Lucene search
K

204 matches found

Prion
Prion
added 2022/02/16 11:15 p.m.19 views

Input validation

Drupal core's form API has a vulnerability where certain contributed or custom modules' forms may be vulnerable to improper input validation. This could allow an attacker to inject disallowed values or overwrite data. Affected forms are uncommon, but in certain cases an attacker could alter...

4.3CVSS7.2AI score0.01247EPSS
Exploits0References3Affected Software2
UbuntuCve
UbuntuCve
added 2022/02/16 11:15 p.m.32 views

CVE-2022-25271

Drupal core's form API has a vulnerability where certain contributed or custom modules' forms may be vulnerable to improper input validation. This could allow an attacker to inject disallowed values or overwrite data. Affected forms are uncommon, but in certain cases an attacker could alter...

7.5CVSS7AI score0.01247EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2022/02/16 11:15 p.m.3 views

CVE-2022-25271

Drupal core's form API has a vulnerability where certain contributed or custom modules' forms may be vulnerable to improper input validation. This could allow an attacker to inject disallowed values or overwrite data. Affected forms are uncommon, but in certain cases an attacker could alter...

7.5CVSS7AI score0.01247EPSS
Exploits0References6Affected Software1
OSV
OSV
added 2022/02/16 4:43 p.m.3 views

DRUPAL-CORE-2022-003

Drupal core's form API has a vulnerability where certain contributed or custom modules' forms may be vulnerable to improper input validation. This could allow an attacker to inject disallowed values or overwrite data. Affected forms are uncommon, but in certain cases an attacker could alter...

7.5CVSS6.7AI score0.01247EPSS
Exploits0References1
CNNVD
CNNVD
added 2022/02/16 12:0 a.m.4 views

Drupal 输入验证错误漏洞

Drupal is an open source content management system developed in the PHP language by the Drupal community. Drupal has a security vulnerability that stems from a flaw in the forms API of Drupal core, where certain contributed or custom module forms may be vulnerable to incorrect input validation...

7.5CVSS7.2AI score0.01247EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2022/02/16 12:0 a.m.3 views

PT-2022-1767 · Drupal +1 · Drupal Core +1

Name of the Vulnerable Software and Affected Versions: Drupal core affected versions not specified Description: The issue is related to insufficient input validation in the Drupal core's form API, which may allow an attacker to inject disallowed values or overwrite data. This could potentially...

7.5CVSS6.5AI score0.01247EPSS
Exploits0References26
NVD
NVD
added 2022/01/18 5:15 p.m.10 views

CVE-2021-29632

In FreeBSD 13.0-STABLE before n247428-9352de39c3dc, 12.2-STABLE before r370674, 13.0-RELEASE before p6, and 12.2-RELEASE before p12, certain conditions involving use of the highlight buffer while text is scrolling on the console, console data may overwrite data structures associated with the syst...

7.5CVSS0.00855EPSS
Exploits0References2
OSV
OSV
added 2022/01/01 9:15 p.m.10 views

CVE-2021-45972

The giftrans function in giftrans 1.12.2 contains a stack-based buffer overflow because a value inside the input file determines the amount of data to write. This allows an attacker to overwrite up to 250 bytes outside of the allocated buffer with arbitrary data...

7.1CVSS7.2AI score
Exploits0References3
CNNVD
CNNVD
added 2021/10/27 12:0 a.m.9 views

Cisco Firepower Threat Defense 输入验证错误漏洞

Cisco Firepower Threat Defense FTD is a suite of unified software from Cisco that provides next-generation firewall services. An input validation error vulnerability exists in Cisco Firepower Threat Defense Software that stems from incomplete validation of user input for specific CLI commands. An...

6.6CVSS6.4AI score0.00207EPSS
Exploits0References5
OSV
OSV
added 2021/10/20 2:18 p.m.9 views

OPENSUSE-SU-2021:3487-1 Security update for go1.16

This update for go1.16 fixes the following issues: Update to go1.16.9 - CVE-2021-38297: misc/wasm, cmd/link: do not let command line args overwrite global data bsc1191468...

