Latest 7 days CVE Lists

Latest 7 days CVE Lists 피드 구독하기
This feed contains the most recent CVE cyber vulnerabilities published within the National Vulnerability Database.
업데이트: 38초 지남

CVE-2021-40455

수, 2021/10/13 - 10:15오전
Windows Installer Spoofing Vulnerability

CVE-2021-40456

수, 2021/10/13 - 10:15오전
Windows AD FS Security Feature Bypass Vulnerability

CVE-2021-40457

수, 2021/10/13 - 10:15오전
Microsoft Dynamics 365 Customer Engagement Cross-Site Scripting Vulnerability

CVE-2021-40460

수, 2021/10/13 - 10:15오전
Windows Remote Procedure Call Runtime Security Feature Bypass Vulnerability

CVE-2021-20031

수, 2021/10/13 - 8:15오전
A Host Header Redirection vulnerability in SonicOS potentially allows a remote attacker to redirect firewall management users to arbitrary web domains.

CVE-2021-3322

수, 2021/10/13 - 7:15오전
Unexpected Pointer Aliasing in IEEE 802154 Fragment Reassembly in Zephyr. Zephyr versions >= >=2.4.0 contain NULL Pointer Dereference (CWE-476). For more information, see https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-p86r-gc4r-4mq3

CVE-2021-3323

수, 2021/10/13 - 7:15오전
Integer Underflow in 6LoWPAN IPHC Header Uncompression in Zephyr. Zephyr versions >= >=2.4.0 contain Integer Underflow (Wrap or Wraparound) (CWE-191). For more information, see https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-89j6-qpxf-pfpc

CVE-2021-3330

수, 2021/10/13 - 7:15오전
RCE/DOS: Linked-list corruption leading to large out-of-bounds write while sorting for forged fragment list in Zephyr. Zephyr versions >= >=2.4.0 contain Out-of-bounds Write (CWE-787). For more information, see https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-fj4r-373f-9456

CVE-2021-3321

수, 2021/10/13 - 7:15오전
Integer Underflow in Zephyr in IEEE 802154 Fragment Reassembly Header Removal. Zephyr versions >= >=2.4.0 contain Integer Overflow to Buffer Overflow (CWE-680). For more information, see https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-w44j-66g7-xw99

CVE-2020-22673

수, 2021/10/13 - 6:15오전
Memory leak in the senc_Parse function in MP4Box in gpac 0.8.0 allows attackers to cause a denial of service (DoS) via a crafted input.

CVE-2020-22674

수, 2021/10/13 - 6:15오전
An issue was discovered in gpac 0.8.0. An invalid memory dereference exists in the function FixTrackID located in isom_intern.c, which allows attackers to cause a denial of service (DoS) via a crafted input.

CVE-2020-22675

수, 2021/10/13 - 6:15오전
An issue was discovered in gpac 0.8.0. The GetGhostNum function in stbl_read.c has a heap-based buffer overflow which can lead to a denial of service (DOS) via a crafted input.

CVE-2020-22677

수, 2021/10/13 - 6:15오전
An issue was discovered in gpac 0.8.0. The dump_data_hex function in box_dump.c has a heap-based buffer overflow which can lead to a denial of service (DOS) via a crafted input.

CVE-2020-22678

수, 2021/10/13 - 6:15오전
An issue was discovered in gpac 0.8.0. The gf_media_nalu_remove_emulation_bytes function in av_parsers.c has a heap-based buffer overflow which can lead to a denial of service (DOS) via a crafted input.

CVE-2020-22679

수, 2021/10/13 - 6:15오전
Memory leak in the sgpd_parse_entry function in MP4Box in gpac 0.8.0 allows attackers to cause a denial of service (DoS) via a crafted input.

CVE-2021-42325

수, 2021/10/13 - 5:15오전
Froxlor through 0.10.29.1 allows SQL injection in Database/Manager/DbManagerMySQL.php via a custom DB name.

CVE-2021-42326

수, 2021/10/13 - 4:15오전
Redmine before 4.1.5 and 4.2.x before 4.2.3 may disclose the names of users on activity views due to an insufficient access filter.

CVE-2021-29644

수, 2021/10/13 - 4:15오전
Hitachi JP1/IT Desktop Management 2 Agent 9 through 12 contains a remote code execution vulnerability because of an Integer Overflow. An attacker with network access to port 31016 may exploit this issue to execute code with unrestricted privileges on the underlying OS.

CVE-2021-29645

수, 2021/10/13 - 4:15오전
Hitachi JP1/IT Desktop Management 2 Agent 9 through 12 calls the SendMessageTimeoutW API with arbitrary arguments via a local pipe, leading to a local privilege escalation vulnerability. An attacker who exploits this issue could execute arbitrary code on the local system.

CVE-2021-38862

수, 2021/10/13 - 4:15오전
IBM Data Risk Manager (iDNA) 2.0.6 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 207980.

페이지