CVE-2024-22920

swftools 0.9.2 was discovered to contain a heap-use-after-free via the function bufferWriteData in swftools/lib/action/compile.c...

3s-smart Software Solutions CODESYS 缓冲区错误漏洞

3s-smart Software Solutions CODESYS is a controller development system from 3s-smart Software Solutions, Germany. A buffer error vulnerability exists in 3s-smart Software Solutions CODESYS. An authenticated, remote attacker could exploit this vulnerability to write data to the stack...

PT-2023-3282 · Glpi +1 · Fields +1

Name of the Vulnerable Software and Affected Versions: Fields versions prior to 1.13.1 Fields versions prior to 1.20.4 Description: The issue is related to a lack of access control check in the Fields plugin for GLPI, allowing any authenticated user to write data to any fields container, includin...

SUSE CVE-2018-16647

In Artifex MuPDF 1.13.0, the pdfgetxrefentry function in pdf/pdf-xref.c allows remote attackers to cause a denial of service segmentation fault in fzwritedata in fitz/output.c via a crafted pdf file...

SUSE CVE-2018-17572

InfluxDB 0.9.5 has Reflected XSS in the Write Data module...

SUSE CVE-2020-2934

Vulnerability in the MySQL Connectors product of Oracle MySQL component: Connector/J. Supported versions that are affected are 8.0.19 and prior and 5.1.48 and prior. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise MySQL...

SUSE CVE-2020-25741

fdctrlwritedata in hw/block/fdc.c in QEMU 5.0.0 has a NULL pointer dereference via a NULL block pointer for the current drive...

The vulnerability of Zoom’s software for conducting video conferences on Android devices stems from incorrect path name restrictions for the restricted access catalog. This allows attackers to read and write data in the Zoom application’s catalog.

The vulnerability of Zoom video conferencing software is related to incorrect restrictions on the path name to the restricted access catalog. Exploiting this vulnerability could allow an attacker to read and write data in the Zoom application’s catalog...

Bluetooth Core Specification 安全漏洞

The Bluetooth Core Specification is a specification. Defines the technical building blocks used by developers to create the interoperable devices that make up the thriving Bluetooth ecosystem. Overseen by the Bluetooth Special Interest Group SIG and regularly updated and enhanced by the Bluetooth...

kernel: possible to use the debugger to write zero into a location of choice

A flaw was found in the kernel/debug/debugcore.c in the Linux kernel in lockdown mode. This flaw allows an attacker with local access to trigger the debugger, bypass lockdown and write anonymously...

mysql: InnoDB unspecified vulnerability (CPU Jul 2022)

Vulnerability in the MySQL Server product of Oracle MySQL component: InnoDB. Supported versions that are affected are 8.0.29 and prior. Difficult to exploit vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of th...

InfluxDB Reflected Cross-site Scripting

InfluxDB 0.9.5 has Reflected XSS in the admin panel via the Write Data module...

CVE-2021-3700

A use-after-free vulnerability was found in usbredir in versions prior to 0.11.0 in the usbredirparserserialize in usbredirparser/usbredirparser.c. This issue occurs when serializing large amounts of buffered write data in the case of a slow or blocked destination...

Ubuntu 16.04 ESM / 18.04 LTS : Linux kernel vulnerabilities (USN-5298-1)

The remote Ubuntu 16.04 ESM / 18.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-5298-1 advisory. It was discovered that the Packet network protocol implementation in the Linux kernel contained a double- free vulnerability. A local attacke...

The vulnerability of the write_data method in the Ansible configuration management system lies in the use of insecure temporary files, allowing attackers to access confidential data.

The vulnerability of the writedata method in the Ansible configuration management system is related to insecure temporary files. Exploiting this vulnerability could allow an attacker to access confidential data...

Unspecified Vulnerability in SUPERAntispyware

SUPERAntispyware is a security program from SUPERAntiSpyware. SUPERAntispyware has a security vulnerability that can be exploited by attackers to arbitrarily write data to the device via IOCTL 0x9C402140...

Adobe Photoshop Buffer Overflow Vulnerability (CNVD-2022-20504)

Adobe Photoshop is a set of image processing software from the American company Odobi Adobe. Adobe Photoshop suffers from a buffer overflow vulnerability, which stems from the presence of cross-border write data in the software. An attacker could use this vulnerability to trigger arbitrary code...

Trend Micro Apex One and OfficeScan Authentication Bypass Vulnerability

Trend Micro Apex One and OfficeScan server contain a vulnerable EXE file that could allow a remote attacker to write data to a path on affected installations and bypass root login...

CVE-2021-3700

A use-after-free vulnerability was found in usbredir in the usbredirparserserialize function in usbredirparser/usbredirparser.c . This issue occurs when serializing large amounts of buffered write data in the case of a slow or blocked destination...

Bluetooth 竞争条件问题漏洞

Bluetooth is a Bluetooth Special Interest Group SIG standards organization standard for short-range wireless technology for exchanging data between fixed and mobile devices over short distances using UHF radio waves in the ISM band from 2.402 GHz to 2.48 GHz, and for building personal area networ...