» 2021 » 10월

CVE-2021-36808

Posted on 2021년 10월 30일2021년 10월 30일 by admin

CVE-2021-36808

A local attacker could bypass the app password using a race condition in Sophos Secure Workspace for Android before version 9.7.3115.

Source: CVE-2021-36808

CVE-2021-1123

Posted on 2021년 10월 30일2021년 10월 30일 by admin

CVE-2021-1123

NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager (vGPU plugin), where it can deadlock, which may lead to denial of service.

Source: CVE-2021-1123

CVE-2021-1122

Posted on 2021년 10월 30일2021년 10월 30일 by admin

CVE-2021-1122

NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager (vGPU plugin), where it can dereference a NULL pointer, which may lead to denial of service.

Source: CVE-2021-1122

CVE-2020-25881

Posted on 2021년 10월 30일2021년 10월 30일 by admin

CVE-2020-25881

A vulnerability was discovered in the filename parameter in pathindex.php?r=cms-backend/attachment/delete&sub=&filename=../../../../111.txt&filetype=image/jpeg of the master version of RKCMS. This vulnerability allows for an attacker to perform a directory traversal via a crafted .txt file.

Source: CVE-2020-25881

CVE-2021-1118

Posted on 2021년 10월 30일2021년 10월 30일 by admin

CVE-2021-1118

NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager (vGPU plugin), where there is the potential to execute privileged operations by the guest OS, which may lead to information disclosure, data tampering, escalation of privileges, and denial of service

Source: CVE-2021-1118

CVE-2021-1119

Posted on 2021년 10월 30일2021년 10월 30일 by admin

CVE-2021-1119

NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager (vGPU plugin), where it can double-free a pointer, which may lead to denial of service. This flaw may result in a write-what-where condition, allowing an attacker to execute arbitrary code impacting integrity and availability.

Source: CVE-2021-1119

CVE-2021-1120

Posted on 2021년 10월 30일2021년 10월 30일 by admin

CVE-2021-1120

NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager (vGPU plugin), where a string provided by the guest OS may not be properly null terminated. The guest OS or attacker has no ability to push content to the plugin through this vulnerability, which may lead to information disclosure, data tampering, unauthorized code execution, and denial of service.

Source: CVE-2021-1120

CVE-2021-1121

Posted on 2021년 10월 30일2021년 10월 30일 by admin

CVE-2021-1121

NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager kernel driver, where a vGPU can cause resource starvation among other vGPUs hosted on the same GPU, which may lead to denial of service.

Source: CVE-2021-1121

CVE-2020-25873

Posted on 2021년 10월 30일2021년 10월 30일 by admin

CVE-2020-25873

A directory traversal vulnerability in the component system/manager/class/web/database.php was discovered in Baijiacms V4 which allows attackers to arbitrarily delete folders on the server via the "id" parameter.

Source: CVE-2020-25873

CVE-2020-25872

Posted on 2021년 10월 30일2021년 10월 30일 by admin

CVE-2020-25872

A vulnerability exists within the FileManagerController.php function in FrogCMS 0.9.5 which allows an attacker to perform a directory traversal attack via a GET request urlencode parameter.

Source: CVE-2020-25872