• 设为首页
  • 点击收藏
  • 手机版
    手机扫一扫访问
    迪恩网络手机版
  • 关注官方公众号
    微信扫一扫关注
    公众号

CVE漏洞

RSS
  • CVE-2020-10137
    CVE-2020-10137
    Z-Wave devices based on Silicon Labs 700 series chipsets using S2 do not adequately authenticate or encrypt FIND_NODE_IN_RANGE frames, allowing a remote, unauthenticated attacker to inject a FIND_NODE ...……
    作者:菜鸟教程小白 | 时间:2022-6-22 21:59 | 阅读:10 | 回复:0
  • CVE-2020-29050
    CVE-2020-29050
    SphinxSearch in Sphinx Technologies Sphinx through 3.1.1 allows directory traversal (in conjunction with CVE-2019-14511) because the mysql client can be used for CALL SNIPPETS and load_file operations ...……
    作者:菜鸟教程小白 | 时间:2022-6-22 21:59 | 阅读:11 | 回复:0
  • CVE-2020-9057
    CVE-2020-9057
    Z-Wave devices based on Silicon Labs 100, 200, and 300 series chipsets do not support encryption, allowing an attacker within radio range to take control of or cause a denial of service to a vulnerabl ...……
    作者:菜鸟教程小白 | 时间:2022-6-22 21:59 | 阅读:11 | 回复:0
  • CVE-2020-9058
    CVE-2020-9058
    Z-Wave devices based on Silicon Labs 500 series chipsets using CRC-16 encapsulation, including but likely not limited to the Linear LB60Z-1 version 3.5, Dome DM501 version 4.26, and Jasco ZW4201 versi ...……
    作者:菜鸟教程小白 | 时间:2022-6-22 21:59 | 阅读:10 | 回复:0
  • CVE-2020-9059
    CVE-2020-9059
    Z-Wave devices based on Silicon Labs 500 series chipsets using S0 authentication are susceptible to uncontrolled resource consumption leading to battery exhaustion. As an example, the Schlage BE468 ve ...……
    作者:菜鸟教程小白 | 时间:2022-6-22 21:59 | 阅读:9 | 回复:0
  • CVE-2020-9060
    CVE-2020-9060
    Z-Wave devices based on Silicon Labs 500 series chipsets using S2, including but likely not limited to the ZooZ ZST10 version 6.04, ZooZ ZEN20 version 5.03, ZooZ ZEN25 version 5.03, Aeon Labs ZW090-A ...……
    作者:菜鸟教程小白 | 时间:2022-6-22 21:59 | 阅读:9 | 回复:0
  • CVE-2020-9061
    CVE-2020-9061
    Z-Wave devices using Silicon Labs 500 and 700 series chipsets, including but not likely limited to the SiLabs UZB-7 version 7.00, ZooZ ZST10 version 6.04, Aeon Labs ZW090-A version 3.95, and Samsung S ...……
    作者:菜鸟教程小白 | 时间:2022-6-22 21:59 | 阅读:10 | 回复:0
  • CVE-2021-20046
    CVE-2021-20046
    A Stack-based buffer overflow in the SonicOS HTTP Content-Length response header allows a remote authenticated attacker to cause Denial of Service (DoS) and potentially results in code execution in th ...……
    作者:菜鸟教程小白 | 时间:2022-6-22 21:59 | 阅读:9 | 回复:0
  • CVE-2021-20048
    CVE-2021-20048
    A Stack-based buffer overflow in the SonicOS SessionID HTTP response header allows a remote authenticated attacker to cause Denial of Service (DoS) and potentially results in code execution in the fir ...……
    作者:菜鸟教程小白 | 时间:2022-6-22 21:59 | 阅读:7 | 回复:0
  • CVE-2021-22060
    CVE-2021-22060
    In Spring Framework versions 5.3.0 - 5.3.13, 5.2.0 - 5.2.18, and older unsupported versions, it is possible for a user to provide malicious input to cause the insertion of additional log entries. This ...……
    作者:菜鸟教程小白 | 时间:2022-6-22 21:59 | 阅读:7 | 回复:0
  • CVE-2021-22569
    CVE-2021-22569
    An issue in protobuf-java allowed the interleaving of com.google.protobuf.UnknownFieldSet fields in such a way that would be processed out of order. A small malicious payload can occupy the parser for ...……
    作者:菜鸟教程小白 | 时间:2022-6-22 21:59 | 阅读:7 | 回复:0
  • CVE-2021-23173
    CVE-2021-23173
    The affected product is vulnerable to an improper access control, which may allow an authenticated user to gain unauthorized access to sensitive data.……
    作者:菜鸟教程小白 | 时间:2022-6-22 21:59 | 阅读:10 | 回复:0
  • CVE-2021-23543
    CVE-2021-23543
    All versions of package realms-shim are vulnerable to Sandbox Bypass via a Prototype Pollution attack vector.……
    作者:菜鸟教程小白 | 时间:2022-6-22 21:59 | 阅读:10 | 回复:0
