SUSE CVE-2007-6762

In the Linux kernel before 2.6.20, there is an off-by-one bug in net/netlabel/netlabelcipsov4.c where it is possible to overflow the doidef-tags array...

SUSE CVE-2016-2338

An exploitable heap overflow vulnerability exists in the Psych::Emitter startdocument function of Ruby. In Psych::Emitter startdocument function heap buffer "head" allocation is made based on tags array length. Specially constructed object passed as element of tags array can increase this array...

kernel: dm integrity: fix memory corruption when tag_size is less than digest size

In the Linux kernel, the following vulnerability has been resolved: dm integrity: fix memory corruption when tagsize is less than digest size It is possible to set up dm-integrity in such a way that the "tagsize" parameter is less than the actual digest size. In this situation, a part of the dige...

Heap Buffer Overflow

Psych is vulnerable to heap buffer overflow. The vulnerability is due to the startdocument function in psychemitter.c buffer head allocation based on the tags array length. This flaw allows an attacker to pass a specially constructed element of tags array object that can increase this array size...

Exploitable heap overflow vulnerability exists in Ruby's Psych::Emitter start_document function

An exploitable heap overflow vulnerability exists in the Psych::Emitter startdocument function of Ruby. In Psych::Emitter startdocument function heap buffer "head" allocation is made based on tags array length. Specially constructed object passed as element of tags array can increase this array...

CVE-2016-2338

An exploitable heap overflow vulnerability exists in the Psych::Emitter startdocument function of Ruby. In Psych::Emitter startdocument function heap buffer "head" allocation is made based on tags array length. Specially constructed object passed as element of tags array can increase this array...

EUVD-2016-3422

An exploitable heap overflow vulnerability exists in the Psych::Emitter startdocument function of Ruby. In Psych::Emitter startdocument function heap buffer "head" allocation is made based on tags array length. Specially constructed object passed as element of tags array can increase this array...

CVE-2018-6883

Piwigo before 2.9.3 has SQL injection in admin/tags.php in the administration panel, via the tags array parameter in an admin.php?page=tags request. The attacker must be an administrator...

Sql injection

Piwigo before 2.9.3 has SQL injection in admin/tags.php in the administration panel, via the tags array parameter in an admin.php?page=tags request. The attacker must be an administrator...

CVE-2017-11736

SQL injection vulnerability in core\admin\auto-modules\forms\process.php in BigTree 4.2.18 allows remote authenticated users to execute arbitrary SQL commands via the tags array parameter...

CVE-2017-11736

SQL injection vulnerability in core\admin\auto-modules\forms\process.php in BigTree 4.2.18 allows remote authenticated users to execute arbitrary SQL commands via the tags array parameter...