Information disclosure

IBM Db2 for Linux, UNIX and Windows 9.7, 10.1, 10.5, 11.1, and 11.5 may be vulnerable to an information disclosure caused by improper privilege management when table function is used. IBM X-Force ID: 221973...

CVE-2022-22390

IBM Db2 for Linux, UNIX and Windows 9.7, 10.1, 10.5, 11.1, and 11.5 may be vulnerable to an information disclosure caused by improper privilege management when table function is used. IBM X-Force ID: 221973...

CVE-2022-22390

CVE-2022-22390 affects IBM Db2 for Linux, UNIX and Windows (versions 9.7, 10.1, 10.5, 11.1, 11.5). The issue is an information disclosure caused by improper privilege management when a table function is used, allowing an authenticated user to access restricted data. The IBM security bulletins ind...

CVE-2022-22390

IBM Db2 for Linux, UNIX and Windows 9.7, 10.1, 10.5, 11.1, and 11.5 may be vulnerable to an information disclosure caused by improper privilege management when table function is used. IBM X-Force ID: 221973...

Security Bulletin: Security Vulnerabilities affect IBM Cloud Private - Node.js (CVE-2021-44532, CVE-2021-44533, CVE-2022-21824)

Summary Security Vulnerabilities affect IBM Cloud Private - Node.js Vulnerability Details CVEID:CVE-2021-44532 DESCRIPTION: Node.js could allow a remote attacker to bypass security restrictions, caused by a string injection vulnerability when name constraints were used within a certificate chain...

stb_truetype.h 缓冲区错误漏洞

stbtruetype.h is a TTF font parsing library. A buffer error vulnerability exists in stbtruetype.h v1.26, which stems from the function stbttfindtable in stbtruetype.h containing a heap buffer overflow...

UBUNTU-CVE-2020-24824

A global buffer overflow issue in the dwarf::linetable::linetable function of Libelfin v0.3 allows attackers to cause a denial of service DOS...

Libelfin 安全漏洞

Libelfin is a C 11 library for reading ELF binaries and DWARFv4 debug information. A buffer overflow vulnerability exists in the dwarf::linetable::linetable function of Libelfin 0.3. An attacker could exploit this vulnerability to cause a denial of service...

Libelfin 注入漏洞

Libelfin is a C 11 library for reading ELF binaries and DWARFv4 debug information. linetable::linetable function of Libelfin 0.3 is vulnerable to a denial of service. An attacker could exploit this vulnerability to cause a denial of service via a specially crafted ELF file causing a segmentation...

ClickHouse HTTP header injection vulnerability

ClickHouse is a columnar open source database management system that allows real-time generation of reports on analyzed data. A security vulnerability exists in ClickHouse versions prior to 19.13.5.44. The vulnerability can be exploited to conduct HTTP header injection attacks via the url table...

Fixed in ClickHouse Release 19.13.6.1, 2019-09-20​

Table function url had the vulnerability allowed the attacker to inject arbitrary HTTP headers in the request...

CVE-2019-18657

Table function url had the vulnerability allowed the attacker to inject arbitrary HTTP headers in the request. Nikita Tikhomirov...

UBUNTU-CVE-2018-14668

In ClickHouse before 1.1.54388, "remote" table function allowed arbitrary symbols in "user", "password" and "defaultdatabase" fields which led to Cross Protocol Request Forgery Attacks...

edk2: Privilege escalation via heap-based buffer overflow in MakeTable() function

REJECTED CVE A heap-based buffer overflow vulnerability exists in EDK II within the MakeTable function of BaseUefiDecompressLib.c, TianoCompress.c, and the UEFI specification. An authenticated attacker could exploit this flaw by supplying a crafted file, potentially leading to privilege escalatio...

PT-2018-3934 · Libreoffice +4 · Libwpd +4

Name of the Vulnerable Software and Affected Versions: libwpd version 0.10.2 Description: The issue is related to a NULL pointer dereference in the WP6ContentListener::defineTable function, which can lead to a denial of service attack. This is associated with errors in pointer handling. The...

CVE-2018-14668

"remote" table function allowed arbitrary symbols in "user", "password" and "defaultdatabase" fields which led to Cross Protocol Request Forgery Attacks. Andrey Krasichkov of Yandex Information Security Team...

Libav Denial of Service Vulnerability (CNVD-2017-26313)

Libav formerly FFmpeg is Libav team's set of cross-platform audio and video can be recorded, converted to a solution, which includes a libavcodec encoder. A security vulnerability exists in the 'buildtable' function of the libavcodec/bitstream.c file in Libav version 12.1. A remote attacker can...

UBUNTU-CVE-2017-11684

There is an illegal address access in the buildtable function in libavcodec/bitstream.c of Libav 12.1 that will lead to remote denial of service via crafted input...

DEBIAN-CVE-2017-11684

There is an illegal address access in the buildtable function in libavcodec/bitstream.c of Libav 12.1 that will lead to remote denial of service via crafted input...

UBUNTU-CVE-2016-2795

The graphite2::FileFace::gettablefn function in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, does not initialize memory for an unspecified data structure, which allows remote attackers to cause a denial of service or possibly have unknown other...