  • CVE-2021-23568
    CVE-2021-23568
    The package extend2 before 1.0.1 are vulnerable to Prototype Pollution via the extend function due to unsafe recursive merge.……
    作者:菜鸟教程小白 | 时间:2022-6-22 21:59 | 阅读:10 | 回复:0
  • CVE-2021-23594
    CVE-2021-23594
    All versions of package realms-shim are vulnerable to Sandbox Bypass via a Prototype Pollution attack vector.……
    作者:菜鸟教程小白 | 时间:2022-6-22 21:59 | 阅读:11 | 回复:0
  • CVE-2021-30278
    CVE-2021-30278
    Improper input validation in TrustZone memory transfer interface can lead to information disclosure in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon ...……
    作者:菜鸟教程小白 | 时间:2022-6-22 21:58 | 阅读:6 | 回复:0
  • CVE-2021-30279
    CVE-2021-30279
    Possible access control violation while setting current permission for VMIDs due to improper permission masking in Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Indu ...……
    作者:菜鸟教程小白 | 时间:2022-6-22 21:58 | 阅读:9 | 回复:0
  • CVE-2021-30282
    CVE-2021-30282
    Possible out of bound write in RAM partition table due to improper validation on number of partitions provided in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, ...……
    作者:菜鸟教程小白 | 时间:2022-6-22 21:58 | 阅读:6 | 回复:0
  • CVE-2021-30283
    CVE-2021-30283
    Possible denial of service due to improper handling of debug register trap from user applications in Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile……
    作者:菜鸟教程小白 | 时间:2022-6-22 21:58 | 阅读:5 | 回复:0
  • CVE-2021-30289
    CVE-2021-30289
    Possible buffer overflow due to lack of range check while processing a DIAG command for COEX management in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snap ...……
    作者:菜鸟教程小白 | 时间:2022-6-22 21:58 | 阅读:5 | 回复:0
  • CVE-2021-30293
    CVE-2021-30293
    Possible assertion due to lack of input validation in PUSCH configuration in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT……
    作者:菜鸟教程小白 | 时间:2022-6-22 21:58 | 阅读:5 | 回复:0
  • CVE-2021-30298
    CVE-2021-30298
    Possible out of bound access due to improper validation of item size and DIAG memory pools data while switching between USB and PCIE interface in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon I ...……
    作者:菜鸟教程小白 | 时间:2022-6-22 21:58 | 阅读:5 | 回复:0
  • CVE-2021-30303
    CVE-2021-30303
    Possible buffer overflow due to lack of buffer length check when segmented WMI command is received in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Conn ...……
    作者:菜鸟教程小白 | 时间:2022-6-22 21:58 | 阅读:5 | 回复:0
  • CVE-2021-30335
    CVE-2021-30335
    Possible assertion in QOS request due to improper validation when multiple add or update request are received simultaneously in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon ...……
    作者:菜鸟教程小白 | 时间:2022-6-22 21:58 | 阅读:5 | 回复:0
  • CVE-2021-30336
    CVE-2021-30336
    Possible out of bound read due to lack of domain input validation while processing APK close session request in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, ...……
    作者:菜鸟教程小白 | 时间:2022-6-22 21:58 | 阅读:5 | 回复:0
  • CVE-2021-30337
    CVE-2021-30337
    Possible use after free when process shell memory is freed using IOCTL call and process initialization is in progress in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consum ...……
    作者:菜鸟教程小白 | 时间:2022-6-22 21:58 | 阅读:5 | 回复:0
  • CVE-2021-30348
    CVE-2021-30348
    Improper validation of LLM utility timers availability can lead to denial of service in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snap ...……
    作者:菜鸟教程小白 | 时间:2022-6-22 21:58 | 阅读:5 | 回复:0
  • CVE-2021-30351
    CVE-2021-30351
    An out of bound memory access can occur due to improper validation of number of frames being passed during music playback in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Co ...……
