31 matches found
CVE-2023-39950
efibootguard is a simple UEFI boot loader with support for safely switching between current and updated partition sets. Insufficient or missing validation and sanitization of input from untrustworthy bootloader environment files can cause crashes and probably also code injections into bgsetenv or...
UBUNTU-CVE-2023-39950
efibootguard is a simple UEFI boot loader with support for safely switching between current and updated partition sets. Insufficient or missing validation and sanitization of input from untrustworthy bootloader environment files can cause crashes and probably also code injections into bgsetenv or...
CVE-2023-39950 Insufficient input validation in efibootguard
efibootguard is a simple UEFI boot loader with support for safely switching between current and updated partition sets. Insufficient or missing validation and sanitization of input from untrustworthy bootloader environment files can cause crashes and probably also code injections into bgsetenv or...
ToUI 安全漏洞
ToUI is a Python package for creating user interfaces websites and desktop applications from HTML. A security vulnerability exists in ToUI versions 2.0.1 through 2.4.0 that stems from the use of the website.uservars attribute...
SUSE CVE-2010-3834
Unspecified vulnerability in MySQL 5.0 before 5.0.92, 5.1 before 5.1.51, and 5.5 before 5.5.6 allows remote authenticated users to cause a denial of service server crash via vectors related to "materializing a derived table that required a temporary table for grouping" and "user variable...
WordPress Checkout Field Editor for WooCommerce plugin deserialization vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a blogging platform developed using the PHP language. The WordPress plugin is an application plugin. The WooCommerce WordPress plugin Checkout Field Editor Checkout Manager version 1.8.0 or earlier is...
CVE-2021-35223
The Serv-U File Server allows for events such as user login failures to be audited by executing a command. This command can be supplied with parameters that can take the form of user string variables, allowing remote code execution...
Ускоритель MySQL-inj
Если данный способ уже где-то описан - прошу кинуть ссылочки. Метод был существенно доработан - читай мой пост ниже! Хочу рассказать вам о новой может я что-то пропустил? технике вывода данных при MySQL injection. Дело в том, что очень неудобно когда при наличии уязвимости в результате мы можем...
MySQL: crash with user variables, assignments, joins... (MySQL Bug #55564)
MySQL 5.1 before 5.1.51 and 5.5 before 5.5.6 allows remote authenticated users to cause a denial of service mysqld server crash by performing a user-variable assignment in a logical expression that is calculated and stored in a temporary table for GROUP BY, then causing the expression value to be...
coppermine -- IP spoofing and XSS vulnerability
GHC team reports about coppermine The lack of sanitizing of user defined variables may result in undesirable consequences such as IP spoofing or XSS attack. Generally users of Coppermine Gallery can post comments. Remote address & x-forwarded-for variables are logged for admin's eyes...
Переполнение буфера в sastcpd (buffer overflow)
переполнение буфера, ошибка форматной строки, использование переменных пользователя для запуска внешних приложений...