Total
329 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2021-20307 | 3 Debian, Fedoraproject, Libpano13 Project | 3 Debian Linux, Fedora, Libpano13 | 2023-11-07 | 9.8 Critical |
Format string vulnerability in panoFileOutputNamesCreate() in libpano13 2.9.20~rc2+dfsg-3 and earlier can lead to read and write arbitrary memory values. | ||||
CVE-2020-36619 | 1 Multimon-ng Project | 1 Multimon-ng | 2023-11-07 | 9.8 Critical |
A vulnerability was found in multimon-ng. It has been rated as critical. This issue affects the function add_ch of the file demod_flex.c. The manipulation of the argument ch leads to format string. Upgrading to version 1.2.0 is able to address this issue. The name of the patch is e5a51c508ef952e81a6da25b43034dd1ed023c07. It is recommended to upgrade the affected component. The identifier VDB-216269 was assigned to this vulnerability. | ||||
CVE-2020-36323 | 2 Fedoraproject, Rust-lang | 2 Fedora, Rust | 2023-11-07 | 8.2 High |
In the standard library in Rust before 1.52.0, there is an optimization for joining strings that can cause uninitialized bytes to be exposed (or the program to crash) if the borrowed string changes after its length is checked. | ||||
CVE-2020-16142 | 1 Mercedes-benz | 2 C220, Comand | 2023-11-07 | 3.5 Low |
On Mercedes-Benz C Class AMG Premium Plus c220 BlueTec vehicles, the Bluetooth stack mishandles %x and %c format-string specifiers in a device name in the COMAND infotainment software. | ||||
CVE-2019-18420 | 3 Debian, Fedoraproject, Xen | 3 Debian Linux, Fedora, Xen | 2023-11-07 | 6.5 Medium |
An issue was discovered in Xen through 4.12.x allowing x86 PV guest OS users to cause a denial of service via a VCPUOP_initialise hypercall. hypercall_create_continuation() is a variadic function which uses a printf-like format string to interpret its parameters. Error handling for a bad format character was done using BUG(), which crashes Xen. One path, via the VCPUOP_initialise hypercall, has a bad format character. The BUG() can be hit if VCPUOP_initialise executes for a sufficiently long period of time for a continuation to be created. Malicious guests may cause a hypervisor crash, resulting in a Denial of Service (DoS). Xen versions 4.6 and newer are vulnerable. Xen versions 4.5 and earlier are not vulnerable. Only x86 PV guests can exploit the vulnerability. HVM and PVH guests, and guests on ARM systems, cannot exploit the vulnerability. | ||||
CVE-2019-11287 | 5 Debian, Fedoraproject, Pivotal Software and 2 more | 5 Debian Linux, Fedora, Rabbitmq and 2 more | 2023-11-07 | 7.5 High |
Pivotal RabbitMQ, versions 3.7.x prior to 3.7.21 and 3.8.x prior to 3.8.1, and RabbitMQ for Pivotal Platform, 1.16.x versions prior to 1.16.7 and 1.17.x versions prior to 1.17.4, contain a web management plugin that is vulnerable to a denial of service attack. The "X-Reason" HTTP Header can be leveraged to insert a malicious Erlang format string that will expand and consume the heap, resulting in the server crashing. | ||||
CVE-2018-6317 | 1 Claymore Dual Miner Project | 1 Claymore Dual Miner | 2023-11-07 | N/A |
The remote management interface in Claymore Dual Miner 10.5 and earlier is vulnerable to an unauthenticated format string vulnerability, allowing remote attackers to read memory or cause a denial of service. | ||||
CVE-2017-15191 | 2 Debian, Wireshark | 2 Debian Linux, Wireshark | 2023-11-07 | N/A |
In Wireshark 2.4.0 to 2.4.1, 2.2.0 to 2.2.9, and 2.0.0 to 2.0.15, the DMP dissector could crash. This was addressed in epan/dissectors/packet-dmp.c by validating a string length. | ||||
CVE-2013-7386 | 1 Rom Walton | 1 Boinc | 2023-11-07 | N/A |
Format string vulnerability in the PROJECT::write_account_file function in client/cs_account.cpp in BOINC, possibly 7.2.33, allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via format string specifiers in the gui_urls item in an account file. | ||||
CVE-2013-2852 | 3 Canonical, Debian, Linux | 3 Ubuntu Linux, Debian Linux, Linux Kernel | 2023-11-07 | N/A |
