• 设为首页
  • 点击收藏
  • 手机版
    手机扫一扫访问
    迪恩网络手机版
  • 关注官方公众号
    微信扫一扫关注
    公众号
登陆 注册
OStack程序员社区-中国程序员成长平台 门户 漏洞

漏洞

RSS

下级分类:

  • CVE-2021-28375
    CVE漏洞
    CVE-2021-28375
    An issue was discovered in the Linux kernel through 5.11.6. fastrpc_internal_invoke in drivers/misc/fastrpc.c does not prevent user applications from sending kernel RPC messages, aka CID-20c40794eb85. ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 09:47 | 阅读:54 | 回复:0
  • CVE-2021-28374
    CVE漏洞
    CVE-2021-28374
    The Debian courier-authlib package before 0.71.1-2 for Courier Authentication Library creates a /run/courier/authdaemon directory with weak permissions, allowing an attacker to read user information. ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 09:47 | 阅读:48 | 回复:0
  • CVE-2021-28373
    CVE漏洞
    CVE-2021-28373
    The auth_internal plugin in Tiny Tiny RSS (aka tt-rss) before 2021-03-12 allows an attacker to log in via the OTP code without a valid password. NOTE: this issue only affected the git master branch fo ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 09:47 | 阅读:68 | 回复:0
  • CVE-2021-28361
    CVE漏洞
    CVE-2021-28361
    An issue was discovered in Storage Performance Development Kit (SPDK) before 20.01.01. If a PDU is sent to the iSCSI target with a zero length (but data is expected), the iSCSI target can crash with a ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 09:47 | 阅读:46 | 回复:0
  • CVE-2020-35682
    CVE漏洞
    CVE-2020-35682
    Zoho ManageEngine ServiceDesk Plus before 11134 allows an Authentication Bypass (only during SAML login).……
    作者:菜鸟教程小白 | 时间:2022-2-5 09:47 | 阅读:61 | 回复:0
  • CVE-2021-20018
    CVE漏洞
    CVE-2021-20018
    A post-authenticated vulnerability in SonicWall SMA100 allows an attacker to export the configuration file to the specified email address. This vulnerability impacts SMA100 version 10.2.0.5 and earlie ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 09:47 | 阅读:66 | 回复:0
  • CVE-2021-20017
    CVE漏洞
    CVE-2021-20017
    A post-authenticated command injection vulnerability in SonicWall SMA100 allows an authenticated attacker to execute OS commands as a 'nobody' user. This vulnerability impacts SMA100 version 1 ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 09:47 | 阅读:65 | 回复:0
  • CVE-2021-28162
    CVE漏洞
    CVE-2021-28162
    In Eclipse Theia versions up to and including 0.16.0, in the notification messages there is no HTML escaping, so Javascript code can run.……
    作者:菜鸟教程小白 | 时间:2022-2-5 09:47 | 阅读:61 | 回复:0
  • CVE-2021-28161
    CVE漏洞
    CVE-2021-28161
    In Eclipse Theia versions up to and including 1.8.0, in the debug console there is no HTML escaping, so arbitrary Javascript code can be injected.……
    作者:菜鸟教程小白 | 时间:2022-2-5 09:47 | 阅读:62 | 回复:0
  • CVE-2021-28092
    CVE漏洞
    CVE-2021-28092
    The is-svg package 2.1.0 through 4.2.1 for Node.js uses a regular expression that is vulnerable to Regular Expression Denial of Service (ReDoS). If an attacker provides a malicious string, is-svg will ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 09:47 | 阅读:69 | 回复:0
  • CVE-2021-27290
    CVE漏洞
    CVE-2021-27290
    ssri 5.2.2-8.0.0, fixed in 8.0.1, processes SRIs using a regular expression which is vulnerable to a denial of service. Malicious SRIs could take an extremely long time to process, leading to denial o ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 09:47 | 阅读:55 | 回复:0
  • CVE-2021-21518
    CVE漏洞
    CVE-2021-21518
    Dell SupportAssist Client for Consumer PCs versions 3.7.x, 3.6.x, 3.4.x, 3.3.x, Dell SupportAssist Client for Business PCs versions 2.0.x, 2.1.x, 2.2.x, and Dell SupportAssist Client ProManage 1.x con ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 09:47 | 阅读:74 | 回复:0
  • CVE-2021-21726
    CVE漏洞
    CVE-2021-21726
    Some ZTE products have an input verification vulnerability in the diagnostic function interface. Due to insufficient verification of some parameters input by users, an attacker with high privileges ca ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 09:47 | 阅读:62 | 回复:0
  • CVE-2021-21085
    CVE漏洞
    CVE-2021-21085
