64 matches found
Heating Network Wireless Monitoring System SQL注入漏洞
Star Measurement and Control Heating Network Wireless Monitoring System is a heating management system from Star Measurement and Control. A SQL injection vulnerability exists in Heating Network Wireless Monitoring System version 5.6.2, which stems from an operation of the GetDataKindByType functi...
PT-2024-38688 · Anhui Deshun Intelligent Technology · Jielink+ Jsotc2016
Name of the Vulnerable Software and Affected Versions: Anhui Deshun Intelligent Technology Jieshun JieLink+ JSOTC2016 up to 20240805 Description: A vulnerability has been found in the software, classified as problematic, and affects an unknown functionality of the file...
iparking SQL Injection Vulnerability
iparking is fhsopensource open source a parking fee management system . iparking 1.5.22.RELEASE version of the SQL injection vulnerability , the vulnerability stems from the function getData SQL injection vulnerability...
PT-2024-1381
Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.6.10 Description The issue is related to the smb2 get data area len function in the fs/smb/server/smb2misc.c file of the KSMBD file system in the Linux kernel. It is associated with an out-of-bounds access in t...
python-werkzeug: high resource usage when parsing multipart form data with many fields
A flaw was found in python-werkzeug. Werkzeug is multipart form data parser, that will parse an unlimited number of parts, including file parts. These parts can be a small amount of bytes, but each requires CPU time to parse, and may use more memory as Python data. If a request can be made to an...
The vulnerability in the get_data function of the binutils/nm.c component of the GNU Binutils development environment allows a attacker to cause a service failure.
The vulnerability of the getdata function in the binutils/nm.c component of the GNU Binutils development environment is related to improper memory release before deleting the last reference. Exploiting this vulnerability allows an attacker to cause a service failure...
PT-2023-35568 · Git +1 · Lcms
Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided description. Description: A crash was reported due to an unknown read issue. The crash involves the function cmsIT8GetDataRowColDbl and is related to the file cms cgats fuzzer.c. ...
DEBIAN-CVE-2020-19724
A memory consumption issue in getdata function in binutils/nm.c in GNU nm before 2.34 allows attackers to cause a denial of service via crafted command...
GNU Binutils 安全漏洞
GNU Binutils is a set of open source tools for working with binary files such as target files, executables, libraries, etc., mainly used in the areas of compilation, debugging, reverse engineering and so on. A denial of service vulnerability exists in GNU Binutils, which stems from a memory...
SUSE CVE-2006-2200
Stack-based buffer overflow in libmms, as used by a MiMMS 0.0.9 and b xine-lib 1.1.0 and earlier, allows remote attackers to cause a denial of service application crash and possibly execute arbitrary code via the 1 sendcommand, 2 stringutf16, 3 getdata, and 4 getmediapacket functions, and possibl...
SUSE CVE-2017-18257
The getdatablock function in fs/f2fs/data.c in the Linux kernel before 4.11 allows local users to cause a denial of service integer overflow and loop via crafted use of the open and fallocate system calls with an FSIOCFIEMAP ioctl...
BMC Community Track-It! 授权问题漏洞
BMC Community Track-It! is an It helpdesk software from BMC Community USA. It is used for help desks and helpdesks with asset management. An authorization issue vulnerability exists in BMC Community Track-It! that originates in the GetData endpoint. The issue is caused due to a lack of...
CVE-2021-40493
Zoho ManageEngine OpManager before 125437 is vulnerable to SQL Injection in the support diagnostics module. This occurs via the pollingObject parameter of the getDataCollectionFailureReason API...
Dell Hybrid Client 信息泄露漏洞
DELL Dell Hybrid Client is a software application from Dell USA Inc. It provides a client computing software with hybrid cloud management capabilities. An information disclosure vulnerability exists in Dell Hybrid Client versions prior to 1.5, which can be exploited by attackers to obtain sensiti...
PT-2020-6940 · Gnu +2 · Gnu Nm +2
Name of the Vulnerable Software and Affected Versions: GNU nm versions prior to 2.34 Description: The issue is related to a memory consumption problem in the get data function in binutils/nm.c. This allows attackers to cause a denial of service via crafted commands. The vulnerability is associate...
Linux kernel denial of service vulnerability (CNVD-2018-10154)
Linux kernel is the kernel used by Linux, the open source operating system released by the Linux Foundation in the United States. A security vulnerability exists in the 'getdatablock' function in the fs/f2fs/data.c file in Linux kernel versions prior to 4.11. A local attacker could exploit this...
Design/Logic Flaw
Artica Pandora FMS version 7.0 leaks a full installation pathname via GET data when intercepting the main page's graph requisition. This also implies that general OS information is leaked e.g., a /var/www pathname typically means Linux or UNIX...
CVE-2017-15937
Artica Pandora FMS version 7.0 leaks a full installation pathname via GET data when intercepting the main page's graph requisition. This also implies that general OS information is leaked e.g., a /var/www pathname typically means Linux or UNIX...
Sierra Wireless GX440 weak password storage vulnerability (CNVD-2017-10185)
The Sierra Wireless GX440 is a gateway device from Sierra Wireless Canada. The Sierra Wireless GX440 suffers from a weak password storage vulnerability that can be exploited by a remote attacker to submit a special request and obtain sensitive information...
vBulletin 4.x Verify Email Before Registration Plugin - SQL Injection Vulnerability
Exploit for php platform in category web applications Title: vBulletin Verify Email Before Registration Plugin - SQL Injection Date: September 19 2014 Version: Any vBulletin 4.. version which has the plugin installed. Plugin: http://www.vbulletin.org/forum/showthread.php?t=294164 Author: Dave FW/...