9.8CVSS9.6AI score0.10299EPSS
Exploits0References4
Veracode
Veracode
added 2021/10/11 4:53 a.m.36 views

Denial Of Service (DoS)

golang is vulnerable to denial of service. The vulnerability exists due to a data overwrite when invoking functions from WASM modules, built using GOARCH=wasm GOOS=js, passing very large arguments...

9.8CVSS3AI score0.10299EPSS
Exploits0References11Affected Software6
OSV
OSV
added 2021/08/09 10:15 a.m.2 views

CVE-2021-37215

The employee management page of Flygo contains an Insecure Direct Object Reference IDOR vulnerability. After being authenticated as a general user, remote attacker can manipulate the user data and then over-write another employee’s user data by specifying that employee’s ID in the API parameter...

4.3CVSS5.8AI score0.00677EPSS
Exploits0References1
Prion
Prion
added 2021/05/25 7:15 p.m.32 views

Code injection

In Arm Trusted Firmware M through 1.2, the NS world may trigger a system halt, an overwrite of secure data, or the printing out of secure data when calling secure functions under the NSPE handler mode...

4.9CVSS5.5AI score0.03093EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2021/05/25 6:27 p.m.6 views

CVE-2021-27562

In Arm Trusted Firmware M through 1.2, the NS world may trigger a system halt, an overwrite of secure data, or the printing out of secure data when calling secure functions under the NSPE handler mode...

5.5AI score0.03093EPSS
Exploits0References2
Veracode
Veracode
added 2021/03/17 4:37 a.m.66 views

Directory Traversal

Linux kernel is vulnerable to directory traversal. An attacker is able to send a malicious LIO block requests to the Linux system to overwrite data on the backing store...

8.1CVSS4.4AI score0.06563EPSS
Exploits0References21Affected Software2
CNVD
CNVD
added 2021/01/25 12:0 a.m.6 views

NetApp Clustered Data ONTAP Arbitrary Data Overwrite Vulnerability

NetApp Clustered Data ONTAP is a storage operating system for use in clustered mode. A security vulnerability exists in NetApp Clustered Data ONTAP that allows remote attackers to exploit the vulnerability by submitting special requests that can overwrite system data...

6.5CVSS6.9AI score0.00889EPSS
Exploits0References1
OSV
OSV
added 2021/01/19 6:15 p.m.4 views

CVE-2020-8581

Clustered Data ONTAP versions prior to 9.3P20 and 9.5 are susceptible to a vulnerability which could allow an authenticated but unauthorized attacker to overwrite arbitrary data when VMware vStorage support is enabled...

6.5CVSS6.7AI score0.00889EPSS
Exploits0References1
CNNVD
CNNVD
added 2021/01/19 12:0 a.m.4 views

Clustered Data ONTAP 安全漏洞

NetApp Clustered Data ONTAP is a storage operating system for use in clustered mode. A security vulnerability exists in NetApp Clustered Data ONTAP that allows remote attackers to exploit the vulnerability by submitting special requests that can overwrite system data...

6.5CVSS5.8AI score0.00889EPSS
Exploits0References2
Cvelist
Cvelist
added 2020/11/09 2:25 p.m.29 views

CVE-2020-8133

A wrong generation of the passphrase for the encrypted block in Nextcloud Server 19.0.1 allowed an attacker to overwrite blocks in a file...

5.1AI score0.00716EPSS
Exploits1References2
OSV
OSV
added 2020/08/25 2:15 p.m.3 views

CVE-2020-14500

Secomea GateManager all versions prior to 9.2c, An attacker can send a negative value and overwrite arbitrary data...

9.8CVSS7.6AI score0.01666EPSS
Exploits0References1
Rows per page
Query Builder