» 2021 » 9월

CVE-2021-3666

Posted on 2021년 9월 14일2021년 9월 14일 by admin

CVE-2021-3666

body-parser-xml is vulnerable to Improperly Controlled Modification of Object Prototype Attributes (‘Prototype Pollution’)

Source: CVE-2021-3666

CVE-2021-33554

Posted on 2021년 9월 14일2021년 9월 14일 by admin

CVE-2021-33554

Multiple camera devices by UDP Technology, GeutebrÃƒÂ¼ck and other vendors are vulnerable to command injection, which may allow an attacker to remotely execute arbitrary code.

Source: CVE-2021-33554

CVE-2021-33553

Posted on 2021년 9월 14일2021년 9월 14일 by admin

CVE-2021-33553

Multiple camera devices by UDP Technology, GeutebrÃƒÂ¼ck and other vendors are vulnerable to command injection, which may allow an attacker to remotely execute arbitrary code.

Source: CVE-2021-33553

CVE-2021-33552

Posted on 2021년 9월 14일2021년 9월 14일 by admin

CVE-2021-33552

Multiple camera devices by UDP Technology, GeutebrÃƒÂ¼ck and other vendors are vulnerable to command injection, which may allow an attacker to remotely execute arbitrary code.

Source: CVE-2021-33552

CVE-2021-33551

Posted on 2021년 9월 14일2021년 9월 14일 by admin

CVE-2021-33551

Multiple camera devices by UDP Technology, GeutebrÃƒÂ¼ck and other vendors are vulnerable to command injection, which may allow an attacker to remotely execute arbitrary code.

Source: CVE-2021-33551

CVE-2021-33550

Posted on 2021년 9월 14일2021년 9월 14일 by admin

CVE-2021-33550

Multiple camera devices by UDP Technology, GeutebrÃƒÂ¼ck and other vendors are vulnerable to command injection, which may allow an attacker to remotely execute arbitrary code.

Source: CVE-2021-33550

CVE-2021-39212

Posted on 2021년 9월 14일2021년 9월 14일 by admin

CVE-2021-39212

ImageMagick is free software delivered as a ready-to-run binary distribution or as source code that you may use, copy, modify, and distribute in both open and proprietary applications. In affected versions and in certain cases, Postscript files could be read and written when specifically excluded by a `module` policy in `policy.xml`. ex. <policy domain="module" rights="none" pattern="PS" />. The issue has been resolved in ImageMagick 7.1.0-7 and in 6.9.12-22. Fortunately, in the wild, few users utilize the `module` policy and instead use the `coder` policy that is also our workaround recommendation: <policy domain="coder" rights="none" pattern="{PS,EPI,EPS,EPSF,EPSI}" />.

Source: CVE-2021-39212

CVE-2021-33547

Posted on 2021년 9월 14일2021년 9월 14일 by admin

CVE-2021-33547

Multiple camera devices by UDP Technology, GeutebrÃ¼ck and other vendors are vulnerable to a stack-based buffer overflow condition in the profile parameter which may allow an attacker to remotely execute arbitrary code.

Source: CVE-2021-33547

CVE-2021-33549

Posted on 2021년 9월 14일2021년 9월 14일 by admin

CVE-2021-33549

Multiple camera devices by UDP Technology, GeutebrÃƒÂ¼ck and other vendors are vulnerable to a stack-based buffer overflow condition in the action parameter, which may allow an attacker to remotely execute arbitrary code.

Source: CVE-2021-33549

CVE-2021-33546

Posted on 2021년 9월 14일2021년 9월 14일 by admin

CVE-2021-33546

Multiple camera devices by UDP Technology, GeutebrÃƒÂ¼ck and other vendors are vulnerable to a stack-based buffer overflow condition in the name parameter, which may allow an attacker to remotely execute arbitrary code.

Source: CVE-2021-33546