CVE漏洞

OStack程序员社区-中国程序员成长平台 › 门户 › 漏洞›CVE漏洞

RSS

CVE-2021-45778

** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none.……

作者：菜鸟教程小白 | 时间：2022-6-22 22:05 | 阅读：10 | 回复：0
CVE-2021-45779

** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none.……

作者：菜鸟教程小白 | 时间：2022-6-22 22:05 | 阅读：10 | 回复：0
CVE-2021-45780

** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none.……

作者：菜鸟教程小白 | 时间：2022-6-22 22:05 | 阅读：7 | 回复：0
CVE-2021-45781

** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none.……

作者：菜鸟教程小白 | 时间：2022-6-22 22:05 | 阅读：6 | 回复：0
CVE-2021-45782

** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none.……

作者：菜鸟教程小白 | 时间：2022-6-22 22:05 | 阅读：6 | 回复：0
CVE-2021-46019

An untrusted pointer dereference in rec_db_destroy() at rec-db.c of GNU Recutils v1.8.90 can lead to a segmentation fault or application crash.……

作者：菜鸟教程小白 | 时间：2022-6-22 22:05 | 阅读：6 | 回复：0
CVE-2021-46020

An untrusted pointer dereference in mrb_vm_exec() of mruby v3.0.0 can lead to a segmentation fault or application crash.……

作者：菜鸟教程小白 | 时间：2022-6-22 22:05 | 阅读：6 | 回复：0
CVE-2021-46021

An Use-After-Free vulnerability in rec_record_destroy() at rec-record.c of GNU Recutils v1.8.90 can lead to a segmentation fault or application crash.……

作者：菜鸟教程小白 | 时间：2022-6-22 22:05 | 阅读：6 | 回复：0
CVE-2021-46022

An Use-After-Free vulnerability in rec_mset_elem_destroy() at rec-mset.c of GNU Recutils v1.8.90 can lead to a segmentation fault or application crash.……

作者：菜鸟教程小白 | 时间：2022-6-22 22:05 | 阅读：6 | 回复：0
CVE-2021-46195

GCC v12.0 was discovered to contain an uncontrolled recursion via the component libiberty/rust-demangle.c. This vulnerability allows attackers to cause a Denial of Service (DoS) by consuming excessive ...……

作者：菜鸟教程小白 | 时间：2022-6-22 22:05 | 阅读：6 | 回复：0
CVE-2022-0130

Tenable.sc versions 5.14.0 through 5.19.1 were found to contain a remote code execution vulnerability which could allow a remote, unauthenticated attacker to execute code under special circumstances. ...……

作者：菜鸟教程小白 | 时间：2022-6-22 22:05 | 阅读：6 | 回复：0
CVE-2022-21137

Omron CX-One Versions 4.60 and prior are vulnerable to a stack-based buffer overflow while processing specific project files, which may allow an attacker to execute arbitrary code.……

作者：菜鸟教程小白 | 时间：2022-6-22 22:05 | 阅读：6 | 回复：0
CVE-2022-22290

Incorrect download source UI in Downloads in Samsung Internet prior to 16.0.6.23 allows attackers to perform domain spoofing via a crafted HTML page.……

作者：菜鸟教程小白 | 时间：2022-6-22 22:05 | 阅读：6 | 回复：0
CVE-2022-22529

SAP Enterprise Threat Detection (ETD) - version 2.0, does not sufficiently encode user-controlled inputs which may lead to an unauthorized attacker possibly exploit XSS vulnerability. The UIs in ETD a ...……

作者：菜鸟教程小白 | 时间：2022-6-22 22:05 | 阅读：6 | 回复：0
CVE-2022-22530

The F0743 Create Single Payment application of SAP S/4HANA - versions 100, 101, 102, 103, 104, 105, 106, does not check uploaded or downloaded files. This allows an attacker with basic user rights to ...……

作者：菜鸟教程小白 | 时间：2022-6-22 22:05 | 阅读：6 | 回复：0
CVE-2022-22531

The F0743 Create Single Payment application of SAP S/4HANA - versions 100, 101, 102, 103, 104, 105, 106, does not check uploaded or downloaded files. This allows an attacker with basic user rights to ...……

作者：菜鸟教程小白 | 时间：2022-6-22 22:05 | 阅读：6 | 回复：0
CVE-2021-46168

Spin v6.5.1 was discovered to contain an out-of-bounds write in lex() at spinlex.c.……

作者：菜鸟教程小白 | 时间：2022-6-22 22:05 | 阅读：6 | 回复：0
CVE-2021-46169

Modex v2.11 was discovered to contain an Use-After-Free vulnerability via the component tcache.……

作者：菜鸟教程小白 | 时间：2022-6-22 22:05 | 阅读：6 | 回复：0
CVE-2021-46170

An issue was discovered in JerryScript commit a6ab5e9. There is an Use-After-Free in lexer_compare_identifier_to_string in js-lexer.c file.……

作者：菜鸟教程小白 | 时间：2022-6-22 22:05 | 阅读：6 | 回复：0
CVE-2021-46171

Modex v2.11 was discovered to contain a NULL pointer dereference in set_create_id() at xtract.c.……

作者：菜鸟教程小白 | 时间：2022-6-22 22:05 | 阅读：6 | 回复：0
CVE-2021-24044

By passing invalid javascript code where await and yield were called upon non-async and non-generator getter/setter functions, Hermes would invoke generator functions and error out on invalid await/yi ...……

