBusDxe in the kernel 5.0 through 5.5 in Insyde InsydeH2O. There is an SMM callout that allows an attacker to access the System Management Mode and execute arbitrary code ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:26 | 阅读:33 | 回复:0
  • CVE-2021-42059
    CVE-2021-42059
    An issue was discovered in Insyde InsydeH2O Kernel 5.0 before 05.08.41, Kernel 5.1 before 05.16.41, Kernel 5.2 before 05.26.41, Kernel 5.3 before 05.35.41, and Kernel 5.4 before 05.42.20. A stack-base ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:26 | 阅读:43 | 回复:0
  • CVE-2021-42060
    CVE-2021-42060
    An issue was discovered in Insyde InsydeH2O Kernel 5.0 through 05.08.41, Kernel 5.1 through 05.16.41, Kernel 5.2 before 05.23.22, and Kernel 5.3 before 05.32.22. An Int15ServiceSmm SMM callout vulnera ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:26 | 阅读:41 | 回复:0
  • CVE-2021-42113
    CVE-2021-42113
    An issue was discovered in StorageSecurityCommandDxe in Insyde InsydeH2O with Kernel 5.1 before 05.14.28, Kernel 5.2 before 05.24.28, and Kernel 5.3 before 05.32.25. An SMM callout vulnerability allow ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:26 | 阅读:52 | 回复:0
  • CVE-2021-42554
    CVE-2021-42554
    An issue was discovered in Insyde InsydeH2O with Kernel 5.0 before 05.08.42, Kernel 5.1 before 05.16.42, Kernel 5.2 before 05.26.42, Kernel 5.3 before 05.35.42, Kernel 5.4 before 05.42.51, and Kernel ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:26 | 阅读:39 | 回复:0
  • CVE-2021-43323
    CVE-2021-43323
    An issue was discovered in UsbCoreDxe in Insyde InsydeH2O with kernel 5.5 before 05.51.45, 5.4 before 05.43.45, 5.3 before 05.35.45, 5.2 before 05.26.45, 5.1 before 05.16.45, and 5.0 before 05.08.45. ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:26 | 阅读:36 | 回复:0
  • CVE-2021-43615
    CVE-2021-43615
    An issue was discovered in HddPassword in Insyde InsydeH2O with kernel 5.1 before 05.16.23, 5.2 before 05.26.23, 5.3 before 05.35.23, 5.4 before 05.43.22, and 5.5 before 05.51.22. An SMM memory corrup ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:26 | 阅读:42 | 回复:0
  • CVE-2022-22818
    CVE-2022-22818
    The {% debug %} template tag in Django 2.2 before 2.2.27, 3.2 before 3.2.12, and 4.0 before 4.0.2 does not properly encode the current context. This may lead to XSS.……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:26 | 阅读:30 | 回复:0
  • CVE-2022-23833
    CVE-2022-23833
    An issue was discovered in MultiPartParser in Django 2.2 before 2.2.27, 3.2 before 3.2.12, and 4.0 before 4.0.2. Passing certain inputs to multipart forms could result in an infinite loop when parsing ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:26 | 阅读:32 | 回复:0
  • CVE-2022-24030
    CVE-2022-24030
    An issue was discovered in AhciBusDxe in Insyde InsydeH2O with kernel 5.1 through 5.5. An SMM memory corruption vulnerability allows an attacker to write fixed or predictable data to SMRAM. Exploiting ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:26 | 阅读:38 | 回复:0
  • CVE-2022-24031
    CVE-2022-24031
    An issue was discovered in NvmExpressDxe in Insyde InsydeH2O with kernel 5.1 through 5.5. An SMM memory corruption vulnerability allows an attacker to write fixed or predictable data to SMRAM. Exploit ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:26 | 阅读:33 | 回复:0
  • CVE-2022-23357
    CVE-2022-23357
    mozilo2.0 was discovered to be vulnerable to directory traversal attacks via the parameter curent_dir.……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:26 | 阅读:40 | 回复:0
  • CVE-2022-23871
    CVE-2022-23871
    Multiple cross-site scripting (XSS) vulnerabilities in the component outcomes_addProcess.php of Gibbon CMS v22.0.01 allow attackers to execute arbitrary web scripts or HTML via a crafted payload inste ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:26 | 阅读:32 | 回复:0
  • CVE-2022-23873
    CVE-2022-23873
    Victor CMS v1.0 was discovered to contain a SQL injection vulnerability that allows attackers to inject arbitrary commands via 'user_firstname' parameter.……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:26 | 阅读:39 | 回复:0
  • CVE-2022-24121
    CVE-2022-24121
    SQL Injection vulnerability discovered in Unified Office Total Connect Now that would allow an attacker to extract sensitive information through a cookie parameter.……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:26 | 阅读:29 | 回复:0
  • CVE-2022-21726
    CVE-2022-21726
    Tensorflow is an Open Source Machine Learning Framework. The implementation of `Dequantize` does not fully validate the value of `axis` and can result in heap OOB accesses. The `axis` argument can be ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:26 | 阅读:38 | 回复:0
  • CVE-2022-21727
    CVE-2022-21727
