The Treck TCP/IP stack before 6.0.1.66 has an Ethernet Link Layer Integer Underflow.

6.0.1.66之前的Treck TCP / IP堆栈具有以太网链路层整数下溢。

The Treck TCP/IP stack before 6.0.1.66 improperly handles a Length Parameter Inconsistency in TCP.

6.0.1.66之前的Treck TCP / IP堆栈无法正确处理TCP中的长度参数不一致。

The Treck TCP/IP stack before 4.7.1.27 mishandles '\0' termination in DHCP.

4.7.1.27之前的Treck TCP / IP堆栈在DHCP中错误处理了“ \ 0”终止。

The Treck TCP/IP stack before 6.0.1.66 has an IPv4 Integer Underflow.

6.0.1.66之前的Treck TCP / IP堆栈具有IPv4整数下溢。

The Treck TCP/IP stack before 6.0.1.66 has an ICMPv4 Out-of-bounds Read.

6.0.1.66之前的Treck TCP / IP堆栈具有ICMPv4越界读取。

The Treck TCP/IP stack before 6.0.1.66 has Improper ICMPv4 Access Control.

6.0.1.66之前的Treck TCP / IP堆栈具有不正确的ICMPv4访问控制。

The Treck TCP/IP stack before 6.0.1.66 has a TCP Out-of-bounds Read.

6.0.1.66之前的Treck TCP / IP堆栈具有TCP越界读取。

The Treck TCP/IP stack before 6.0.1.66 has an IPv6 Out-of-bounds Read.

6.0.1.66之前的Treck TCP / IP堆栈具有IPv6越界读取。

The Treck TCP/IP stack before 6.0.1.66 has an ARP Out-of-bounds Read.

6.0.1.66之前的Treck TCP / IP堆栈具有ARP越界读取功能。

MJML prior to 4.6.3 contains a path traversal vulnerability when processing the mj-include directive within an MJML document.

在处理MJML文档中的mj-include指令时，4.6.3之前的MJML包含路径遍历漏洞。

TP-LINK NC200 devices through 2.1.10 build 200401, NC210 devices through 1.0.10 build 200401, NC220 devices through 1.3.1 build 200401, NC230 devices through 1.3.1 build 200401, NC250 devices through 1.3.1 build 200401, NC260 devices through 1.5.3 build_200401, and NC450 devices through 1.5.4 build 200401 have a Buffer Overflow

TP-LINK NC200设备通过2.1.10构建200401，NC210设备通过1.0.10构建200401，NC220设备通过1.3.1构建200401，NC230设备通过1.3.1构建200401，NC250设备通过1.3.1构建200401，NC260设备1.5.3 build_200401之前的版本，以及1.5.4 build 200401之前的NC450设备都有缓冲区溢出

An issue was discovered in the stashcat app through 3.9.2 for macOS, Windows, Android, iOS, and possibly other platforms. It stores the client_key, the device_id, and the public key for end-to-end encryption in cleartext, enabling an attacker (by copying or having access to the local storage database file) to login to the system from any other computer, and get unlimited access to all data in the users's context.

在macOS，Windows，Android，iOS以及其他可能的平台上，通过3.9.2在stashcat应用程序中发现了一个问题。它以明文形式存储用于端到端加密的client_key，device_id和公共密钥，从而使攻击者（通过复制或访问本地存储数据库文件）可以从任何其他计算机登录到系统，并获得无限制地访问用户上下文中的所有数据。

Go version v0.3.3 of the x/text package fixes a vulnerability in encoding/unicode that could lead to the UTF-16 decoder entering an infinite loop, causing the program to crash or run out of memory. An attacker could provide a single byte to a UTF16 decoder instantiated with UseBOM or ExpectBOM to trigger an infinite loop if the String function on the Decoder is called, or the Decoder is passed to golang.org/x/text/transform.String.

