• 设为首页
  • 点击收藏
  • 手机版
    手机扫一扫访问
    迪恩网络手机版
  • 关注官方公众号
    微信扫一扫关注
    公众号

CVE漏洞

RSS
  • CVE-2021-40562
    CVE-2021-40562
    A Segmentation fault caused by a floating point exception exists in Gpac through 1.0.1 using mp4box via the naludmx_enqueue_or_dispatch function in reframe_nalu.c, which causes a denial of service.……
    作者:菜鸟教程小白 | 时间:2022-6-22 22:02 | 阅读:12 | 回复:0
  • CVE-2021-40563
    CVE-2021-40563
    A Segmentation fault exists casued by null pointer dereference exists in Gpac through 1.0.1 via the naludmx_create_avc_decoder_config function in reframe_nalu.c when using mp4box, which causes a denia ...……
    作者:菜鸟教程小白 | 时间:2022-6-22 22:02 | 阅读:12 | 回复:0
  • CVE-2021-40564
    CVE-2021-40564
    A Segmentation fault caused by null pointer dereference vulnerability eists in Gpac through 1.0.2 via the avc_parse_slice function in av_parsers.c when using mp4box, which causes a denial of service.……
    作者:菜鸟教程小白 | 时间:2022-6-22 22:02 | 阅读:10 | 回复:0
  • CVE-2021-40565
    CVE-2021-40565
    A Segmentation fault caused by a null pointer dereference vulnerability exists in Gpac through 1.0.1 via the gf_avc_parse_nalu function in av_parsers.c when using mp4box, which causes a denial of serv ...……
    作者:菜鸟教程小白 | 时间:2022-6-22 22:02 | 阅读:10 | 回复:0
  • CVE-2021-40566
    CVE-2021-40566
    A Segmentation fault casued by heap use after free vulnerability exists in Gpac through 1.0.1 via the mpgviddmx_process function in reframe_mpgvid.c when using mp4box, which causes a denial of service ...……
    作者:菜鸟教程小白 | 时间:2022-6-22 22:02 | 阅读:10 | 回复:0
  • CVE-2021-43860
    CVE-2021-43860
    Flatpak is a Linux application sandboxing and distribution framework. Prior to versions 1.12.3 and 1.10.6, Flatpak doesn't properly validate that the permissions displayed to the user for an app a ...……
    作者:菜鸟教程小白 | 时间:2022-6-22 22:02 | 阅读:10 | 回复:0
  • CVE-2022-0196
    CVE-2022-0196
    phoronix-test-suite is vulnerable to Cross-Site Request Forgery (CSRF)……
    作者:菜鸟教程小白 | 时间:2022-6-22 22:02 | 阅读:8 | 回复:0
  • CVE-2022-0197
    CVE-2022-0197
    phoronix-test-suite is vulnerable to Cross-Site Request Forgery (CSRF)……
    作者:菜鸟教程小白 | 时间:2022-6-22 22:02 | 阅读:9 | 回复:0
  • CVE-2022-0198
    CVE-2022-0198
    corenlp is vulnerable to Improper Restriction of XML External Entity Reference……
    作者:菜鸟教程小白 | 时间:2022-6-22 22:02 | 阅读:9 | 回复:0
  • CVE-2022-22112
    CVE-2022-22112
    In DayByDay CRM, versions 1.1 through 2.2.1 (latest) suffer from an application-wide Client-Side Template Injection (CSTI). A low privileged attacker can input template injection payloads in the appli ...……
    作者:菜鸟教程小白 | 时间:2022-6-22 22:02 | 阅读:8 | 回复:0
  • CVE-2022-22113
    CVE-2022-22113
    In DayByDay CRM, versions 2.2.0 through 2.2.1 (latest) are vulnerable to Insufficient Session Expiration. When a password has been changed by the user or by an administrator, a user that was already l ...……
    作者:菜鸟教程小白 | 时间:2022-6-22 22:02 | 阅读:8 | 回复:0
  • CVE-2021-30285
    CVE-2021-30285
    Improper validation of memory region in Hypervisor can lead to incorrect region mapping in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial ...……
    作者:菜鸟教程小白 | 时间:2022-6-22 22:02 | 阅读:8 | 回复:0
  • CVE-2021-30287
    CVE-2021-30287
    Possible assertion due to improper validation of symbols configured for PDCCH monitoring in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile……
    作者:菜鸟教程小白 | 时间:2022-6-22 22:02 | 阅读:8 | 回复:0
  • CVE-2021-30300
    CVE-2021-30300
