211 matches found
CVE-2021-1100
NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager kernel mode driver nvidia.ko, in which a pointer to a user-space buffer is not validated before it is dereferenced, which may lead to denial of service. This affects vGPU version 12.x prior to 12.3, version 11.x prior to 11....
CVE-2021-1097
NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager vGPU plugin, where it improperly validates the length field in a request from a guest. This flaw allows a malicious guest to send a length field that is inconsistent with the actual length of the input, which may lead to...
Design/Logic Flaw
NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager vGPU plugin, where it can lead to floating point exceptions, which may lead to denial of service. This affects vGPU version 12.x prior to 12.3, version 11.x prior to 11.5 and version 8.x prior 8.8...
CVE-2021-1099
NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager vGPU plugin that could allow an attacker to cause stack-based buffer overflow and put a customized ROP gadget on the stack. Such an attack may lead to information disclosure, data tampering, or denial of service. This affect...
PT-2021-3865 · Typo3 · Typo3
Name of the Vulnerable Software and Affected Versions: TYPO3 versions 9.0.0 through 9.5.28 TYPO3 versions 10.0.0 through 10.4.17 TYPO3 versions 11.0.0 through 11.3.0 Description: The issue is related to the components QueryGenerator and QueryView in the TYPO3 content management system, which are...
Google Android Framework elevation of privilege vulnerability (CNVD-2021-52348)
Android is a Linux-based open source operating system jointly developed by Google Inc. and the Open Handheld Alliance OHA for short. An elevation of privilege vulnerability exists in the Framework component of Google Android version 11. No details of the vulnerability are provided at this time...
Google Android System Information Disclosure Vulnerability (CNVD-2021-52332)
Android is a Linux-based open source operating system jointly developed by Google Inc. and the Open Handheld Alliance OHA for short. An information disclosure vulnerability exists in the System component of Google Android versions 8.1, 9, 10, and 11. No details of the vulnerability are provided a...
PostgreSQL 9.6.x < 9.6.22, 10.x < 10.17, 11.x < 11.12, 12.x < 12.7, 13.x < 13.3 Multiple Vulnerabilities - Linux
PostgreSQL is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:postgresql:postgresql";...
SeaCMS Cross-Site Scripting Vulnerability (CNVD-2021-43533)
SeaCMS Ocean CMS is a professional open source free PHP film and television system. A cross-site scripting vulnerability exists in the login page in SeaCMS version 11. An attacker can exploit this vulnerability to inject arbitrary web script or HTML...
Cross site scripting
A cross-site scripting XSS vulnerability has been discovered in the login page of SeaCMS version 11 which allows an attacker to inject arbitrary web script or HTML...
PostgreSQL 9.6.x < 9.6.22 / 10.x < 10.17 / 11.x < 11.12 / 12.x < 12.7 / 13.x < 13.3 Multiple Vulnerabilities
The version of PostgreSQL installed on the remote host is 9.6 prior to 9.6.22, 10 prior to 10.17, 11 prior to 11.12, 12 prior to 12.7, or 13 prior to 13.3. As such, it is potentially affected by multiple vulnerabilities : - Buffer overrun from integer overflow in array subscripting calculations...
Google Android Media Framework elevation of privilege vulnerability (CNVD-2021-43420)
Android is a Linux-based open source operating system jointly developed by Google Inc. and the Open Handheld Alliance OHA for short. An elevation of privilege vulnerability exists in the Media Framework component of Google Android version 11, which can be exploited by an attacker to cause a local...
Google Android 安全漏洞
Android is a Linux-based open source operating system jointly developed by Google Inc. and the Open Handheld Alliance OHA for short. An information disclosure vulnerability exists in the System component of Google Android versions 8.1, 9, 10, and 11. No details of the vulnerability are provided a...
CVE-2021-1087
NVIDIA vGPU driver contains a vulnerability in the Virtual GPU Manager vGPU plugin, which could allow an attacker to retrieve information that could lead to a Address Space Layout Randomization ASLR bypass. This affects vGPU version 12.x prior to 12.2, version 11.x prior to 11.4 and version 8.x...
CVE-2021-1080
NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager vGPU plugin, in which certain input data is not validated, which may lead to information disclosure, tampering of data, or denial of service. This affects vGPU version 12.x prior to 12.2, version 11.x prior to 11.4 and versi...
Design/Logic Flaw
NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager vGPU plugin, in which an input length is not validated, which may lead to information disclosure, tampering of data, or denial of service. vGPU version 12.x prior to 12.2, version 11.x prior to 11.4 and version 8.x prior to ...
CVE-2021-1083
NVIDIA vGPU software contains a vulnerability in the guest kernel mode driver and Virtual GPU Manager vGPU plugin, in which an input length is not validated, which may lead to information disclosure, tampering of data, or denial of service. This affects vGPU version 12.x prior to 12.2 and version...
PostgreSQL 11.x < 11.11 / 12.x < 12.6 / 13.x < 13.2 Multiple Vulnerabilities
The version of PostgreSQL installed on the remote host is 11 prior to 11.11, 12 prior to 12.6, or 13 prior to 13.2. As such, it is potentially affected by multiple vulnerabilities : - An information leak was discovered in postgresql in versions before 13.2, before 12.6 and before 11.11. A user...
Exploit for Server-Side Request Forgery in F5 Big-Ip_Access_Policy_Manager
F5 BIG-IP 远程命令执行漏洞(CVE-2021-22986) 漏洞影响 F5 BIG-IP 16.x: 1...
CVE-2021-21080
Adobe Connect version 11.0.7 and earlier is affected by a reflected Cross-Site Scripting XSS vulnerability. An attacker could exploit this vulnerability to inject malicious JavaScript content that may be executed within the context of the victim's browser when they browse to the page containing t...