CVE-2023-29950

swfrender v0.9.2 was discovered to contain a heap buffer overflow in the function enumerateUsedIDsfillstyle at modules/swftools.c...

CVE-2023-29950

swfrender v0.9.2 was discovered to contain a heap buffer overflow in the function enumerateUsedIDsfillstyle at modules/swftools.c...

Improper input validation in Drupal core

Drupal core's form API has a vulnerability where certain contributed or custom modules' forms may be vulnerable to improper input validation. This could allow an attacker to inject disallowed values or overwrite data. Affected forms are uncommon, but in certain cases an attacker could alter...

GHSA-G36H-4JR6-QMM9 Improper input validation in Drupal core

Drupal core's form API has a vulnerability where certain contributed or custom modules' forms may be vulnerable to improper input validation. This could allow an attacker to inject disallowed values or overwrite data. Affected forms are uncommon, but in certain cases an attacker could alter...

CVE-2022-25278

Under certain circumstances, the Drupal core form API evaluates form element access incorrectly. This may lead to a user being able to alter data they should not have access to. No forms provided by Drupal core are known to be vulnerable. However, forms added through contributed or custom modules...

CVE-2022-25278

Under certain circumstances, the Drupal core form API evaluates form element access incorrectly. This may lead to a user being able to alter data they should not have access to. No forms provided by Drupal core are known to be vulnerable. However, forms added through contributed or custom modules...

UBUNTU-CVE-2022-25278

Under certain circumstances, the Drupal core form API evaluates form element access incorrectly. This may lead to a user being able to alter data they should not have access to. No forms provided by Drupal core are known to be vulnerable. However, forms added through contributed or custom modules...

Input validation

Drupal core's form API has a vulnerability where certain contributed or custom modules' forms may be vulnerable to improper input validation. This could allow an attacker to inject disallowed values or overwrite data. Affected forms are uncommon, but in certain cases an attacker could alter...

CVE-2022-25273

Drupal core's form API has a vulnerability where certain contributed or custom modules' forms may be vulnerable to improper input validation. This could allow an attacker to inject disallowed values or overwrite data. Affected forms are uncommon, but in certain cases an attacker could alter...

UBUNTU-CVE-2022-25273

Drupal core's form API has a vulnerability where certain contributed or custom modules' forms may be vulnerable to improper input validation. This could allow an attacker to inject disallowed values or overwrite data. Affected forms are uncommon, but in certain cases an attacker could alter...

CVE-2022-25278

Under certain circumstances, the Drupal core form API evaluates form element access incorrectly. This may lead to a user being able to alter data they should not have access to. No forms provided by Drupal core are known to be vulnerable. However, forms added through contributed or custom modules...

CVE-2022-25273

Drupal core's form API has a vulnerability where certain contributed or custom modules' forms may be vulnerable to improper input validation. This could allow an attacker to inject disallowed values or overwrite data. Affected forms are uncommon, but in certain cases an attacker could alter...

PT-2023-12781 · Drupal · Drupal

Name of the Vulnerable Software and Affected Versions: Drupal core versions prior to the fixed version Description: The form API in Drupal core has a vulnerability that affects certain contributed or custom modules' forms, making them susceptible to improper input validation. This could allow an...

CVE-2022-25278

Under certain circumstances, the Drupal core form API evaluates form element access incorrectly. This may lead to a user being able to alter data they should not have access to. No forms provided by Drupal core are known to be vulnerable. However, forms added through contributed or custom modules...

CVE-2023-28089

An HPE OneView appliance dump may expose FTP credentials for c7000 Interconnect Modules...

CVE-2023-28089

An HPE OneView appliance dump may expose FTP credentials for c7000 Interconnect Modules...

Code injection

An HPE OneView appliance dump may expose FTP credentials for c7000 Interconnect Modules...

CVE-2023-28089

An HPE OneView appliance dump may expose FTP credentials for c7000 Interconnect Modules...

CVE-2023-28089

An HPE OneView appliance dump may expose FTP credentials for c7000 Interconnect Modules...

CVE-2023-28089

CVE-2023-28089 affects HPE OneView appliances. Affected component: the OneView appliance dump may expose FTP credentials for c7000 Interconnect Modules. Root cause details are not provided in the supplied documents. Impact stated: exposure of FTP credentials; CVSS metrics indicate high confidenti...