Format string vulnerability in the b43_request_firmware function in drivers/net/wireless/b43/main.c in the Broadcom B43 wireless driver in the Linux kernel through 3.9.4 allows local users to gain privileges by leveraging root access and including format string specifiers in an fwpostfix modprobe parameter, leading to improper construction of an error message. | ||||
CVE-2013-2851 | 1 Linux | 1 Linux Kernel | 2023-11-07 | N/A |
Format string vulnerability in the register_disk function in block/genhd.c in the Linux kernel through 3.9.4 allows local users to gain privileges by leveraging root access and writing format string specifiers to /sys/module/md_mod/parameters/new_array in order to create a crafted /dev/md device name. | ||||
CVE-2009-4014 | 1 Debian | 1 Lintian | 2023-11-07 | N/A |
Multiple format string vulnerabilities in Lintian 1.23.x through 1.23.28, 1.24.x through 1.24.2.1, and 2.x before 2.3.2 allow remote attackers to have an unspecified impact via vectors involving (1) check scripts and (2) the Lintian::Schedule module. | ||||
CVE-2009-3617 | 1 Tatsuhiro Tsujikawa | 1 Aria2 | 2023-11-07 | N/A |
Format string vulnerability in the AbstractCommand::onAbort function in src/AbstractCommand.cc in aria2 before 1.6.2, when logging is enabled, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via format string specifiers in a download URI. NOTE: some of these details are obtained from third party information. | ||||
CVE-2008-1658 | 1 Freedesktop | 1 Policykit | 2023-11-07 | N/A |
Format string vulnerability in the grant helper (polkit-grant-helper.c) in PolicyKit 0.7 and earlier allows attackers to cause a denial of service (crash) and possibly execute arbitrary code via format strings in a password. | ||||
CVE-2007-0051 | 1 Apple | 1 Iphoto | 2023-11-07 | N/A |
Format string vulnerability in Apple iPhoto 6.0.5 (316), and other versions before 6.0.6, allows remote user-assisted attackers to execute arbitrary code via a crafted photocast with format string specifiers in the title of an RSS iPhoto feed. | ||||
CVE-2006-6772 | 1 W3m | 1 W3m | 2023-11-07 | N/A |
Format string vulnerability in the inputAnswer function in file.c in w3m before 0.5.2, when run with the dump or backend option, allows remote attackers to execute arbitrary code via format string specifiers in the Common Name (CN) field of an SSL certificate associated with an https URL. | ||||
CVE-2005-3656 | 1 Guiseppe Tanzilli And Matthias Eckermann | 1 Mod Auth Pgsql | 2023-11-07 | N/A |
Multiple format string vulnerabilities in logging functions in mod_auth_pgsql before 2.0.3, when used for user authentication against a PostgreSQL database, allows remote unauthenticated attackers to execute arbitrary code, as demonstrated via the username. | ||||
CVE-2023-22374 | 1 F5 | 12 Big-ip Access Policy Manager, Big-ip Advanced Firewall Manager, Big-ip Analytics and 9 more | 2023-10-04 | 8.5 High |
A format string vulnerability exists in iControl SOAP that allows an authenticated attacker to crash the iControl SOAP CGI process or, potentially execute arbitrary code. In appliance mode BIG-IP, a successful exploit of this vulnerability can allow the attacker to cross a security boundary. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated. | ||||
CVE-2023-41349 | 1 Asus | 2 Rt-ax88u, Rt-ax88u Firmware | 2023-09-19 | 8.8 High |
ASUS router RT-AX88U has a vulnerability of using externally controllable format strings within its Advanced Open VPN function. An authenticated remote attacker can exploit the exported OpenVPN configuration to execute an externally-controlled format string attack, resulting in sensitivity information leakage, or forcing the device to reset and permanent denial of service. | ||||
CVE-2017-16516 | 2 Debian, Yajl-ruby Project | 2 Debian Linux, Yajl-ruby | 2023-08-05 | 7.5 High |
In the yajl-ruby gem 1.3.0 for Ruby, when a crafted JSON file is supplied to Yajl::Parser.new.parse, the whole ruby process crashes with a SIGABRT in the yajl_string_decode function in yajl_encode.c. This results in the whole ruby process terminating and potentially a denial of service. |