    Adobe Connect version 11.0.7 (and earlier) is affected by an Input Validation vulnerability in the export feature. An attacker could exploit this vulnerability by injecting a payload into an online ev ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 09:47 | 阅读:49 | 回复:0
  • CVE-2021-21082
    CVE漏洞
    CVE-2021-21082
    Adobe Photoshop versions 21.2.5 (and earlier) and 22.2 (and earlier) are affected by a Memory Corruption vulnerability when parsing a specially crafted file. An unauthenticated attacker could leverage ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 09:47 | 阅读:52 | 回复:0
  • CVE-2021-21080
    CVE漏洞
    CVE-2021-21080
    Adobe Connect version 11.0.7 (and earlier) is affected by a reflected Cross-Site Scripting (XSS) vulnerability. An attacker could exploit this vulnerability to inject malicious JavaScript content that ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 09:47 | 阅读:56 | 回复:0
  • CVE-2021-21079
    CVE漏洞
    CVE-2021-21079
    Adobe Connect version 11.0.7 (and earlier) is affected by a reflected Cross-Site Scripting (XSS) vulnerability. An attacker could exploit this vulnerability to inject malicious JavaScript content that ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 09:47 | 阅读:51 | 回复:0
  • CVE-2021-21078
    CVE漏洞
    CVE-2021-21078
    Adobe Creative Cloud Desktop Application version 5.3 (and earlier) is affected by an Unquoted Service Path vulnerability in CCXProcess that could allow an attacker to achieve arbitrary code execution ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 09:47 | 阅读:67 | 回复:0
  • CVE-2021-21077
    CVE漏洞
    CVE-2021-21077
    Adobe Animate version 21.0.3 (and earlier) is affected by a Heap-based Buffer Overflow vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 09:47 | 阅读:55 | 回复:0
  • CVE-2021-21076
    CVE漏洞
    CVE-2021-21076
    Adobe Animate version 21.0.3 (and earlier) is affected by an Out-of-bounds Read vulnerability. An unauthenticated attacker could leverage this vulnerability to disclose sensitive information in the co ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 09:47 | 阅读:70 | 回复:0
  • CVE-2021-21075
    CVE漏洞
    CVE-2021-21075
    Adobe Animate version 21.0.3 (and earlier) is affected by an Out-of-bounds Read vulnerability. An unauthenticated attacker could leverage this vulnerability to disclose sensitive information in the co ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 09:47 | 阅读:61 | 回复:0
  • CVE-2021-21074
    CVE漏洞
    CVE-2021-21074
    Adobe Animate version 21.0.3 (and earlier) is affected by an Out-of-bounds Read vulnerability. An unauthenticated attacker could leverage this vulnerability to disclose sensitive information in the co ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 09:47 | 阅读:51 | 回复:0
  • CVE-2021-21073
    CVE漏洞
    CVE-2021-21073
    Adobe Animate version 21.0.3 (and earlier) is affected by an Out-of-bounds Read vulnerability. An unauthenticated attacker could leverage this vulnerability to disclose sensitive information in the co ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 09:47 | 阅读:73 | 回复:0
  • CVE-2021-21072
    CVE漏洞
    CVE-2021-21072
    Adobe Animate version 21.0.3 (and earlier) is affected by an Out-of-bounds Read vulnerability. An unauthenticated attacker could leverage this vulnerability to disclose sensitive information in the co ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 09:47 | 阅读:68 | 回复:0
  • CVE-2021-21071
    CVE漏洞
    CVE-2021-21071
    Adobe Animate version 21.0.3 (and earlier) is affected by a Memory Corruption vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the co ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 09:47 | 阅读:55 | 回复:0
  • CVE-2021-21069
    CVE漏洞
    CVE-2021-21069
    Adobe Creative Cloud Desktop Application version 5.3 (and earlier) is affected by a local privilege escalation vulnerability that could allow an attacker to call functions against the installer to per ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 09:47 | 阅读:52 | 回复:0
  • CVE-2021-21068
    CVE漏洞
    CVE-2021-21068
    Adobe Creative Cloud Desktop Application version 5.3 (and earlier) is affected by a file handling vulnerability that could allow an attacker to cause arbitrary file overwriting. Exploitation of this i ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 09:47 | 阅读:70 | 回复:0