Go x / text软件包的v0.3.3版本修复了编码/ unicode中的一个漏洞，该漏洞可能导致UTF-16解码器进入无限循环，从而导致程序崩溃或内存不足。如果调用Decoder上的String函数，或者将Decoder传递给golang.org/x/text/transform.String，则攻击者可能会向UseFOM或ExpectBOM实例化的UTF16解码器提供一个字节，以触发无限循环。

The wireless-communication feature of the ABUS Secvest FUBE50001 device does not encrypt sensitive data such as PIN codes or IDs of used proximity chip keys (RFID tokens). This makes it easier for an attacker to disarm the wireless alarm system.

ABUS Secvest FUBE50001设备的无线通信功能不加密敏感数据，例如PIN码或使用的接近芯片密钥（RFID令牌）的ID。这使攻击者更容易撤防无线警报系统。

A SQL injection issue in color.php in Cacti 1.2.12 allows an admin to inject SQL via the filter parameter. This can lead to remote command execution because the product accepts stacked queries.

Cacti 1.2.12中color.php中的SQL注入问题允许管理员通过filter参数注入SQL。因为产品接受堆叠的查询，所以这可能导致远程命令执行。

An issue was discovered in LibVNCServer before 0.9.13. libvncclient/tls_openssl.c has a NULL pointer dereference.

在0.9.13之前的LibVNCServer中发现了一个问题。 libvncclient / tls_openssl.c具有空指针取消引用。

An issue was discovered in LibVNCServer before 0.9.13. libvncserver/rfbregion.c has a NULL pointer dereference.

在0.9.13之前的LibVNCServer中发现了一个问题。 libvncserver / rfbregion.c具有空指针取消引用。

An issue was discovered in LibVNCServer before 0.9.13. An improperly closed TCP connection causes an infinite loop in libvncclient/sockets.c.

在0.9.13之前的LibVNCServer中发现了一个问题。 TCP连接不正确会导致libvncclient / sockets.c中出现无限循环。

An issue was discovered in LibVNCServer before 0.9.13. Byte-aligned data is accessed through uint32_t pointers in libvncclient/rfbproto.c.

在0.9.13之前的LibVNCServer中发现了一个问题。通过libvncclient / rfbproto.c中的uint32_t指针访问字节对齐的数据。

An issue was discovered in LibVNCServer before 0.9.13. Byte-aligned data is accessed through uint16_t pointers in libvncserver/translate.c.

在0.9.13之前的LibVNCServer中发现了一个问题。通过libvncserver / translate.c中的uint16_t指针访问字节对齐的数据。

An issue was discovered in LibVNCServer before 0.9.13. libvncserver/scale.c has a pixel_value integer overflow.

在0.9.13之前的LibVNCServer中发现了一个问题。 libvncserver / scale.c有一个pixel_value整数溢出。

An issue was discovered in LibVNCServer before 0.9.13. libvncserver/corre.c allows out-of-bounds access via encodings.

在0.9.13之前的LibVNCServer中发现了一个问题。 libvncserver / corre.c允许通过编码进行越界访问。

An issue was discovered in LibVNCServer before 0.9.13. libvncserver/hextile.c allows out-of-bounds access via encodings.

在0.9.13之前的LibVNCServer中发现了一个问题。 libvncserver / hextile.c允许通过编码进行越界访问。

An issue was discovered in LibVNCServer before 0.9.13. libvncserver/rre.c allows out-of-bounds access via encodings.

在0.9.13之前的LibVNCServer中发现了一个问题。 libvncserver / rre.c允许通过编码进行越界访问。

An issue was discovered in LibVNCServer before 0.9.13. libvncclient/rfbproto.c does not limit TextChat size.

在0.9.13之前的LibVNCServer中发现了一个问题。 libvncclient / rfbproto.c不限制TextChat的大小。

An issue was discovered in Agentejo Cockpit 0.10.2. Insufficient sanitization of the to parameter in the /auth/login route allows for injection of arbitrary JavaScript code into a web page's content, creating a Reflected XSS attack vector.

