CVE漏洞

OStack程序员社区-中国程序员成长平台 › 门户 › 漏洞›CVE漏洞

RSS

CVE-2022-33685

Unprotected dynamic receiver in Wearable Manager Service prior to SMR Jul-2022 Release 1 allows attacker to launch arbitray activity and access senstive information.……

作者：菜鸟教程小白 | 时间：2022-7-29 17:12 | 阅读：456 | 回复：0
CVE-2022-33686

Exposure of Sensitive Information in GsmAlarmManager prior to SMR Jul-2022 Release 1 allows local attacker to access iccid via log.……

作者：菜鸟教程小白 | 时间：2022-7-29 17:12 | 阅读：514 | 回复：0
CVE-2022-33687

Exposure of Sensitive Information in telephony-common.jar prior to SMR Jul-2022 Release 1 allows local attackers to access IMSI via log.……

作者：菜鸟教程小白 | 时间：2022-7-29 17:12 | 阅读：471 | 回复：0
CVE-2022-33688

Sensitive information exposure vulnerability in EventType in SecTelephonyProvider prior to SMR Jul-2022 Release 1 allows local attackers with log access permission to get IMSI through device log.……

作者：菜鸟教程小白 | 时间：2022-7-29 17:12 | 阅读：596 | 回复：0
CVE-2022-33689

Improper access control vulnerability in TelephonyUI prior to SMR Jul-2022 Release 1 allows attackers to change preferred network type by unprotected binder call.……

作者：菜鸟教程小白 | 时间：2022-7-29 17:12 | 阅读：426 | 回复：0
CVE-2022-33690

Improper input validation in Contacts Storage prior to SMR Jul-2022 Release 1 allows attacker to access arbitrary file.……

作者：菜鸟教程小白 | 时间：2022-7-29 17:12 | 阅读：968 | 回复：0
CVE-2022-33691

A possible race condition vulnerability in score driver prior to SMR Jul-2022 Release 1 can allow local attackers to interleave malicious operations.……

作者：菜鸟教程小白 | 时间：2022-7-29 17:12 | 阅读：520 | 回复：0
CVE-2022-33692

Exposure of Sensitive Information in Messaging application prior to SMR Jul-2022 Release 1 allows local attacker to access imsi and iccid via log.……

作者：菜鸟教程小白 | 时间：2022-7-29 17:12 | 阅读：579 | 回复：0
CVE-2022-33693

Exposure of Sensitive Information in CID Manager prior to SMR Jul-2022 Release 1 allows local attacker to access iccid via log.……

作者：菜鸟教程小白 | 时间：2022-7-29 17:12 | 阅读：656 | 回复：0
CVE-2022-33694

Exposure of Sensitive Information in CSC application prior to SMR Jul-2022 Release 1 allows local attacker to access wifi information via unprotected intent broadcasting.……

作者：菜鸟教程小白 | 时间：2022-7-29 17:12 | 阅读：775 | 回复：0
CVE-2022-33695

Use of improper permission in InputManagerService prior to SMR Jul-2022 Release 1 allows unauthorized access to the service.……

作者：菜鸟教程小白 | 时间：2022-7-29 17:12 | 阅读：728 | 回复：0
CVE-2022-33696

Exposure of Sensitive Information in Telephony service prior to SMR Jul-2022 Release 1 allows local attacker to access imsi and iccid via log.……

作者：菜鸟教程小白 | 时间：2022-7-29 17:12 | 阅读：480 | 回复：0
CVE-2022-33697

Sensitive information exposure vulnerability in ImsServiceSwitchBase in ImsCore prior to SMR Jul-2022 Release 1 allows local attackers with log access permission to get IMSI through device log.……

作者：菜鸟教程小白 | 时间：2022-7-29 17:12 | 阅读：594 | 回复：0
CVE-2022-33698

Exposure of Sensitive Information in Telecom application prior to SMR Jul-2022 Release 1 allows local attackers to access ICCID via log.……

作者：菜鸟教程小白 | 时间：2022-7-29 17:12 | 阅读：474 | 回复：0
CVE-2022-33699

Exposure of Sensitive Information in getDsaSimImsi in TelephonyUI prior to SMR Jul-2022 Release 1 allows local attacker to access imsi via log.……

作者：菜鸟教程小白 | 时间：2022-7-29 17:12 | 阅读：509 | 回复：0
CVE-2022-33700

Exposure of Sensitive Information in putDsaSimImsi in TelephonyUI prior to SMR Jul-2022 Release 1 allows local attacker to access imsi via log.……

作者：菜鸟教程小白 | 时间：2022-7-29 17:12 | 阅读：569 | 回复：0
CVE-2022-33701

Improper access control vulnerability in KnoxCustomManagerService prior to SMR Jul-2022 Release 1 allows attacker to call PowerManaer.goToSleep method which is protected by system permission by sendin ...……

作者：菜鸟教程小白 | 时间：2022-7-29 17:12 | 阅读：503 | 回复：0
CVE-2022-1245

A privilege escalation flaw was found in the token exchange feature of keycloak. Missing authorization allows a client application holding a valid access token to exchange tokens for any target client ...……