    作者:菜鸟教程小白 | 时间:2022-6-22 21:58 | 阅读:5 | 回复:0
  • CVE-2021-35093
    CVE-2021-35093
    Possible memory corruption in BT controller when it receives an oversized LMP packet over 2-DH1 link and leads to denial of service in BlueCore……
    作者:菜鸟教程小白 | 时间:2022-6-22 21:58 | 阅读:5 | 回复:0
  • CVE-2021-44158
    CVE-2021-44158
    ASUS RT-AX56U Wi-Fi Router is vulnerable to stack-based buffer overflow due to improper validation for httpd parameter length. An authenticated local area network attacker can launch arbitrary code ex ...……
    作者:菜鸟教程小白 | 时间:2022-6-22 21:58 | 阅读:5 | 回复:0
  • CVE-2021-45916
    CVE-2021-45916
    The programming function of Shockwall system has an improper input validation vulnerability. An authenticated attacker within the local area network can send malicious response to the server to disrup ...……
    作者:菜鸟教程小白 | 时间:2022-6-22 21:58 | 阅读:5 | 回复:0
  • CVE-2021-45917
    CVE-2021-45917
    The server-request receiver function of Shockwall system has an improper authentication vulnerability. An authenticated attacker of an agent computer within the local area network can use the local re ...……
    作者:菜鸟教程小白 | 时间:2022-6-22 21:58 | 阅读:5 | 回复:0
  • CVE-2021-24680
    CVE-2021-24680
    The WP Travel Engine WordPress plugin before 5.3.1 does not escape the Description field in the Trip Destination/Activities/Trip Type and Pricing Category pages, allowing users with a role as low as e ...……
    作者:菜鸟教程小白 | 时间:2022-6-22 21:58 | 阅读:5 | 回复:0
  • CVE-2021-24786
    CVE-2021-24786
    The Download Monitor WordPress plugin before 4.4.5 does not properly validate and escape the orderby GET parameter before using it in a SQL statement when viewing the logs, leading to an SQL Injection ...……
    作者:菜鸟教程小白 | 时间:2022-6-22 21:58 | 阅读:5 | 回复:0
  • CVE-2021-24828
    CVE-2021-24828
    The Mortgage Calculator / Loan Calculator WordPress plugin before 1.5.17 does not escape the some of the attributes of its mlcalc shortcode before outputting them, which could allow users with a role ...……
    作者:菜鸟教程小白 | 时间:2022-6-22 21:58 | 阅读:5 | 回复:0
  • CVE-2021-24831
    CVE-2021-24831
    All AJAX actions of the Tab WordPress plugin before 1.3.2 are available to both unauthenticated and authenticated users, allowing unauthenticated attackers to modify various data in the plugin, such a ...……
    作者:菜鸟教程小白 | 时间:2022-6-22 21:58 | 阅读:5 | 回复:0
  • CVE-2021-24893
    CVE-2021-24893
    The Stars Rating WordPress plugin before 3.5.1 does not validate the submitted rating, allowing submission of long integer, causing a Denial of Service in the comments section, or pending comment dash ...……
    作者:菜鸟教程小白 | 时间:2022-6-22 21:58 | 阅读:5 | 回复:0
  • CVE-2021-24963
    CVE-2021-24963
    The LiteSpeed Cache WordPress plugin before 4.4.4 does not escape the qc_res parameter before outputting it back in the JS code of an admin page, leading to a Reflected Cross-Site Scripting……
    作者:菜鸟教程小白 | 时间:2022-6-22 21:58 | 阅读:5 | 回复:0
  • CVE-2021-24964
    CVE-2021-24964
    The LiteSpeed Cache WordPress plugin before 4.4.4 does not properly verify that requests are coming from QUIC.cloud servers, allowing attackers to make requests to certain endpoints by using a specifi ...……
    作者:菜鸟教程小白 | 时间:2022-6-22 21:58 | 阅读:5 | 回复:0
  • CVE-2021-24973
    CVE-2021-24973
    The Site Reviews WordPress plugin before 5.17.3 does not sanitise and escape the site-reviews parameter of the glsr_action AJAX action (available to unauthenticated and any authenticated users), allow ...……
    作者:菜鸟教程小白 | 时间:2022-6-22 21:58 | 阅读:5 | 回复:0

关注我们

极客给你想要的成长

关注极客中国获取最新资讯

热门推荐
专题导读
阅读排行榜

扫描微信二维码

查看手机版网站

随时了解更新最新资讯

139-2527-9053

在线客服(服务时间 9:00~18:00)

在线QQ客服
地址:深圳市南山区西丽大学城创智工业园
电邮:jeky_zhao#qq.com
移动电话:139-2527-9053

Powered by 互联科技 X3.4© 2001-2213 极客世界.|Sitemap