kernel: i40e: add validation for ring_len param

A flaw was identified in the Intel “i40e” Ethernet driver in the Linux Kernel where the ringlen parameter supplied by a VF virtual function is passed unchecked to the hardware memory context. If a malicious Virtual function provides a too-large or misaligned ringlen, it may allow the device to...

kernel: i40e: add validation for ring_len param

A flaw was identified in the Intel “i40e” Ethernet driver in the Linux Kernel where the ringlen parameter supplied by a VF virtual function is passed unchecked to the hardware memory context. If a malicious Virtual function provides a too-large or misaligned ringlen, it may allow the device to...

EUVD-2020-4175

Malware in sbrugna...

EUVD-2023-44072

Malicious code in bioql PyPI...

EUVD-2025-25486

Malicious code in bioql PyPI...

CVE-2020-11835

In /SM8250QMaster/android/vendor/oppocharger/oppo/chargeric/oppoda9313.c, failure to check the parameter buf in the function procworkmodewrite in procworkmodewrite causes a vulnerability...

OpenRefine 路径遍历漏洞

OpenRefine is a Java-based open source tool from OpenRefine Open Source. The product is mainly used for loading data, analyzing data and cleaning data, etc. A path traversal vulnerability exists in OpenRefine prior to version 3.8.3, which stems from a lack of checking of the lang parameter of the...

CVE-2023-48429

A vulnerability has been identified in SINEC INS All versions V1.0 SP2 Update 2. The Web UI of affected devices does not check the length of parameters in certain conditions. This allows a malicious admin to crash the server by sending a crafted request to the server. The server will automaticall...

CVE-2023-3405

Unchecked parameter value in M-Files Server in versions before 23.6.12695.3 excluding 23.2 SR2 and newer allows anonymous user to cause denial of service...

Denial of service

Unchecked parameter value in M-Files Server in versions before 23.6.12695.3 excluding 23.2 SR2 and newer allows anonymous user to cause denial of service...

CVE-2023-3405 Denial of service condition in M-Files Server

Unchecked parameter value in M-Files Server in versions before 23.6.12695.3 excluding 23.2 SR2 and newer allows anonymous user to cause denial of service...

CVE-2023-3405 Denial of service condition in M-Files Server

Unchecked parameter value in M-Files Server in versions before 23.6.12695.3 excluding 23.2 SR2 and newer allows anonymous user to cause denial of service...

M-Files Server 安全漏洞

M-Files Server is a server for the M-Files system from M-Files, Inc. A security vulnerability exists in M-Files Server version 23.6.12695.3 and earlier, which stems from unchecked parameter values that allow anonymous users to cause a denial of service...

Google TensorFlow AvgPoolOp Denial of Service Vulnerability

Google TensorFlow is an end-to-end open source platform for machine learning from Google, Inc. A denial-of-service vulnerability exists in Google TensorFlow, which stems from the AvgPoolOp function accepting a parameter ksize , which must be positive but is not checked. An attacker could exploit...

CVE-2022-20385

a function called 'nlaparse', do not check the len of para, it will check nlatype which can be controlled by userspace with 'maxtype' in this case, it is GSCANMAX, then it access polciy array 'policytype', which OOB access happens.Product: AndroidVersions: Android SoCAndroid ID: A-238379819...

Tenda M3 缓冲区错误漏洞

Tenda M3 is an access controller from Tenda, China. Tenda M3 version V1.0.0.12 is vulnerable to a stack overflow vulnerability, which stems from the formSetAPCfg function op parameter not checking its length for input data. An attacker could exploit this vulnerability to cause a denial of service...

Undesired behavior

Lines of code Vulnerability details You push a parameter into an array of tokens without checking if it's already exists. And if at first it's added with amount 0 it can later on be pushed with a greater amount and be twice in the array. Then in all processing it will consider the first occurrenc...

Open Redirect in alanaktion/phproject

Description Open Redirect in Login page due to unchecked to parameter. Proof of Concept Send users the following link https://demo.phproject.org/login?to=//example.com After users use their registered account to login, they will be redirected to example.com Impact By modifying the URL value to a...

Open Redirect in star7th/showdoc

Description Open Redirect at login page due to unchecked "redirect" parameter. Vulnerable parameter redirect Payload /%09/google.com Proof of Concept Send users the following login link https://www.showdoc.com.cn/user/login?redirect=/%09/google.com After users use their registered account to logi...

Simple Online College Entrance Exam System 1.0 - Account Takeover

Exploit Title: Simple Online College Entrance Exam System 1.0 - Account Takeover Date: 07.10.2021 Exploit Author: Amine ismail @aminei Vendor Homepage: https://www.sourcecodester.com/php/14976/simple-online-college-entrance-exam-system-php-and-sqlite-free-source-code.html Software Link:...