Lucene search
K

208 matches found

OSV
OSV
added 2022/04/15 6:15 p.m.2 views

DEBIAN-CVE-2021-44496

An issue was discovered in FIS GT.M through V7.0-000 related to the YottaDB code base. Using crafted input, an attacker can control the size variable and buffer that is passed to a call to memcpy. An attacker can use this to overwrite key data structures and gain control of the flow of execution...

9.8CVSS8.8AI score0.01961EPSS
Exploits0References1
OSV
OSV
added 2022/03/08 6:6 p.m.10 views

OPENSUSE-SU-2022:0760-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP3 kernel was updated to receive various security and bugfixes. Transient execution side-channel attacks attacking the Branch History Buffer BHB, named 'Branch Target Injection' and 'Intra-Mode Branch History Injection' are now mitigated. The following security bugs...

7.8CVSS7.7AI score0.88106EPSS
Exploits113References63
HackRead
HackRead
added 2022/03/08 3:47 p.m.15 views

Attackers can Exploit Dirty Pipe Linux Vulnerability to Overwrite Data

By Deeba Ahmed The vulnerability has been fixed in Linux versions 5.16.11, 5.15.25, and 5.10.102, and patches will be released soon.… This is a post from HackRead.com Read the original post: Attackers can Exploit Dirty Pipe Linux Vulnerability to Overwrite Data...

4.2AI score
Exploits0
BDU FSTEC
BDU FSTEC
added 2022/03/04 12:0 a.m.7 views

The vulnerability of the Drupal content management system, related to insufficient validation of input data, allows a hacker to insert or overwrite arbitrary data.

The vulnerability of the Drupal content management system is related to insufficient validation of input data. Exploiting this vulnerability could allow a hacker to insert or overwrite arbitrary data...

7.4CVSS7.3AI score0.01247EPSS
Exploits0References5Affected Software2
Prion
Prion
added 2022/02/16 11:15 p.m.19 views

Input validation

Drupal core's form API has a vulnerability where certain contributed or custom modules' forms may be vulnerable to improper input validation. This could allow an attacker to inject disallowed values or overwrite data. Affected forms are uncommon, but in certain cases an attacker could alter...

4.3CVSS7.2AI score0.01247EPSS
Exploits0References3Affected Software2
ATTACKERKB
ATTACKERKB
added 2022/02/16 11:15 p.m.3 views

CVE-2022-25271

Drupal core's form API has a vulnerability where certain contributed or custom modules' forms may be vulnerable to improper input validation. This could allow an attacker to inject disallowed values or overwrite data. Affected forms are uncommon, but in certain cases an attacker could alter...

7.5CVSS7AI score0.01247EPSS
Exploits0References6Affected Software1
UbuntuCve
UbuntuCve
added 2022/02/16 11:15 p.m.37 views

CVE-2022-25271

Drupal core's form API has a vulnerability where certain contributed or custom modules' forms may be vulnerable to improper input validation. This could allow an attacker to inject disallowed values or overwrite data. Affected forms are uncommon, but in certain cases an attacker could alter...

7.5CVSS7AI score0.01247EPSS
Exploits0References2
OSV
OSV
added 2022/02/16 4:43 p.m.4 views

DRUPAL-CORE-2022-003

Drupal core's form API has a vulnerability where certain contributed or custom modules' forms may be vulnerable to improper input validation. This could allow an attacker to inject disallowed values or overwrite data. Affected forms are uncommon, but in certain cases an attacker could alter...

7.5CVSS6.7AI score0.01247EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2022/02/16 12:0 a.m.3 views

PT-2022-1767 · Drupal +1 · Drupal Core +1

Name of the Vulnerable Software and Affected Versions: Drupal core affected versions not specified Description: The issue is related to insufficient input validation in the Drupal core's form API, which may allow an attacker to inject disallowed values or overwrite data. This could potentially...

7.5CVSS6.5AI score0.01247EPSS
Exploits0References26
CNNVD
CNNVD
added 2022/02/16 12:0 a.m.5 views

Drupal 输入验证错误漏洞

Drupal is an open source content management system developed in the PHP language by the Drupal community. Drupal has a security vulnerability that stems from a flaw in the forms API of Drupal core, where certain contributed or custom module forms may be vulnerable to incorrect input validation...

