漏洞 - 第955页-OStack程序员社区-中国程序员成长平台

OStack程序员社区-中国程序员成长平台 › 门户 ›漏洞

漏洞

RSS

下级分类:

CVE漏洞

CVE-2021-27965

The MsIo64.sys driver before 1.1.19.1016 in MSI Dragon Center before 2.0.98.0 has a buffer overflow that allows privilege escalation via a crafted 0x80102040, 0x80102044, 0x80102050, or 0x80102054 IOC ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:42 | 阅读：71 | 回复：0
CVE漏洞

CVE-2021-27964

SonLogger before 6.4.1 is affected by Unauthenticated Arbitrary File Upload. An attacker can send a POST request to /Config/SaveUploadedHotspotLogoFile without any authentication or session header. Th ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:42 | 阅读：59 | 回复：0
CVE漏洞

CVE-2021-27963

SonLogger before 6.4.1 is affected by user creation with any user permissions profile (e.g., SuperAdmin). An anonymous user can send a POST request to /User/saveUser without any authentication or sess ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:42 | 阅读：81 | 回复：0
CVE漏洞

CVE-2019-18351

** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2019-18790. Reason: This candidate is a duplicate of CVE-2019-18790. Notes: All CVE users should reference CVE-2019-18790 instead of this ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:42 | 阅读：68 | 回复：0
CVE漏洞

CVE-2021-27314

SQL injection in admin.php in doctor appointment system 1.0 allows an unauthenticated attacker to insert malicious SQL queries via username parameter at login page.……

作者：菜鸟教程小白 | 时间：2022-2-5 09:42 | 阅读：54 | 回复：0
CVE漏洞

CVE-2019-18630

On Xerox AltaLink B8045/B8055/B8065/B8075/B8090 and C8030/C8035/C8045/C8055/C8070 multifunction printers with software releases before 101.00x.099.28200, portions of the drive containing executable co ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:42 | 阅读：64 | 回复：0
CVE漏洞

CVE-2021-3404

In ytnef 1.9.3, the SwapWord function in lib/ytnef.c allows remote attackers to cause a denial-of-service (and potentially code execution) due to a heap buffer overflow which can be triggered via a cr ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:42 | 阅读：71 | 回复：0
CVE漏洞

CVE-2021-3403

In ytnef 1.9.3, the TNEFSubjectHandler function in lib/ytnef.c allows remote attackers to cause a denial-of-service (and potentially code execution) due to a double free which can be triggered via a c ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:42 | 阅读：66 | 回复：0
CVE漏洞

CVE-2021-25348

Improper permission grant check in Samsung Internet prior to version 13.0.1.60 allows access to files in internal storage without authorized STORAGE permission.……

作者：菜鸟教程小白 | 时间：2022-2-5 09:42 | 阅读：58 | 回复：0
CVE漏洞

CVE-2021-25347

Hijacking vulnerability in Samsung Email application version prior to SMR Feb-2021 Release 1 allows attackers to intercept when the provider is executed.……

作者：菜鸟教程小白 | 时间：2022-2-5 09:42 | 阅读：46 | 回复：0
CVE漏洞

CVE-2021-25346

A possible arbitrary memory overwrite vulnerabilities in quram library version prior to SMR Jan-2021 Release 1 allow arbitrary code execution.……

作者：菜鸟教程小白 | 时间：2022-2-5 09:42 | 阅读：53 | 回复：0
CVE漏洞

CVE-2021-21045

Acrobat Reader DC versions versions 2020.013.20074 (and earlier), 2020.001.30018 (and earlier) and 2017.011.30188 (and earlier) are affected by an improper access control vulnerability. An unauthentic ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:41 | 阅读：31 | 回复：0
CVE漏洞

CVE-2021-21044

Acrobat Reader DC versions versions 2020.013.20074 (and earlier), 2020.001.30018 (and earlier) and 2017.011.30188 (and earlier) are affected by an Out-of-bounds Write vulnerability when parsing a craf ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:41 | 阅读：43 | 回复：0
CVE漏洞

