Home

2021年07月の脆弱性

誤りがあった場合はTwitterに報告をお願いします。-> Twitter《Har-sia》

今月話題になった脆弱性まとめ

CVE-2021-1675

Description from NVD

Windows Print Spooler Elevation of Privilege Vulnerability

Information Acquisition Date:2021/08/01
CVSS 2.0: 9.3 HIGH CVSS 3.x: 8.8 HIGH
This vulnerability may involve a PoC.

Description from Forti

Microsoft: Windows Print Spooler Elevation of Privilege Vulnerability

Information Acquisition Date:2021/07/07

Affected Products

Impact

Recommended Actions

References


Highest Score:408 (2021/07/01)

脆弱性情報:Har-sia CVE-2021-1675


管理者コメント

(自動翻訳)脆弱性まとめる際にここに自動翻訳を挿入します。次月までお待ちください。(自動翻訳ここまで)

###---###

参考URL:

上に戻る


CVE-2021-22555

Description from NVD

A heap out-of-bounds write affecting Linux since v2.6.19-rc1 was discovered in net/netfilter/x_tables.c. This allows an attacker to gain privileges or cause a DoS (via heap memory corruption) through user name space

Information Acquisition Date:2021/08/01
CVSS 2.0: 4.6 MEDIUM CVSS 3.x: 7.8 HIGH
This vulnerability may involve a PoC.

Highest Score:69 (2021/07/15)

脆弱性情報:Har-sia CVE-2021-22555


管理者コメント

(自動翻訳)脆弱性まとめる際にここに自動翻訳を挿入します。次月までお待ちください。(自動翻訳ここまで)

###---###

参考URL:

上に戻る


CVE-2021-30807


Highest Score:120 (2021/07/27)

脆弱性情報:Har-sia CVE-2021-30807


管理者コメント

(自動翻訳)脆弱性まとめる際にここに自動翻訳を挿入します。次月までお待ちください。(自動翻訳ここまで)

###---###

参考URL:

上に戻る


CVE-2021-33909

Description from NVD

fs/seq_file.c in the Linux kernel 3.16 through 5.13.x before 5.13.4 does not properly restrict seq buffer allocations, leading to an integer overflow, an Out-of-bounds Write, and escalation to root by an unprivileged user, aka CID-8cae8cd89f05.

Information Acquisition Date:2021/08/01
CVSS 2.0: 7.2 HIGH CVSS 3.x: 7.8 HIGH
This vulnerability may involve a PoC.

Highest Score:173 (2021/07/21)

脆弱性情報:Har-sia CVE-2021-33909


管理者コメント

(自動翻訳)脆弱性まとめる際にここに自動翻訳を挿入します。次月までお待ちください。(自動翻訳ここまで)

###---###

参考URL:

上に戻る


CVE-2021-33910

Description from NVD

basic/unit-name.c in systemd prior to 246.15, 247.8, 248.5, and 249.1 has a Memory Allocation with an Excessive Size Value (involving strdupa and alloca for a pathname controlled by a local attacker) that results in an operating system crash.

Information Acquisition Date:2021/08/01
CVSS 2.0: 4.9 MEDIUM CVSS 3.x: 5.5 MEDIUM

Highest Score:47 (2021/07/21)

脆弱性情報:Har-sia CVE-2021-33910


管理者コメント

(自動翻訳)脆弱性まとめる際にここに自動翻訳を挿入します。次月までお待ちください。(自動翻訳ここまで)

###---###

参考URL:

上に戻る


CVE-2021-3438

Description from NVD

A potential buffer overflow in the software drivers for certain HP LaserJet products and Samsung product printers could lead to an escalation of privilege.

Information Acquisition Date:2021/08/01
CVSS 2.0: 4.6 MEDIUM CVSS 3.x: 7.8 HIGH

Highest Score:77 (2021/07/21)

脆弱性情報:Har-sia CVE-2021-3438


管理者コメント

(自動翻訳)脆弱性まとめる際にここに自動翻訳を挿入します。次月までお待ちください。(自動翻訳ここまで)

###---###

参考URL:

上に戻る


CVE-2021-34481

Description from NVD

Windows Print Spooler Elevation of Privilege Vulnerability

Information Acquisition Date:2021/08/01
CVSS 2.0: 4.6 MEDIUM CVSS 3.x: 7.8 HIGH

Highest Score:78 (2021/07/16)

脆弱性情報:Har-sia CVE-2021-34481


管理者コメント

(自動翻訳)脆弱性まとめる際にここに自動翻訳を挿入します。次月までお待ちください。(自動翻訳ここまで)

###---###

参考URL:

上に戻る


CVE-2021-34527

Description from NVD

Windows Print Spooler Remote Code Execution Vulnerability

Information Acquisition Date:2021/08/01
CVSS 2.0: 9.0 HIGH CVSS 3.x: 8.8 HIGH
This vulnerability may involve a PoC.

Description from Forti

Information Acquisition Date:2020/01/22

Affected Products

Impact

Recommended Actions

References


Highest Score:287 (2021/07/07)

脆弱性情報:Har-sia CVE-2021-34527


管理者コメント

(自動翻訳)脆弱性まとめる際にここに自動翻訳を挿入します。次月までお待ちください。(自動翻訳ここまで)

###---###

参考URL:

上に戻る


CVE-2021-35211

Description from NVD

Microsoft discovered a remote code execution (RCE) vulnerability in the SolarWinds Serv-U product utilizing a Remote Memory Escape Vulnerability. If exploited, a threat actor may be able to gain privileged access to the machine hosting Serv-U Only. SolarWinds Serv-U Managed File Transfer and Serv-U Secure FTP for Windows before 15.2.3 HF2 are affected by this vulnerability.

Information Acquisition Date:2021/08/01
CVSS 2.0: 10.0 HIGH CVSS 3.x: 10.0 CRITICAL

Highest Score:70 (2021/07/13)

脆弱性情報:Har-sia CVE-2021-35211


管理者コメント

(自動翻訳)脆弱性まとめる際にここに自動翻訳を挿入します。次月までお待ちください。(自動翻訳ここまで)

###---###

参考URL:

上に戻る


CVE-2021-36934

Description from NVD

Windows Elevation of Privilege Vulnerability

Information Acquisition Date:2021/08/01
CVSS 2.0: 4.6 MEDIUM CVSS 3.x: 7.8 HIGH
This vulnerability may involve a PoC.

Highest Score:146 (2021/07/21)

脆弱性情報:Har-sia CVE-2021-36934


管理者コメント

(自動翻訳)脆弱性まとめる際にここに自動翻訳を挿入します。次月までお待ちください。(自動翻訳ここまで)

###---###

参考URL:

上に戻る


計10件

Tweet