3974 matches found
Design/Logic Flaw
When doing HTTPS transfers, libcurl might erroneously use the read callback CURLOPTREADFUNCTION to ask for data to send, even when the CURLOPTPOSTFIELDS option has been set, if the same handle previously was used to issue a PUT request which used that callback. This flaw may surprise the...
CVE-2022-32221
When doing HTTPS transfers, libcurl might erroneously use the read callback CURLOPTREADFUNCTION to ask for data to send, even when the CURLOPTPOSTFIELDS option has been set, if the same handle previously was used to issue a PUT request which used that callback. This flaw may surprise the...
CVE-2022-32221
CVE-2022-32221 concerns curl/libcurl where the read callback (CURLOPT_READFUNCTION) may be used for POST data even after a PUT if the same handle was used for a PUT with that callback. This can cause sending the wrong data or memory errors on a subsequent POST. Connected advisories note this affe...
CVE-2022-3383
The Ultimate Member plugin for WordPress is vulnerable to Remote Code Execution in versions up to, and including, 2.5.0 via the getoptionvaluefromcallback function that accepts user supplied input and passes it through calluserfunc. This makes it possible for authenticated attackers, with...
CVE-2022-43590
A null pointer dereference vulnerability exists in the handleioctl0x830a0systembuffer functionality of Callback technologies CBFS Filter 20.0.8317. A specially crafted I/O request packet IRP can lead to denial of service. An attacker can issue an ioctl to trigger this vulnerability...
CVE-2022-43589
A null pointer dereference vulnerability exists in the handleioctl8314C functionality of Callback technologies CBFS Filter 20.0.8317. A specially crafted I/O request packet IRP can lead to denial of service. An attacker can issue an ioctl to trigger this vulnerability...
CVE-2022-43589
A null pointer dereference vulnerability exists in the handleioctl8314C functionality of Callback technologies CBFS Filter 20.0.8317. A specially crafted I/O request packet IRP can lead to denial of service. An attacker can issue an ioctl to trigger this vulnerability...
CVE-2022-43588
A null pointer dereference vulnerability exists in the handleioctl83150 functionality of Callback technologies CBFS Filter 20.0.8317. A specially crafted I/O request packet IRP can lead to denial of service. An attacker can issue an ioctl to trigger this vulnerability...
CVE-2022-43588
A null pointer dereference vulnerability exists in the handleioctl83150 functionality of Callback technologies CBFS Filter 20.0.8317. A specially crafted I/O request packet IRP can lead to denial of service. An attacker can issue an ioctl to trigger this vulnerability...
Null pointer dereference
A null pointer dereference vulnerability exists in the handleioctl0x830a0systembuffer functionality of Callback technologies CBFS Filter 20.0.8317. A specially crafted I/O request packet IRP can lead to denial of service. An attacker can issue an ioctl to trigger this vulnerability...
Null pointer dereference
A null pointer dereference vulnerability exists in the handleioctl83150 functionality of Callback technologies CBFS Filter 20.0.8317. A specially crafted I/O request packet IRP can lead to denial of service. An attacker can issue an ioctl to trigger this vulnerability...
Null pointer dereference
A null pointer dereference vulnerability exists in the handleioctl8314C functionality of Callback technologies CBFS Filter 20.0.8317. A specially crafted I/O request packet IRP can lead to denial of service. An attacker can issue an ioctl to trigger this vulnerability...
CVE-2022-43590
A null pointer dereference vulnerability exists in the handleioctl0x830a0systembuffer functionality of Callback technologies CBFS Filter 20.0.8317. A specially crafted I/O request packet IRP can lead to denial of service. An attacker can issue an ioctl to trigger this vulnerability...
CVE-2022-43590
A null pointer dereference vulnerability exists in the handleioctl0x830a0systembuffer functionality of Callback technologies CBFS Filter 20.0.8317. A specially crafted I/O request packet IRP can lead to denial of service. An attacker can issue an ioctl to trigger this vulnerability...
CVE-2022-43589
CVE-2022-43589 concerns Callback Technologies CBFS Filter 20.0.8317. Talos details a null pointer dereference in the handle_ioctl_8314C IOCTL path; an IRP with IOCTL 0x8314C can trigger a denial of service. The root cause is a null dereference in the IO stack handling when CurrentStackLocation an...
CVE-2022-43589
A null pointer dereference vulnerability exists in the handleioctl8314C functionality of Callback technologies CBFS Filter 20.0.8317. A specially crafted I/O request packet IRP can lead to denial of service. An attacker can issue an ioctl to trigger this vulnerability...
CVE-2022-43588
CVE-2022-43588 is a null pointer dereference in Callback Technologies CBFS Filter 20.0.8317, specifically in handle_ioctl_83150. A specially crafted IRP can trigger a local denial of service by exploiting a missing null check on FileObject before dereferencing FileObject->FsContext2, leading t...
CVE-2022-43588
A null pointer dereference vulnerability exists in the handleioctl83150 functionality of Callback technologies CBFS Filter 20.0.8317. A specially crafted I/O request packet IRP can lead to denial of service. An attacker can issue an ioctl to trigger this vulnerability...
CVE-2022-43588
A null pointer dereference vulnerability exists in the handleioctl83150 functionality of Callback technologies CBFS Filter 20.0.8317. A specially crafted I/O request packet IRP can lead to denial of service. An attacker can issue an ioctl to trigger this vulnerability...
PT-2022-26979 · Callback Technologies · Cbfs Filter
Name of the Vulnerable Software and Affected Versions: Callback technologies CBFS Filter version 20.0.8317 Description: A null pointer dereference issue exists in the handle ioctl 8314C functionality. This can be triggered by a specially crafted I/O request packet IRP, leading to denial of servic...