作者：菜鸟教程小白 | 时间：2022-7-29 17:11 | 阅读：1282 | 回复：0
CVE-2021-41037

In Eclipse p2, installable units are able to alter the Eclipse Platform installation and the local machine via touchpoints during installation. Those touchpoints can, for example, alter the command-li ...……

作者：菜鸟教程小白 | 时间：2022-7-29 17:11 | 阅读：600 | 回复：0
CVE-2022-30852

Known v1.3.1 was discovered to contain an Insecure Direct Object Reference (IDOR).……

作者：菜鸟教程小白 | 时间：2022-7-29 17:11 | 阅读：541 | 回复：0
CVE-2022-31290

A cross-site scripting (XSS) vulnerability in Known v1.2.2+2020061101 allows authenticated attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Your Name text fie ...……

作者：菜鸟教程小白 | 时间：2022-7-29 17:11 | 阅读：577 | 回复：0
CVE-2022-32115

An issue in the isSVG() function of Known v1.2.2+2020061101 allows attackers to execute arbitrary code via a crafted SVG file.……

作者：菜鸟教程小白 | 时间：2022-7-29 17:11 | 阅读：970 | 回复：0
CVE-2022-33011

Known v1.3.1+2020120201 was discovered to allow attackers to perform an account takeover via a host header injection attack.……

作者：菜鸟教程小白 | 时间：2022-7-29 17:11 | 阅读：1716 | 回复：0
CVE-2022-28623

Security vulnerabilities in HPE IceWall SSO 10.0 certd could be exploited remotely to allow SQL injection or unauthorized data injection. HPE has provided the following updated modules to resolve thes ...……

作者：菜鸟教程小白 | 时间：2022-7-29 17:11 | 阅读：741 | 回复：0
CVE-2022-28624

A potential security vulnerability has been identified in certain HPE FlexNetwork and FlexFabric switch products. The vulnerability could be remotely exploited to allow cross site scripting (XSS). HPE ...……

作者：菜鸟教程小白 | 时间：2022-7-29 17:11 | 阅读：539 | 回复：0
CVE-2022-35406

A URL disclosure issue was discovered in Burp Suite before 2022.6. If a user views a crafted response in the Repeater or Intruder, it may be incorrectly interpreted as a redirect.……

作者：菜鸟教程小白 | 时间：2022-7-29 17:11 | 阅读：552 | 回复：0
CVE-2022-34160

IBM CICS TX Standard and Advanced 11.1 is vulnerable to HTML injection. A remote attacker could inject malicious HTML code, which when viewed, would be executed in the victim's Web browser within ...……

作者：菜鸟教程小白 | 时间：2022-7-29 17:11 | 阅读：622 | 回复：0
CVE-2022-34166

IBM CICS TX Standard and Advanced 11.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality ...……

作者：菜鸟教程小白 | 时间：2022-7-29 17:11 | 阅读：666 | 回复：0
CVE-2022-34167

IBM CICS TX Standard and Advanced 11.1 is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functio ...……

作者：菜鸟教程小白 | 时间：2022-7-29 17:11 | 阅读：633 | 回复：0
CVE-2022-34306

IBM CICS TX Standard and Advanced 11.1 is vulnerable to HTTP header injection, caused by improper validation of input by the HOST headers. This could allow an attacker to conduct various attacks again ...……

作者：菜鸟教程小白 | 时间：2022-7-29 17:11 | 阅读：638 | 回复：0
CVE-2015-0256

** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2015. Notes: none.……

作者：菜鸟教程小白 | 时间：2022-7-29 17:11 | 阅读：465 | 回复：0
CVE-2015-0280

** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2015. Notes: none.……

作者：菜鸟教程小白 | 时间：2022-7-29 17:11 | 阅读：577 | 回复：0
CVE-2015-0281

** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2015. Notes: none.……

作者：菜鸟教程小白 | 时间：2022-7-29 17:11 | 阅读：945 | 回复：0
CVE-2015-1837

** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2015. Notes: none.……

作者：菜鸟教程小白 | 时间：2022-7-29 17:11 | 阅读：508 | 回复：0
CVE-2015-1871

** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2015. Notes: none.……

作者：菜鸟教程小白 | 时间：2022-7-29 17:11 | 阅读：531 | 回复：0
CVE-2015-2236

** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2015. Notes: none.……

作者：菜鸟教程小白 | 时间：2022-7-29 17:11 | 阅读：488 | 回复：0
CVE-2015-2671

** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2015. Notes: none.……

作者：菜鸟教程小白 | 时间：2022-7-29 17:11 | 阅读：472 | 回复：0
CVE-2015-3260

** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2015. Notes: none.……

作者：菜鸟教程小白 | 时间：2022-7-29 17:11 | 阅读：555 | 回复：0
CVE-2015-3261

** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2015. Notes: none.……

作者：菜鸟教程小白 | 时间：2022-7-29 17:11 | 阅读：535 | 回复：0
CVE-2015-3262

** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2015. Notes: none.……

作者：菜鸟教程小白 | 时间：2022-7-29 17:11 | 阅读：679 | 回复：0