The ocfs2_prepare_page_for_write function in fs/ocfs2/aops.c in the Oracle Cluster File System 2 (OCFS2) subsystem in the Linux kernel does not properly handle holes that cross page boundaries, which allows local users to obtain potentially sensitive information from uninitialized disk locations by reading a file.
Source link
[Bug 1866254] CVE-2011-0463 kernel: ocfs2_prepare_page_for_write function does not properly handle holes that cross page boundaries leads to information exposure
RELATED STORIES
Microsoft rolled into 2021 with a fairly benign update cycle for Windows and Microsoft Office...
Details It was discovered that an SQL injection vulnerability exists in the Ampachesearch engine. Any...
Microsoft SQL Server是美国微软(Microsoft)公司的一套应用在Microsoft Windows系统下的大型商业数据库系统。 Microsoft SQL 权限提升漏洞,目前尚无此漏洞的相关信息,请随时关注CNNVD或厂商公告。以下产品及版本受到影响:Microsoft SQL Server 2019 for x64-based Systems (GDR),Microsoft SQL...
SAP hat zum Januar-Patchday gleich zwei kritische Sicherheitslücken aus seiner Business-Intelligence-Software Business Warehouse (BW) beseitigt;...
# Exploit Title: Cemetry Mapping and Information System 1.0 - Multiple SQL Injections
# Exploit...
# Exploit Title: Prestashop 1.7.7.0 - 'id_product' Time Based Blind SQL Injection
# Date: 08-01-2021
...
The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a...
# Cockpit CMS 0.6.1 – Remote Code Execution
# Product: Cockpit CMS (https://getcockpit.com)
# Version:...
# Exploit Title: Life Insurance Management System 1.0 - Multiple Stored XSS
# Date: 4/1/2021
...
WordPress是WordPress(Wordpress)基金会的一套使用PHP语言开发的博客平台。该平台支持在PHP和MySQL的服务器上架设个人博客网站。 Newsletter plugin before 6.8.2 for WordPress 存在安全漏洞,该漏洞源于不安全反序列化允许身份验证的远程攻击者可利用该漏洞拥有最小的特权(如订阅者)使用tpnc render AJAX动作通过options[inline editits]参数注入任意PHP对象。 来源:MISC 链接:https://www.wordfence. Source link...
You must be logged in to post a comment.