111 matches found
GSD-2022-1007307 ext4: avoid crash when inline data creation follows DIO write
ext4: avoid crash when inline data creation follows DIO write This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.10.150 by commit...
GSD-2022-1007122 ext4: avoid crash when inline data creation follows DIO write
ext4: avoid crash when inline data creation follows DIO write This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.15.75 by commit...
GSD-2022-1006883 ext4: avoid crash when inline data creation follows DIO write
ext4: avoid crash when inline data creation follows DIO write This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v6.0.3 by commit...
Buffer overflow
Contiki-NG is an open-source, cross-platform operating system for IoT devices. In the RPL-Classic routing protocol implementation in the Contiki-NG operating system, an incoming DODAG Information Option DIO control message can contain a prefix information option with a length parameter. The value...
CVE-2022-35927 Unverified DIO prefix info lengths in RPL-Classic in Contiki-NG
Contiki-NG is an open-source, cross-platform operating system for IoT devices. In the RPL-Classic routing protocol implementation in the Contiki-NG operating system, an incoming DODAG Information Option DIO control message can contain a prefix information option with a length parameter. The value...
Duplicate Advisory: Improper Neutralization of CRLF Sequences in dio
Duplicate advisory This advisory has been withdrawn because it is a duplicate of GHSA-9324-jv53-9cc8. This link is maintained to preserve external references. Original Description The dio package prior to 5.0.0 for Dart allows CRLF injection if the attacker controls the HTTP method string, a...
GSD-2022-1000690 btrfs: fallback to blocking mode when doing async dio over multiple extents
btrfs: fallback to blocking mode when doing async dio over multiple extents This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.16.13 by commit...
CVE-2021-31402
The dio package 4.0.0 for Dart allows CRLF injection if the attacker controls the HTTP method string, a different vulnerability than CVE-2020-35669...
Crlf injection
The dio package 4.0.0 for Dart allows CRLF injection if the attacker controls the HTTP method string, a different vulnerability than CVE-2020-35669...
CVE-2021-31402
CVE-2021-31402 affects the dio package for Dart, specifically version 4.0.0, where CRLF injection is possible when an attacker controls the HTTP method string. The issue is a distinct vulnerability from CVE-2020-35669 and is documented as a CRLF sequence handling flaw in the Dio HTTP client. Patc...
wendu dio 注入漏洞
wendu dio is a wendu open source application system . Dart's powerful Http client , it supports interceptor , global configuration , FormData, request cancelation , file downloads, timeout and so on . dio package version 4.0.0 injection vulnerability , an attacker can use the vulnerability to...
PT-2021-19283 · Dio · Dio
Name of the Vulnerable Software and Affected Versions: dio package versions prior to 5.0.0 Description: The issue allows CRLF injection if the attacker controls the HTTP method string. This is a different issue than previously identified problems. Recommendations: For dio package versions prior t...
tcpdump: Buffer over-read in function rpl_dio_printopt in print-icmp6.c
An out-of-bounds read vulnerability was discovered in tcpdump while printing ICMP6 packets captured in a pcap file or coming from the network. A remote attacker may abuse this flaw by sending specially crafted packets that, when printed, would trigger the flaw and crash the application...
CVE-2017-18204
The ocfs2setattr function in fs/ocfs2/file.c in the Linux kernel before 4.14.2 allows local users to cause a denial of service deadlock via DIO requests...
Design/Logic Flaw
The ocfs2setattr function in fs/ocfs2/file.c in the Linux kernel before 4.14.2 allows local users to cause a denial of service deadlock via DIO requests...
CVE-2017-18204
The ocfs2setattr function in fs/ocfs2/file.c in the Linux kernel before 4.14.2 allows local users to cause a denial of service deadlock via DIO requests...
CVE-2017-18204
The ocfs2setattr function in fs/ocfs2/file.c in the Linux kernel before 4.14.2 allows local users to cause a denial of service deadlock via DIO requests...
CVE-2017-18204
The ocfs2setattr function in fs/ocfs2/file.c in the Linux kernel before 4.14.2 allows local users to cause a denial of service deadlock via DIO requests...
Oracle: Security Advisory (ELSA-2008-0612)
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Oracle: Security Advisory (ELSA-2008-0885)
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...