    Possible denial of service due to incorrectly decoding hex data for the SIB2 OTA message and assigning a garbage value to choice when processing the SRS configuration in Snapdragon Auto, Snapdragon Co ...……
    作者:菜鸟教程小白 | 时间:2022-6-22 22:02 | 阅读:8 | 回复:0
  • CVE-2021-30301
    CVE-2021-30301
    Possible denial of service due to out of memory while processing RRC and NAS OTA message in Snapdragon Auto, Snapdragon Industrial IOT, Snapdragon Mobile……
    作者:菜鸟教程小白 | 时间:2022-6-22 22:02 | 阅读:8 | 回复:0
  • CVE-2021-30307
    CVE-2021-30307
    Possible denial of service due to improper validation of DNS response when DNS client requests with PTR, NAPTR or SRV query type in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdr ...……
    作者:菜鸟教程小白 | 时间:2022-6-22 22:02 | 阅读:8 | 回复:0
  • CVE-2021-30308
    CVE-2021-30308
    Possible buffer overflow while printing the HARQ memory partition detail due to improper validation of buffer size in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer ...……
    作者:菜鸟教程小白 | 时间:2022-6-22 22:02 | 阅读:8 | 回复:0
  • CVE-2021-30311
    CVE-2021-30311
    Possible heap overflow due to lack of index validation before allocating and writing to heap buffer in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdrag ...……
    作者:菜鸟教程小白 | 时间:2022-6-22 22:02 | 阅读:8 | 回复:0
  • CVE-2021-30313
    CVE-2021-30313
    Use after free condition can occur in wired connectivity due to a race condition while creating and deleting folders in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consume ...……
    作者:菜鸟教程小白 | 时间:2022-6-22 22:02 | 阅读:8 | 回复:0
  • CVE-2021-30314
    CVE-2021-30314
    Lack of validation for third party application accessing the service can lead to information disclosure in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdr ...……
    作者:菜鸟教程小白 | 时间:2022-6-22 22:02 | 阅读:8 | 回复:0
  • CVE-2021-30319
    CVE-2021-30319
    Possible integer overflow due to improper validation of command length parameters while processing WMI command in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Elec ...……
    作者:菜鸟教程小白 | 时间:2022-6-22 22:02 | 阅读:9 | 回复:0
  • CVE-2021-30330
    CVE-2021-30330
    Possible null pointer dereference due to improper validation of APE clip in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon ...……
    作者:菜鸟教程小白 | 时间:2022-6-22 22:02 | 阅读:10 | 回复:0
  • CVE-2021-30353
    CVE-2021-30353
    Improper validation of function pointer type with actual function signature can lead to assertion in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon I ...……
    作者:菜鸟教程小白 | 时间:2022-6-22 22:02 | 阅读:9 | 回复:0
  • CVE-2021-23514
    CVE-2021-23514
    This affects the package Crow before 0.3+4. It is possible to traverse directories to fetch arbitrary files from the server.……
    作者:菜鸟教程小白 | 时间:2022-6-22 22:02 | 阅读:8 | 回复:0
  • CVE-2021-45806
    CVE-2021-45806
    jpress v4.2.0 admin panel provides a function through which attackers can modify the template and inject some malicious code.……
    作者:菜鸟教程小白 | 时间:2022-6-22 22:02 | 阅读:9 | 回复:0
  • CVE-2021-40327
    CVE-2021-40327
    Trusted Firmware-M (TF-M) 1.4.0, when Profile Small is used, has incorrect access control. NSPE can access a secure key (held by the Crypto service) based solely on knowledge of its key ID. For exampl ...……
    作者:菜鸟教程小白 | 时间:2022-6-22 22:02 | 阅读:8 | 回复:0
  • CVE-2022-0157
    CVE-2022-0157
    phoronix-test-suite is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')……
    作者:菜鸟教程小白 | 时间:2022-6-22 22:01 | 阅读:18 | 回复:0
  • CVE-2022-0158
    CVE-2022-0158
    vim is vulnerable to Heap-based Buffer Overflow……
