933 matches found
PT-2021-3051 · Microsoft · Office +1
Name of the Vulnerable Software and Affected Versions: Microsoft Office affected versions not specified Description: The issue is related to an information disclosure vulnerability in Microsoft Office. It is caused by a lack of protection for sensitive data. Exploitation of this issue may allow a...
PT-2021-3010 · Microsoft · Windows Media Foundation +1
Name of the Vulnerable Software and Affected Versions: Windows Media Foundation Core affected versions not specified Description: The issue is related to incorrect code generation management in the Windows Media Foundation Core component of Microsoft Windows operating systems. This can allow a...
Trend Micro HouseCall for Home Networks 安全漏洞
Trend Micro HouseCall for Home Networks is a suite of home network security scanning software from Trend Micro. The software supports scanning a wide range of home network devices and identifying network risks. An elevation of privilege vulnerability exists in Trend Micro HouseCall for Home...
PT-2021-2616 · Microsoft · Windows
Name of the Vulnerable Software and Affected Versions: Microsoft Windows affected versions not specified Description: The issue is related to incorrect code generation management in the Procedure Call Runtime component of Microsoft Windows operating systems. This allows a remote attacker to execu...
PT-2021-2665 · Microsoft · Exchange Server
Name of the Vulnerable Software and Affected Versions: Microsoft Exchange Server affected versions not specified Description: The issue is related to incorrect code generation management in Microsoft Exchange Server. It allows a remote attacker to execute arbitrary code. Recommendations: At the...
CVE-2021-21632
A missing permission check in Jenkins OWASP Dependency-Track Plugin 3.1.0 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified URL, capturing credentials stored in Jenkins...
CVE-2021-21638
A cross-site request forgery CSRF vulnerability in Jenkins Team Foundation Server Plugin 5.157.1 and earlier allows attackers to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins...
Jenkins OWASP Dependency-Track 跨站请求伪造漏洞
CloudBees Jenkins Hudson Labs is the United States CloudBees company a set of Java-based development of continuous integration tools . The product is mainly used to monitor the continuous software version release/testing project and some timed execution of the task . A cross-site request forgery...
PT-2021-2278
Name of the Vulnerable Software and Affected Versions Microsoft SharePoint Server affected versions not specified Microsoft Business Productivity Servers affected versions not specified SharePoint Enterprise Server affected versions not specified SharePoint Foundation affected versions not...
PT-2021-2400 · Microsoft · Windows Dns Server +1
Name of the Vulnerable Software and Affected Versions: Windows DNS Server affected versions not specified Description: The issue is related to errors in processing input data in the Windows DNS Server service. It allows remote attackers to execute arbitrary code and affect the system...
PT-2021-2417 · Microsoft · Visual Studio Code
Name of the Vulnerable Software and Affected Versions: Visual Studio Code affected versions not specified Description: The issue is related to insufficient access control in Visual Studio Code, which can be exploited to execute arbitrary code. Recommendations: At the moment, there is no informati...
PT-2021-2215 · Microsoft · Exchange Server
Name of the Vulnerable Software and Affected Versions: Microsoft Exchange Server affected versions not specified Description: The issue is related to insufficient input validation in Microsoft Exchange Server, which can be exploited by a remote attacker to execute arbitrary code. This allows for...
CVE-2021-22267
Idelji Web ViewPoint Suite, as used in conjunction with HPE NonStop, allows a remote replay attack for T0320L01^ABP through T0320L01^ABZ, T0952L01^AAH through T0952L01^AAR, T0986L01 through T0986L01^AAF, T0665L01^AAP, and T0662L01^AAP L and T0320H01^ABO through T0320H01^ABY, T0952H01^AAG through...
PT-2021-2088
Name of the Vulnerable Software and Affected Versions: Windows Installer affected versions not specified Description: The issue is related to insufficient access restrictions in the Windows Installer component of Microsoft Windows operating systems. This can allow an attacker to elevate their...
PT-2021-2048 · Microsoft · Windows
Name of the Vulnerable Software and Affected Versions: Windows affected versions not specified Description: The issue is related to errors in privilege management in the Windows Event Tracing service, which can be exploited to elevate privileges. This allows an attacker to affect the system. No...
PT-2021-1604 · Microsoft · Sql Server
Name of the Vulnerable Software and Affected Versions: Microsoft SQL Server affected versions not specified Description: The issue is related to insufficient input validation in Microsoft SQL Server, which can be exploited by a remote attacker to execute arbitrary code. This is an...
PT-2021-1848 · Microsoft · Sharepoint Server
Name of the Vulnerable Software and Affected Versions: Microsoft SharePoint affected versions not specified Description: The issue is related to insecure privilege management in Microsoft SharePoint. It allows a remote attacker to exploit the vulnerability, potentially elevating their privileges...
PT-2021-1569 · Microsoft · Windows Multipoint Management +1
Name of the Vulnerable Software and Affected Versions: Windows Multipoint Management affected versions not specified Description: The issue is related to insufficient access restrictions in the Windows Multipoint Management service, which can be exploited to elevate privileges. This could allow a...
EventList's From<EventList> conversions can double drop on panic.
Affected versions of this crate read from a container using ptr::read in From, and then call a user specified Into function. This issue can result in a double-free if the user provided function panics...
RUSTSEC-2021-0011 EventList's From<EventList> conversions can double drop on panic.
Affected versions of this crate read from a container using ptr::read in From, and then call a user specified Into function. This issue can result in a double-free if the user provided function panics...