  • CVE-2021-21067
    CVE漏洞
    CVE-2021-21067
    Adobe Photoshop versions 21.2.5 (and earlier) and 22.2 (and earlier) are affected by an Out-of-bounds Write vulnerability in the CoolType library. An unauthenticated attacker could leverage this vulne ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 09:47 | 阅读:69 | 回复:0
  • CVE-2021-21056
    CVE漏洞
    CVE-2021-21056
    Adobe Framemaker version 2020.0.1 (and earlier) is affected by an Out-of-bounds Read vulnerability when parsing a specially crafted file. An unauthenticated attacker could leverage this vulnerability ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 09:47 | 阅读:68 | 回复:0
  • CVE-2021-20232
    CVE漏洞
    CVE-2021-20232
    A flaw was found in gnutls. A use after free issue in client_send_params in lib/ext/pre_shared_key.c may lead to memory corruption and other potential consequences.……
    作者:菜鸟教程小白 | 时间:2022-2-5 09:47 | 阅读:52 | 回复:0
  • CVE-2021-20231
    CVE漏洞
    CVE-2021-20231
    A flaw was found in gnutls. A use after free issue in client sending key_share extension may lead to memory corruption and other consequences.……
    作者:菜鸟教程小白 | 时间:2022-2-5 09:47 | 阅读:85 | 回复:0
  • CVE-2021-21379
    CVE漏洞
    CVE-2021-21379
    XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. In affected versions of XWiki Platform, the `{{wikimacrocontent}}` executes the content with th ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 09:47 | 阅读:59 | 回复:0
  • CVE-2021-21368
    CVE漏洞
    CVE-2021-21368
    msgpack5 is a msgpack v5 implementation for node.js and the browser. In msgpack5 before versions 3.6.1, 4.5.1, and 5.2.1 there is a Prototype Poisoning vulnerability. When msgpack5 decodes a map conta ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 09:47 | 阅读:77 | 回复:0
  • CVE-2021-21367
    CVE漏洞
    CVE-2021-21367
    Switchboard Bluetooth Plug for elementary OS from version 2.3.0 and before version version 2.3.5 has an incorrect authorization vulnerability. When the Bluetooth plug is running (in discoverable mode) ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 09:47 | 阅读:70 | 回复:0
  • CVE-2021-21366
    CVE漏洞
    CVE-2021-21366
    xmldom is a pure JavaScript W3C standard-based (XML DOM Level 2 Core) DOMParser and XMLSerializer module. xmldom versions 0.4.0 and older do not correctly preserve system identifiers, FPIs or namespac ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 09:47 | 阅读:61 | 回复:0
  • CVE-2020-4831
    CVE漏洞
    CVE-2020-4831
    IBM DataPower Gateway 10.0.0.0 through 10.0.1.0 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 189965.……
    作者:菜鸟教程小白 | 时间:2022-2-5 09:47 | 阅读:57 | 回复:0
  • CVE-2021-28302
    CVE漏洞
    CVE-2021-28302
    A stack overflow in pupnp before version 1.14.5 can cause the denial of service through the Parser_parseDocument() function. ixmlNode_free() will release a child node recursively, which will consume s ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 09:47 | 阅读:49 | 回复:0
  • CVE-2021-23354
    CVE漏洞
    CVE-2021-23354
    The package printf before 0.6.1 are vulnerable to Regular Expression Denial of Service (ReDoS) via the regex string /\%(?:\((+)\)|(\d*)\$)?(*)(\*|\d+)?(\.)?(\*|\d+)??()/g in lib/printf.js. The vulnera ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 09:47 | 阅读:63 | 回复:0
  • CVE-2021-28308
    CVE漏洞
    CVE-2021-28308
    An issue was discovered in the fltk crate before 0.15.3 for Rust. There is an out-of bounds read because the pixmap constructor lacks pixmap input validation.……
    作者:菜鸟教程小白 | 时间:2022-2-5 09:47 | 阅读:59 | 回复:0
  • CVE-2021-28307
    CVE漏洞
    CVE-2021-28307
    An issue was discovered in the fltk crate before 0.15.3 for Rust. There is a NULL pointer dereference during attempted use of a non-raster image for a window icon.……
    作者:菜鸟教程小白 | 时间:2022-2-5 09:47 | 阅读:73 | 回复:0

关注我们

极客给你想要的成长

关注极客中国获取最新资讯

加入Q群 官方微博
热门推荐
More+
专题导读
More+
热门话题
More+
阅读排行榜

扫描微信二维码

查看手机版网站

随时了解更新最新资讯

139-2527-9053

在线客服(服务时间 9:00~18:00)

在线QQ客服
地址:深圳市南山区西丽大学城创智工业园
电邮:jeky_zhao#qq.com
移动电话:139-2527-9053

Powered by 互联科技 X3.4© 2001-2213 极客世界.|Sitemap