204 matches found
Input validation
Drupal core's form API has a vulnerability where certain contributed or custom modules' forms may be vulnerable to improper input validation. This could allow an attacker to inject disallowed values or overwrite data. Affected forms are uncommon, but in certain cases an attacker could alter...
CVE-2022-25271
Drupal core's form API has a vulnerability where certain contributed or custom modules' forms may be vulnerable to improper input validation. This could allow an attacker to inject disallowed values or overwrite data. Affected forms are uncommon, but in certain cases an attacker could alter...
CVE-2022-25271
Drupal core's form API has a vulnerability where certain contributed or custom modules' forms may be vulnerable to improper input validation. This could allow an attacker to inject disallowed values or overwrite data. Affected forms are uncommon, but in certain cases an attacker could alter...
DRUPAL-CORE-2022-003
Drupal core's form API has a vulnerability where certain contributed or custom modules' forms may be vulnerable to improper input validation. This could allow an attacker to inject disallowed values or overwrite data. Affected forms are uncommon, but in certain cases an attacker could alter...
Drupal 输入验证错误漏洞
Drupal is an open source content management system developed in the PHP language by the Drupal community. Drupal has a security vulnerability that stems from a flaw in the forms API of Drupal core, where certain contributed or custom module forms may be vulnerable to incorrect input validation...
PT-2022-1767 · Drupal +1 · Drupal Core +1
Name of the Vulnerable Software and Affected Versions: Drupal core affected versions not specified Description: The issue is related to insufficient input validation in the Drupal core's form API, which may allow an attacker to inject disallowed values or overwrite data. This could potentially...
CVE-2021-29632
In FreeBSD 13.0-STABLE before n247428-9352de39c3dc, 12.2-STABLE before r370674, 13.0-RELEASE before p6, and 12.2-RELEASE before p12, certain conditions involving use of the highlight buffer while text is scrolling on the console, console data may overwrite data structures associated with the syst...
CVE-2021-45972
The giftrans function in giftrans 1.12.2 contains a stack-based buffer overflow because a value inside the input file determines the amount of data to write. This allows an attacker to overwrite up to 250 bytes outside of the allocated buffer with arbitrary data...
Cisco Firepower Threat Defense 输入验证错误漏洞
Cisco Firepower Threat Defense FTD is a suite of unified software from Cisco that provides next-generation firewall services. An input validation error vulnerability exists in Cisco Firepower Threat Defense Software that stems from incomplete validation of user input for specific CLI commands. An...
OPENSUSE-SU-2021:3487-1 Security update for go1.16
This update for go1.16 fixes the following issues: Update to go1.16.9 - CVE-2021-38297: misc/wasm, cmd/link: do not let command line args overwrite global data bsc1191468...
Denial Of Service (DoS)
golang is vulnerable to denial of service. The vulnerability exists due to a data overwrite when invoking functions from WASM modules, built using GOARCH=wasm GOOS=js, passing very large arguments...
CVE-2021-37215
The employee management page of Flygo contains an Insecure Direct Object Reference IDOR vulnerability. After being authenticated as a general user, remote attacker can manipulate the user data and then over-write another employee’s user data by specifying that employee’s ID in the API parameter...
Code injection
In Arm Trusted Firmware M through 1.2, the NS world may trigger a system halt, an overwrite of secure data, or the printing out of secure data when calling secure functions under the NSPE handler mode...
CVE-2021-27562
In Arm Trusted Firmware M through 1.2, the NS world may trigger a system halt, an overwrite of secure data, or the printing out of secure data when calling secure functions under the NSPE handler mode...
Directory Traversal
Linux kernel is vulnerable to directory traversal. An attacker is able to send a malicious LIO block requests to the Linux system to overwrite data on the backing store...
NetApp Clustered Data ONTAP Arbitrary Data Overwrite Vulnerability
NetApp Clustered Data ONTAP is a storage operating system for use in clustered mode. A security vulnerability exists in NetApp Clustered Data ONTAP that allows remote attackers to exploit the vulnerability by submitting special requests that can overwrite system data...
CVE-2020-8581
Clustered Data ONTAP versions prior to 9.3P20 and 9.5 are susceptible to a vulnerability which could allow an authenticated but unauthorized attacker to overwrite arbitrary data when VMware vStorage support is enabled...
Clustered Data ONTAP 安全漏洞
NetApp Clustered Data ONTAP is a storage operating system for use in clustered mode. A security vulnerability exists in NetApp Clustered Data ONTAP that allows remote attackers to exploit the vulnerability by submitting special requests that can overwrite system data...
CVE-2020-8133
A wrong generation of the passphrase for the encrypted block in Nextcloud Server 19.0.1 allowed an attacker to overwrite blocks in a file...
CVE-2020-14500
Secomea GateManager all versions prior to 9.2c, An attacker can send a negative value and overwrite arbitrary data...