208 matches found
DEBIAN-CVE-2021-44496
An issue was discovered in FIS GT.M through V7.0-000 related to the YottaDB code base. Using crafted input, an attacker can control the size variable and buffer that is passed to a call to memcpy. An attacker can use this to overwrite key data structures and gain control of the flow of execution...
OPENSUSE-SU-2022:0760-1 Security update for the Linux Kernel
The SUSE Linux Enterprise 15 SP3 kernel was updated to receive various security and bugfixes. Transient execution side-channel attacks attacking the Branch History Buffer BHB, named 'Branch Target Injection' and 'Intra-Mode Branch History Injection' are now mitigated. The following security bugs...
Attackers can Exploit Dirty Pipe Linux Vulnerability to Overwrite Data
By Deeba Ahmed The vulnerability has been fixed in Linux versions 5.16.11, 5.15.25, and 5.10.102, and patches will be released soon.… This is a post from HackRead.com Read the original post: Attackers can Exploit Dirty Pipe Linux Vulnerability to Overwrite Data...
The vulnerability of the Drupal content management system, related to insufficient validation of input data, allows a hacker to insert or overwrite arbitrary data.
The vulnerability of the Drupal content management system is related to insufficient validation of input data. Exploiting this vulnerability could allow a hacker to insert or overwrite arbitrary data...
Input validation
Drupal core's form API has a vulnerability where certain contributed or custom modules' forms may be vulnerable to improper input validation. This could allow an attacker to inject disallowed values or overwrite data. Affected forms are uncommon, but in certain cases an attacker could alter...
CVE-2022-25271
Drupal core's form API has a vulnerability where certain contributed or custom modules' forms may be vulnerable to improper input validation. This could allow an attacker to inject disallowed values or overwrite data. Affected forms are uncommon, but in certain cases an attacker could alter...
CVE-2022-25271
Drupal core's form API has a vulnerability where certain contributed or custom modules' forms may be vulnerable to improper input validation. This could allow an attacker to inject disallowed values or overwrite data. Affected forms are uncommon, but in certain cases an attacker could alter...
DRUPAL-CORE-2022-003
Drupal core's form API has a vulnerability where certain contributed or custom modules' forms may be vulnerable to improper input validation. This could allow an attacker to inject disallowed values or overwrite data. Affected forms are uncommon, but in certain cases an attacker could alter...
PT-2022-1767 · Drupal +1 · Drupal Core +1
Name of the Vulnerable Software and Affected Versions: Drupal core affected versions not specified Description: The issue is related to insufficient input validation in the Drupal core's form API, which may allow an attacker to inject disallowed values or overwrite data. This could potentially...
Drupal 输入验证错误漏洞
Drupal is an open source content management system developed in the PHP language by the Drupal community. Drupal has a security vulnerability that stems from a flaw in the forms API of Drupal core, where certain contributed or custom module forms may be vulnerable to incorrect input validation...
CVE-2021-29632
In FreeBSD 13.0-STABLE before n247428-9352de39c3dc, 12.2-STABLE before r370674, 13.0-RELEASE before p6, and 12.2-RELEASE before p12, certain conditions involving use of the highlight buffer while text is scrolling on the console, console data may overwrite data structures associated with the syst...
CVE-2021-45972
The giftrans function in giftrans 1.12.2 contains a stack-based buffer overflow because a value inside the input file determines the amount of data to write. This allows an attacker to overwrite up to 250 bytes outside of the allocated buffer with arbitrary data...
Cisco Firepower Threat Defense 输入验证错误漏洞
Cisco Firepower Threat Defense FTD is a suite of unified software from Cisco that provides next-generation firewall services. An input validation error vulnerability exists in Cisco Firepower Threat Defense Software that stems from incomplete validation of user input for specific CLI commands. An...
OPENSUSE-SU-2021:3487-1 Security update for go1.16
This update for go1.16 fixes the following issues: Update to go1.16.9 - CVE-2021-38297: misc/wasm, cmd/link: do not let command line args overwrite global data bsc1191468...
Denial Of Service (DoS)
golang is vulnerable to denial of service. The vulnerability exists due to a data overwrite when invoking functions from WASM modules, built using GOARCH=wasm GOOS=js, passing very large arguments...
CVE-2021-37215
The employee management page of Flygo contains an Insecure Direct Object Reference IDOR vulnerability. After being authenticated as a general user, remote attacker can manipulate the user data and then over-write another employee’s user data by specifying that employee’s ID in the API parameter...
Code injection
In Arm Trusted Firmware M through 1.2, the NS world may trigger a system halt, an overwrite of secure data, or the printing out of secure data when calling secure functions under the NSPE handler mode...
CVE-2021-27562
In Arm Trusted Firmware M through 1.2, the NS world may trigger a system halt, an overwrite of secure data, or the printing out of secure data when calling secure functions under the NSPE handler mode...
Directory Traversal
Linux kernel is vulnerable to directory traversal. An attacker is able to send a malicious LIO block requests to the Linux system to overwrite data on the backing store...
NetApp Clustered Data ONTAP Arbitrary Data Overwrite Vulnerability
NetApp Clustered Data ONTAP is a storage operating system for use in clustered mode. A security vulnerability exists in NetApp Clustered Data ONTAP that allows remote attackers to exploit the vulnerability by submitting special requests that can overwrite system data...