    作者:菜鸟教程小白 | 时间:2022-6-22 22:01 | 阅读:14 | 回复:0
  • CVE-2022-22114
    CVE-2022-22114
    In Teedy, versions v1.5 through v1.9 are vulnerable to Reflected Cross-Site Scripting (XSS). The “search term search functionality is not sufficiently sanitized while displaying the results of the se ...……
    作者:菜鸟教程小白 | 时间:2022-6-22 22:01 | 阅读:14 | 回复:0
  • CVE-2022-22115
    CVE-2022-22115
    In Teedy, versions v1.5 through v1.9 are vulnerable to Stored Cross-Site Scripting (XSS) in the name of a created Tag. Since the Tag name is not being sanitized properly in the edit tag page, a low pr ...……
    作者:菜鸟教程小白 | 时间:2022-6-22 22:01 | 阅读:16 | 回复:0
  • CVE-2022-22116
    CVE-2022-22116
    In Directus, versions 9.0.0-alpha.4 through 9.4.1 are vulnerable to stored Cross-Site Scripting (XSS) vulnerability via SVG file upload in media upload functionality. A low privileged attacker can inj ...……
    作者:菜鸟教程小白 | 时间:2022-6-22 22:01 | 阅读:17 | 回复:0
  • CVE-2022-22117
    CVE-2022-22117
    In Directus, versions 9.0.0-alpha.4 through 9.4.1 allow unrestricted file upload of .html files in the media upload functionality, which leads to Cross-Site Scripting vulnerability. A low privileged a ...……
    作者:菜鸟教程小白 | 时间:2022-6-22 22:01 | 阅读:17 | 回复:0
  • CVE-2022-22120
    CVE-2022-22120
    In NocoDB, versions 0.9 to 0.83.8 are vulnerable to Observable Discrepancy in the password-reset feature. When requesting a password reset for a given email address, the application displays an error ...……
    作者:菜鸟教程小白 | 时间:2022-6-22 22:01 | 阅读:15 | 回复:0
  • CVE-2022-22121
    CVE-2022-22121
    In NocoDB, versions 0.81.0 through 0.83.8 are affected by CSV Injection vulnerability (Formula Injection). A low privileged attacker can create a new table to inject payloads in the table rows. When a ...……
    作者:菜鸟教程小白 | 时间:2022-6-22 22:01 | 阅读:17 | 回复:0
  • CVE-2020-28679
    CVE-2020-28679
    A vulnerability in the showReports module of Zoho ManageEngine Applications Manager before build 14550 allows authenticated attackers to execute a SQL injection via a crafted request.……
    作者:菜鸟教程小白 | 时间:2022-6-22 22:01 | 阅读:16 | 回复:0
  • CVE-2022-0174
    CVE-2022-0174
    dolibarr is vulnerable to Business Logic Errors……
    作者:菜鸟教程小白 | 时间:2022-6-22 22:01 | 阅读:19 | 回复:0
  • CVE-2021-21408
    CVE-2021-21408
    Smarty is a template engine for PHP, facilitating the separation of presentation (HTML/CSS) from application logic. Prior to versions 3.1.43 and 4.0.3, template authors could run restricted static php ...……
    作者:菜鸟教程小白 | 时间:2022-6-22 22:01 | 阅读:21 | 回复:0
  • CVE-2021-29454
    CVE-2021-29454
    Smarty is a template engine for PHP, facilitating the separation of presentation (HTML/CSS) from application logic. Prior to versions 3.1.42 and 4.0.2, template authors could run arbitrary PHP code by ...……
    作者:菜鸟教程小白 | 时间:2022-6-22 22:01 | 阅读:24 | 回复:0
  • CVE-2022-0155
    CVE-2022-0155
    follow-redirects is vulnerable to Exposure of Private Personal Information to an Unauthorized Actor……
    作者:菜鸟教程小白 | 时间:2022-6-22 22:01 | 阅读:22 | 回复:0
  • CVE-2022-21666
    CVE-2022-21666
    Useful Simple Open-Source CMS (USOC) is a content management system (CMS) for programmers. Versions prior to Pb2.4Bfx3 allowed Sql injection in usersearch.php only for users with administrative privil ...……
    作者:菜鸟教程小白 | 时间:2022-6-22 22:01 | 阅读:24 | 回复:0

关注我们

极客给你想要的成长

关注极客中国获取最新资讯

热门推荐
专题导读
阅读排行榜

扫描微信二维码

查看手机版网站

随时了解更新最新资讯

139-2527-9053

在线客服(服务时间 9:00~18:00)

在线QQ客服
地址:深圳市南山区西丽大学城创智工业园
电邮:jeky_zhao#qq.com
移动电话:139-2527-9053

Powered by 互联科技 X3.4© 2001-2213 极客世界.|Sitemap