CVE-2021-21042

Acrobat Reader DC versions 2020.013.20074 (and earlier), 2020.001.30018 (and earlier) and 2017.011.30188 (and earlier) are affected by an Out-of-bounds Read vulnerability that could lead to arbitrary ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:41 | 阅读：39 | 回复：0
CVE漏洞

CVE-2021-21041

Acrobat Reader DC versions versions 2020.013.20074 (and earlier), 2020.001.30018 (and earlier) and 2017.011.30188 (and earlier) are affected by a use-after-free vulnerability. An unauthenticated attac ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:41 | 阅读：48 | 回复：0
CVE漏洞

CVE-2021-21040

Acrobat Reader DC versions versions 2020.013.20074 (and earlier), 2020.001.30018 (and earlier) and 2017.011.30188 (and earlier) are affected by a Use After Free vulnerability. An unauthenticated attac ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:41 | 阅读：38 | 回复：0
CVE漏洞

CVE-2021-21039

Acrobat Reader DC versions versions 2020.013.20074 (and earlier), 2020.001.30018 (and earlier) and 2017.011.30188 (and earlier) are affected by a Use After Free vulnerability. An unauthenticated attac ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:41 | 阅读：31 | 回复：0
CVE漏洞

CVE-2021-21038

Acrobat Reader DC versions versions 2020.013.20074 (and earlier), 2020.001.30018 (and earlier) and 2017.011.30188 (and earlier) are affected by an Out-of-bounds Write vulnerability when parsing a craf ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:41 | 阅读：37 | 回复：0
CVE漏洞

CVE-2021-21037

Acrobat Reader DC versions versions 2020.013.20074 (and earlier), 2020.001.30018 (and earlier) and 2017.011.30188 (and earlier) are affected by a Path Traversal vulnerability. An unauthenticated attac ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:41 | 阅读：52 | 回复：0
CVE漏洞

CVE-2021-21036

Acrobat Reader DC versions versions 2020.013.20074 (and earlier), 2020.001.30018 (and earlier) and 2017.011.30188 (and earlier) are affected by an Integer Overflow vulnerability. An unauthenticated at ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:41 | 阅读：30 | 回复：0
CVE漏洞

CVE-2021-21035

Acrobat Reader DC versions versions 2020.013.20074 (and earlier), 2020.001.30018 (and earlier) and 2017.011.30188 (and earlier) are affected by a Use After Free vulnerability. An unauthenticated attac ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:41 | 阅读：36 | 回复：0
CVE漏洞

CVE-2021-21034

Acrobat Reader DC versions versions 2020.013.20074 (and earlier), 2020.001.30018 (and earlier) and 2017.011.30188 (and earlier) are affected by an Out-of-bounds Read vulnerability. An unauthenticated ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:41 | 阅读：32 | 回复：0
CVE漏洞

CVE-2021-21033

Acrobat Reader DC versions versions 2020.013.20074 (and earlier), 2020.001.30018 (and earlier) and 2017.011.30188 (and earlier) are affected by a Use After Free vulnerability. An unauthenticated attac ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:41 | 阅读：38 | 回复：0
CVE漏洞

CVE-2021-21032

Magento versions 2.4.1 (and earlier), 2.4.0-p1 (and earlier) and 2.3.6 (and earlier) do not adequately invalidate user sessions. Successful exploitation of this issue could lead to unauthorized access ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:41 | 阅读：56 | 回复：0
CVE漏洞

CVE-2021-21031

Magento versions 2.4.1 (and earlier), 2.4.0-p1 (and earlier) and 2.3.6 (and earlier) do not adequately invalidate user sessions. Successful exploitation could lead to unauthorized access to restricted ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:41 | 阅读：41 | 回复：0
CVE漏洞

CVE-2021-21030

Magento versions 2.4.1 (and earlier), 2.4.0-p1 (and earlier) and 2.3.6 (and earlier) are vulnerable to a stored cross-site scripting (XSS) in the customer address upload feature. Successful exploitati ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:41 | 阅读：31 | 回复：0
CVE漏洞

CVE-2021-21029

Magento versions 2.4.1 (and earlier), 2.4.0-p1 (and earlier) and 2.3.6 (and earlier) are affected by a Reflected Cross-site Scripting vulnerability via 'file' parameter. Successful exploitatio ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:41 | 阅读：32 | 回复：0
CVE漏洞