作者：菜鸟教程小白 | 时间：2022-6-22 22:05 | 阅读：6 | 回复：0
CVE-2022-23094

Libreswan 4.2 through 4.5 allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a crafted IKEv1 packet because pluto/ikev1.c wrongly expects that a state ...……

作者：菜鸟教程小白 | 时间：2022-6-22 22:05 | 阅读：6 | 回复：0
CVE-2021-33963

China Mobile An Lianbao WF-1 v1.0.1 router web interface through /api/ZRMacClone/mac_addr_clone receives parameters by POST request, and the parameter macType has a command injection vulnerability. An ...……

作者：菜鸟教程小白 | 时间：2022-6-22 22:05 | 阅读：6 | 回复：0
CVE-2021-44049

CyberArk Endpoint Privilege Manager (EPM) through 11.5.3.328 before 2021-12-20 allows a local user to gain elevated privileges via a Trojan horse Procmon64.exe in the user's Temp directory.……

作者：菜鸟教程小白 | 时间：2022-6-22 22:05 | 阅读：6 | 回复：0
CVE-2022-23095

Open Design Alliance Drawings SDK before 2022.12.1 mishandles the loading of JPG files. Unchecked input data from a crafted JPG file leads to memory corruption. An attacker can leverage this vulnerabi ...……

作者：菜鸟教程小白 | 时间：2022-6-22 22:05 | 阅读：6 | 回复：0
CVE-2022-23178

An issue was discovered on Crestron HD-MD4X2-4K-E 1.0.0.2159 devices. When the administrative web interface of the HDMI switcher is accessed unauthenticated, user credentials are disclosed that are va ...……

作者：菜鸟教程小白 | 时间：2022-6-22 22:05 | 阅读：6 | 回复：0
CVE-2020-28919

A stored cross site scripting (XSS) vulnerability in Checkmk 1.6.0x prior to 1.6.0p19 allows an authenticated remote attacker to inject arbitrary JavaScript via a javascript: URL in a view title.……

作者：菜鸟教程小白 | 时间：2022-6-22 22:05 | 阅读：6 | 回复：0
CVE-2021-32545

Pexip Infinity before 26 allows remote denial of service because of missing RTMP input validation.……

作者：菜鸟教程小白 | 时间：2022-6-22 22:05 | 阅读：6 | 回复：0
CVE-2021-33498

Pexip Infinity before 26 allows remote denial of service because of missing H.264 input validation (issue 1 of 2).……

作者：菜鸟教程小白 | 时间：2022-6-22 22:05 | 阅读：6 | 回复：0
CVE-2021-33499

Pexip Infinity before 26 allows remote denial of service because of missing H.264 input validation (issue 2 of 2).……

作者：菜鸟教程小白 | 时间：2022-6-22 22:05 | 阅读：6 | 回复：0
CVE-2021-35969

Pexip Infinity before 26 allows temporary remote Denial of Service (abort) because of missing call-setup input validation.……

作者：菜鸟教程小白 | 时间：2022-6-22 22:05 | 阅读：6 | 回复：0
CVE-2021-42555

Pexip Infinity before 26.2 allows temporary remote Denial of Service (abort) because of missing call-setup input validation.……

作者：菜鸟教程小白 | 时间：2022-6-22 22:05 | 阅读：7 | 回复：0
CVE-2021-34945

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley View 10.15.0.75. User interaction is required to exploit this vulnerability in that the target ...……

作者：菜鸟教程小白 | 时间：2022-6-22 22:04 | 阅读：32 | 回复：0
CVE-2021-34946

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley View 10.15.0.75. User interaction is required to exploit this vulnerability in that the target ...……

作者：菜鸟教程小白 | 时间：2022-6-22 22:04 | 阅读：26 | 回复：0
CVE-2021-34977

This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of NETGEAR R7000 1.0.11.116_10.2.100 routers. Authentication is not required to exploit this vul ...……

作者：菜鸟教程小白 | 时间：2022-6-22 22:04 | 阅读：29 | 回复：0
CVE-2021-34978

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR R6260 1.1.0.78_1.0.1 routers. Authentication is not required to exploit this vulnera ...……

作者：菜鸟教程小白 | 时间：2022-6-22 22:04 | 阅读：32 | 回复：0
CVE-2021-34979

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR R6260 1.1.0.78_1.0.1 routers. Authentication is not required to exploit this vulnera ...……

作者：菜鸟教程小白 | 时间：2022-6-22 22:04 | 阅读：37 | 回复：0
CVE-2021-34980

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR R6260 1.1.0.78_1.0.1 routers. Authentication is not required to exploit this vulnera ...……

作者：菜鸟教程小白 | 时间：2022-6-22 22:04 | 阅读：35 | 回复：0
CVE-2021-34984

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Bentley ContextCapture 10.18.0.232. User interaction is required to exploit this vulnerability ...……

作者：菜鸟教程小白 | 时间：2022-6-22 22:04 | 阅读：40 | 回复：0
CVE-2021-34985

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Bentley ContextCapture 10.18.0.232. User interaction is required to exploit this vulnerability ...……

作者：菜鸟教程小白 | 时间：2022-6-22 22:04 | 阅读：39 | 回复：0