在Agentejo Cockpit 0.10.2中发现了一个问题。 / auth / login路由中对to参数的不正确处理会导致将任意JavaScript代码注入到网页的内容中，从而创建了Reflected XSS攻击向量。

A vulnerability in the CLI of Cisco Enterprise NFV Infrastructure Software (NFVIS) could allow an authenticated, local attacker to gain root shell access to the underlying operating system and overwrite or read arbitrary files. The attacker would need valid administrative credentials. This vulnerability is due to improper input validation of CLI command arguments. An attacker could exploit this vulnerability by using path traversal techniques when executing a vulnerable command. A successful exploit could allow the attacker to gain root shell access to the underlying operating system and overwrite or read arbitrary files on an affected device.

思科企业NFV基础架构软件（NFVIS）的CLI中的漏洞可能允许经过身份验证的本地攻击者获得对基础操作系统的root shell访问权限，并覆盖或读取任意文件。攻击者将需要有效的管理凭据。此漏洞是由于CLI命令参数的输入验证不正确引起的。攻击者在执行易受攻击的命令时可以通过使用路径遍历技术来利用此漏洞。成功利用此漏洞可能使攻击者获得对基础操作系统的root shell访问权限，并覆盖或读取受影响设备上的任意文件。

A vulnerability in the orchestration tasks of Cisco UCS Director could allow an authenticated, remote attacker to perform a path traversal attack on an affected device. The vulnerability is due to insufficient validation of user-supplied input on the web-based management interface. An attacker could exploit this vulnerability by creating a task with specific configuration parameters. A successful exploit could allow the attacker to overwrite arbitrary files in the file system of an affected device.

Cisco UCS Director的编排任务中的漏洞可能允许经过身份验证的远程攻击者对受影响的设备执行路径遍历攻击。该漏洞是由于对基于Web的管理界面上用户提供的输入的验证不足而引起的。攻击者可以通过创建具有特定配置参数的任务来利用此漏洞。成功利用此漏洞可能使攻击者覆盖受影响设备的文件系统中的任意文件。

A vulnerability in the REST API of Cisco UCS Director could allow an authenticated, remote attacker with administrative privileges to obtain confidential information from an affected device. The vulnerability exists because confidential information is returned as part of an API response. An attacker could exploit this vulnerability by sending a crafted request to the API. A successful exploit could allow the attacker to obtain the API key of another user, which would allow the attacker to impersonate the account of that user on the affected device. To exploit this vulnerability, the attacker must have administrative privileges on the device.

Cisco UCS Director REST API中的漏洞可能允许经过身份验证的具有管理特权的远程攻击者从受影响的设备获取机密信息。存在此漏洞是因为机密信息是作为API响应的一部分返回的。攻击者可以通过向API发送精心设计的请求来利用此漏洞。成功的利用可能使攻击者获得另一个用户的API密钥，这将使攻击者可以在受影响的设备上模拟该用户的帐户。要利用此漏洞，攻击者必须在设备上具有管理特权。

A vulnerability in the Enhanced Charging Service (ECS) functionality of Cisco ASR 5000 Series Aggregation Services Routers could allow an unauthenticated, remote attacker to bypass the traffic classification rules on an affected device. The vulnerability is due to insufficient input validation of user traffic going through an affected device. An attacker could exploit this vulnerability by sending a malformed HTTP request to an affected device. A successful exploit could allow the attacker to bypass the traffic classification rules and potentially avoid being charged for traffic consumption.

Cisco ASR 5000系列汇聚服务路由器的增强计费服务（ECS）功能中的漏洞可能允许未经身份验证的远程攻击者绕过受影响设备上的流量分类规则。该漏洞是由于对通过受影响设备的用户流量的输入验证不充分造成的。攻击者可以通过向受影响的设备发送格式错误的HTTP请求来利用此漏洞。成功的利用可能使攻击者绕过流量分类规则，并可能避免为流量消耗付费。