CVE-2021-21028

Acrobat Reader DC versions versions 2020.013.20074 (and earlier), 2020.001.30018 (and earlier) and 2017.011.30188 (and earlier) are affected by a Use After Free vulnerability. An unauthenticated attac ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:41 | 阅读：35 | 回复：0
CVE漏洞

CVE-2021-21027

Magento versions 2.4.1 (and earlier), 2.4.0-p1 (and earlier) and 2.3.6 (and earlier) are affected by a cross-site request forgery (CSRF) vulnerability via the GraphQL API. Successful exploitation coul ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:41 | 阅读：25 | 回复：0
CVE漏洞

CVE-2021-21026

Magento versions 2.4.1 (and earlier), 2.4.0-p1 (and earlier) and 2.3.6 (and earlier) are affected by an improper authorization vulnerability in the integrations module. Successful exploitation could l ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:41 | 阅读：29 | 回复：0
CVE漏洞

CVE-2021-21025

Magento versions 2.4.1 (and earlier), 2.4.0-p1 (and earlier) and 2.3.6 (and earlier) are vulnerable to XML injection in the product layout updates. Successful exploitation could lead to arbitrary code ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:41 | 阅读：44 | 回复：0
CVE漏洞

CVE-2021-21024

Magento versions 2.4.1 (and earlier), 2.4.0-p1 (and earlier) and 2.3.6 (and earlier) are affected by a blind SQL injection vulnerability in the Search module. Successful exploitation could lead to una ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:41 | 阅读：41 | 回复：0
CVE漏洞

CVE-2021-21023

Magento versions 2.4.1 (and earlier), 2.4.0-p1 (and earlier) and 2.3.6 (and earlier) are vulnerable to a stored cross-site scripting vulnerability in the admin console. Successful exploitation could l ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:41 | 阅读：29 | 回复：0
CVE漏洞

CVE-2021-21022

Magento versions 2.4.1 (and earlier), 2.4.0-p1 (and earlier) and 2.3.6 (and earlier) are vulnerable to an insecure direct object reference (IDOR) in the product module. Successful exploitation could l ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:41 | 阅读：33 | 回复：0
CVE漏洞

CVE-2021-21021

Acrobat Reader DC versions versions 2020.013.20074 (and earlier), 2020.001.30018 (and earlier) and 2017.011.30188 (and earlier) are affected by a Use After Free vulnerability. An unauthenticated attac ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:41 | 阅读：24 | 回复：0
CVE漏洞

CVE-2021-21020

Magento versions 2.4.1 (and earlier), 2.4.0-p1 (and earlier) and 2.3.6 (and earlier) are vulnerable to an access control bypass vulnerability in the Login as Customer module. Successful exploitation c ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:41 | 阅读：34 | 回复：0
CVE漏洞

CVE-2021-21019

Magento versions 2.4.1 (and earlier), 2.4.0-p1 (and earlier) and 2.3.6 (and earlier) are vulnerable to XML injection in the Widgets module. Successful exploitation could lead to arbitrary code executi ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:41 | 阅读：30 | 回复：0
CVE漏洞

CVE-2021-21018

Magento versions 2.4.1 (and earlier), 2.4.0-p1 (and earlier) and 2.3.6 (and earlier) are vulnerable to OS command injection via the scheduled operation module. Successful exploitation could lead to ar ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:41 | 阅读：27 | 回复：0
CVE漏洞

CVE-2021-21017

Acrobat Reader DC versions versions 2020.013.20074 (and earlier), 2020.001.30018 (and earlier) and 2017.011.30188 (and earlier) are affected by a heap-based buffer overflow vulnerability. An unauthent ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:41 | 阅读：51 | 回复：0
CVE漏洞

CVE-2021-21016

Magento versions 2.4.1 (and earlier), 2.4.0-p1 (and earlier) and 2.3.6 (and earlier) are vulnerable to OS command injection via the WebAPI. Successful exploitation could lead to remote code execution ...……

作者：菜鸟教程小白 | 时间：2022-2-5 09:41 | 阅读：32 | 回复：0