    Tensorflow is an Open Source Machine Learning Framework. The implementation of shape inference for `Dequantize` is vulnerable to an integer overflow weakness. The `axis` argument can be `-1` (the defa ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:26 | 阅读:24 | 回复:0
  • CVE-2022-21728
    CVE-2022-21728
    Tensorflow is an Open Source Machine Learning Framework. The implementation of shape inference for `ReverseSequence` does not fully validate the value of `batch_dim` and can result in a heap OOB read. ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:26 | 阅读:32 | 回复:0
  • CVE-2022-21730
    CVE-2022-21730
    Tensorflow is an Open Source Machine Learning Framework. The implementation of `FractionalAvgPoolGrad` does not consider cases where the input tensors are invalid allowing an attacker to read from out ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:26 | 阅读:42 | 回复:0
  • CVE-2022-21731
    CVE-2022-21731
    Tensorflow is an Open Source Machine Learning Framework. The implementation of shape inference for `ConcatV2` can be used to trigger a denial of service attack via a segfault caused by a type confusio ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:26 | 阅读:34 | 回复:0
  • CVE-2022-21732
    CVE-2022-21732
    Tensorflow is an Open Source Machine Learning Framework. The implementation of `ThreadPoolHandle` can be used to trigger a denial of service attack by allocating too much memory. This is because the ` ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:26 | 阅读:36 | 回复:0
  • CVE-2022-21733
    CVE-2022-21733
    Tensorflow is an Open Source Machine Learning Framework. The implementation of `StringNGrams` can be used to trigger a denial of service attack by causing an out of memory condition after an integer o ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:26 | 阅读:36 | 回复:0
  • CVE-2022-21736
    CVE-2022-21736
    Tensorflow is an Open Source Machine Learning Framework. The implementation of `SparseTensorSliceDataset` has an undefined behavior: under certain condition it can be made to dereference a `nullptr` v ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:26 | 阅读:24 | 回复:0
  • CVE-2022-23567
    CVE-2022-23567
    Tensorflow is an Open Source Machine Learning Framework. The implementations of `Sparse*Cwise*` ops are vulnerable to integer overflows. These can be used to trigger large allocations (so, OOM based d ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:26 | 阅读:20 | 回复:0
  • CVE-2022-23568
    CVE-2022-23568
    Tensorflow is an Open Source Machine Learning Framework. The implementation of `AddManySparseToTensorsMap` is vulnerable to an integer overflow which results in a `CHECK`-fail when building new `Tenso ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:26 | 阅读:16 | 回复:0
  • CVE-2022-21725
    CVE-2022-21725
    Tensorflow is an Open Source Machine Learning Framework. The estimator for the cost of some convolution operations can be made to execute a division by 0. The function fails to check that the stride a ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:26 | 阅读:19 | 回复:0
  • CVE-2022-21729
    CVE-2022-21729
    Tensorflow is an Open Source Machine Learning Framework. The implementation of `UnravelIndex` is vulnerable to a division by zero caused by an integer overflow bug. The fix will be included in TensorF ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:26 | 阅读:18 | 回复:0
  • CVE-2022-21734
    CVE-2022-21734
    Tensorflow is an Open Source Machine Learning Framework. The implementation of `MapStage` is vulnerable a `CHECK`-fail if the key tensor is not a scalar. The fix will be included in TensorFlow 2.8.0. ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:26 | 阅读:18 | 回复:0
  • CVE-2022-21735
    CVE-2022-21735
    Tensorflow is an Open Source Machine Learning Framework. The implementation of `FractionalMaxPool` can be made to crash a TensorFlow process via a division by 0. The fix will be included in TensorFlow ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:26 | 阅读:19 | 回复:0
  • CVE-2022-23569
    CVE-2022-23569
    Tensorflow is an Open Source Machine Learning Framework. Multiple operations in TensorFlow can be used to trigger a denial of service via `CHECK`-fails (i.e., assertion failures). This is similar to T ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:26 | 阅读:18 | 回复:0
  • CVE-2021-44866
    CVE-2021-44866
    An issue was discovered in Online-Movie-Ticket-Booking-System 1.0. The file about.php does not perform input validation on the 'id' paramter. An attacker can append SQL queries to the input to ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 08:26 | 阅读:17 | 回复:0

关注我们

极客给你想要的成长

关注极客中国获取最新资讯

加入Q群 官方微博
热门推荐
More+
专题导读
More+
热门话题
More+
阅读排行榜

扫描微信二维码

查看手机版网站

随时了解更新最新资讯

139-2527-9053

在线客服(服务时间 9:00~18:00)

在线QQ客服
地址:深圳市南山区西丽大学城创智工业园
电邮:jeky_zhao#qq.com
移动电话:139-2527-9053

Powered by 互联科技 X3.4© 2001-2213 极客世界.|Sitemap