13 matches found
Unspecified vulnerability in YottaDB (CNVD-2022-31926)
YottaDB is a real-time database from YottaDB, Inc. YottaDB r1.32 and earlier versions have a security vulnerability that can be exploited to cause a NULL pointer dereference after a call to ZPrint...
YottaDB Buffer Overflow Vulnerability
YottaDB is a real-time database from YottaDB, Inc. A security vulnerability exists in versions of YottaDB prior to r1.32, which could be exploited by attackers to control the size variables and buffers passed to memcpy calls to overwrite critical data structures and control the execution flow...
YottaDB has an unspecified vulnerability (CNVD-2022-31935)
YottaDB is a real-time database from YottaDB, Inc. A security vulnerability exists in YottaDB versions prior to r1.32 and V7.0-000, which could be exploited by an attacker to calculate the size of a call to memset in opfnj3 in srport/opfnj3.c, resulting in a very large value that could cause a...
YottaDB has an unspecified vulnerability (CNVD-2022-31933)
YottaDB is a real-time database from YottaDB, Inc. A security vulnerability exists in YottaDB r1.32 and earlier, which stems from a missing NULL check in the call to iousopen in srunix/iousopen.c. An attacker could crash the application by dereferencing the NULL pointer. An attacker could exploit...
YottaDB has an unspecified vulnerability (CNVD-2022-31932)
YottaDB is a real-time database from YottaDB, Inc. A security vulnerability exists in YottaDB r1.32 and earlier versions, which can be exploited to gain control of the execution process by manipulating the value of the function pointer used by opwrite in srport/opwrite.c using carefully crafted...
YottaDB has an unspecified vulnerability (CNVD-2022-31930)
YottaDB is a real-time database from YottaDB, Inc. A security vulnerability exists in YottaDB r1.32 and earlier, which stems from a missing NULL check in the call to emittrip in srport/emitcode.c. An attacker could crash the application by dereferencing the NULL pointer. An attacker could crash t...
YottaDB has an unspecified vulnerability (CNVD-2022-36992)
YottaDB is a real-time database from YottaDB, Inc. A security vulnerability exists in versions of YottaDB prior to r1.32 and V7.0-000, which could be exploited by an attacker to control the size and input of memcpy calls to opfnfnumber in srport/opfnfnumber.c to corrupt memory or crash the...
CVE-2021-44491
An issue was discovered in YottaDB through r1.32 and V7.0-000. Using crafted input, attackers can cause a calculation of the size of calls to memset in opfnj3 in srport/opfnj3.c to result in an extremely large value in order to cause a segmentation fault and crash the application. This is a digs-...
UBUNTU-CVE-2021-44493
An issue was discovered in YottaDB through r1.32 and V7.0-000 and FIS GT.M through V7.0-000. Using crafted input, an attacker can cause a call to $Extract to force an signed integer holding the size of a buffer to take on a large negative number, which is then used as the length of a memcpy call...
YottaDB缓冲区错误漏洞
YottaDB is a real-time database from YottaDB, Inc. A security vulnerability exists in versions of YottaDB prior to r1.32, which could be exploited by attackers to control the size variables and buffers passed to memcpy calls to overwrite critical data structures and control the execution flow...
YottaDB 安全漏洞
YottaDB is a real-time database from YottaDB, Inc. A security vulnerability exists in YottaDB r1.32 and earlier versions, which can be exploited to gain control of the execution process by manipulating the value of the function pointer used by opwrite in srport/opwrite.c using carefully crafted...
YottaDB 安全漏洞
YottaDB is a real-time database from YottaDB, Inc. A security vulnerability exists in YottaDB versions prior to r1.32 and V7.0-000, which could be exploited by an attacker to calculate the size of a call to memset in opfnj3 in srport/opfnj3.c, resulting in a very large value that could cause a...
YottaDB 缓冲区错误漏洞
YottaDB is a real-time database from YottaDB, Inc. A security vulnerability exists in versions of YottaDB prior to r1.32 and V7.0-000, which could be exploited by an attacker to control the size and input of memcpy calls to opfnfnumber in srport/opfnfnumber.c to corrupt memory or crash the...