7.5CVSS7.2AI score0.01247EPSS
Exploits0References7
NVD
NVD
added 2022/01/18 5:15 p.m.11 views

CVE-2021-29632

In FreeBSD 13.0-STABLE before n247428-9352de39c3dc, 12.2-STABLE before r370674, 13.0-RELEASE before p6, and 12.2-RELEASE before p12, certain conditions involving use of the highlight buffer while text is scrolling on the console, console data may overwrite data structures associated with the syst...

7.5CVSS0.00855EPSS
Exploits0References2
OSV
OSV
added 2022/01/01 9:15 p.m.11 views

CVE-2021-45972

The giftrans function in giftrans 1.12.2 contains a stack-based buffer overflow because a value inside the input file determines the amount of data to write. This allows an attacker to overwrite up to 250 bytes outside of the allocated buffer with arbitrary data...

7.1CVSS7.2AI score
Exploits0References3
CNNVD
CNNVD
added 2021/10/27 12:0 a.m.9 views

Cisco Firepower Threat Defense 输入验证错误漏洞

Cisco Firepower Threat Defense FTD is a suite of unified software from Cisco that provides next-generation firewall services. An input validation error vulnerability exists in Cisco Firepower Threat Defense Software that stems from incomplete validation of user input for specific CLI commands. An...

6.6CVSS6.4AI score0.00207EPSS
Exploits0References5
OSV
OSV
added 2021/10/20 2:18 p.m.9 views

OPENSUSE-SU-2021:3487-1 Security update for go1.16

This update for go1.16 fixes the following issues: Update to go1.16.9 - CVE-2021-38297: misc/wasm, cmd/link: do not let command line args overwrite global data bsc1191468...

9.8CVSS9.6AI score0.10299EPSS
Exploits0References4
Veracode
Veracode
added 2021/10/11 4:53 a.m.36 views

Denial Of Service (DoS)

golang is vulnerable to denial of service. The vulnerability exists due to a data overwrite when invoking functions from WASM modules, built using GOARCH=wasm GOOS=js, passing very large arguments...

9.8CVSS3AI score0.10299EPSS
Exploits0References11Affected Software6
OSV
OSV
added 2021/08/09 10:15 a.m.3 views

CVE-2021-37215

The employee management page of Flygo contains an Insecure Direct Object Reference IDOR vulnerability. After being authenticated as a general user, remote attacker can manipulate the user data and then over-write another employee’s user data by specifying that employee’s ID in the API parameter...

4.3CVSS5.8AI score0.00677EPSS
Exploits0References1
Prion
Prion
added 2021/05/25 7:15 p.m.32 views

Code injection

In Arm Trusted Firmware M through 1.2, the NS world may trigger a system halt, an overwrite of secure data, or the printing out of secure data when calling secure functions under the NSPE handler mode...

4.9CVSS5.5AI score0.03093EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2021/05/25 6:27 p.m.6 views

CVE-2021-27562

In Arm Trusted Firmware M through 1.2, the NS world may trigger a system halt, an overwrite of secure data, or the printing out of secure data when calling secure functions under the NSPE handler mode...

5.5AI score0.03093EPSS
Exploits0References2
Veracode
Veracode
added 2021/03/17 4:37 a.m.66 views

Directory Traversal

Linux kernel is vulnerable to directory traversal. An attacker is able to send a malicious LIO block requests to the Linux system to overwrite data on the backing store...

8.1CVSS4.4AI score0.06563EPSS
Exploits0References21Affected Software2
CNVD
CNVD
added 2021/01/25 12:0 a.m.6 views

NetApp Clustered Data ONTAP Arbitrary Data Overwrite Vulnerability

NetApp Clustered Data ONTAP is a storage operating system for use in clustered mode. A security vulnerability exists in NetApp Clustered Data ONTAP that allows remote attackers to exploit the vulnerability by submitting special requests that can overwrite system data...

6.5CVSS6.9AI score0.00889EPSS
Exploits0References1
Rows per page
Query Builder