誤りがあった場合はTwitterに報告をお願いします。-> Twitter《Har-sia》
Hardware allows activation of test or debug logic at runtime for some Intel(R) processors which may allow an unauthenticated user to potentially enable escalation of privilege via physical access.
Highest Score:50 (2021/11/16)
脆弱性情報:Har-sia CVE-2021-0146
管理者コメント
(自動翻訳)脆弱性まとめる際にここに自動翻訳を挿入します。次月までお待ちください。(自動翻訳ここまで)
###---###
An issue has been discovered in GitLab CE/EE affecting all versions starting from 11.9. GitLab was not properly validating image files that were passed to a file parser which resulted in a remote command execution.
Highest Score:40 (2021/11/04)
脆弱性情報:Har-sia CVE-2021-22205
管理者コメント
(自動翻訳)脆弱性まとめる際にここに自動翻訳を挿入します。次月までお待ちください。(自動翻訳ここまで)
###---###
A memory corruption vulnerability exists in Palo Alto Networks GlobalProtect portal and gateway interfaces that enables an unauthenticated network-based attacker to disrupt system processes and potentially execute arbitrary code with root privileges. The attacker must have network access to the GlobalProtect interface to exploit this issue. This issue impacts PAN-OS 8.1 versions earlier than PAN-OS 8.1.17. Prisma Access customers are not impacted by this issue.
Highest Score:147 (2021/11/11)
脆弱性情報:Har-sia CVE-2021-3064
管理者コメント
(自動翻訳)脆弱性まとめる際にここに自動翻訳を挿入します。次月までお待ちください。(自動翻訳ここまで)
###---###
A vulnerability in the key-based SSH authentication mechanism of Cisco Policy Suite could allow an unauthenticated, remote attacker to log in to an affected system as the root user. This vulnerability is due to the re-use of static SSH keys across installations. An attacker could exploit this vulnerability by extracting a key from a system under their control. A successful exploit could allow the attacker to log in to an affected system as the root user.
Highest Score:40 (2021/11/05)
脆弱性情報:Har-sia CVE-2021-40119
管理者コメント
(自動翻訳)脆弱性まとめる際にここに自動翻訳を挿入します。次月までお待ちください。(自動翻訳ここまで)
###---###
Windows Installer Elevation of Privilege Vulnerability
Highest Score:71 (2021/11/24)
脆弱性情報:Har-sia CVE-2021-41379
管理者コメント
(自動翻訳)脆弱性まとめる際にここに自動翻訳を挿入します。次月までお待ちください。(自動翻訳ここまで)
###---###
Microsoft Excel Security Feature Bypass Vulnerability
Highest Score:81 (2021/11/10)
脆弱性情報:Har-sia CVE-2021-42292
管理者コメント
(自動翻訳)脆弱性まとめる際にここに自動翻訳を挿入します。次月までお待ちください。(自動翻訳ここまで)
###---###
Microsoft Exchange Server Remote Code Execution Vulnerability
Highest Score:95 (2021/11/10)
脆弱性情報:Har-sia CVE-2021-42321
管理者コメント
(自動翻訳)脆弱性まとめる際にここに自動翻訳を挿入します。次月までお待ちください。(自動翻訳ここまで)
###---###
An issue was discovered in the Bidirectional Algorithm in the Unicode Specification through 14.0. It permits the visual reordering of characters via control sequences, which can be used to craft source code that renders different logic than the logical ordering of tokens ingested by compilers and interpreters. Adversaries can leverage this to encode source code for compilers accepting Unicode such that targeted vulnerabilities are introduced invisibly to human reviewers.
Highest Score:68 (2021/11/02)
脆弱性情報:Har-sia CVE-2021-42574
管理者コメント
(自動翻訳)脆弱性まとめる際にここに自動翻訳を挿入します。次月までお待ちください。(自動翻訳ここまで)
###---###
An issue was discovered in net/tipc/crypto.c in the Linux kernel before 5.14.16. The Transparent Inter-Process Communication (TIPC) functionality allows remote attackers to exploit insufficient validation of user-supplied sizes for the MSG_CRYPTO message type.
Highest Score:47 (2021/11/05)
脆弱性情報:Har-sia CVE-2021-43267
管理者コメント
(自動翻訳)脆弱性まとめる際にここに自動翻訳を挿入します。次月までお待ちください。(自動翻訳ここまで)
###---###
計9件
Tweet