Total
339 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2018-14713 | 1 Asus | 2 Rt-ac3200, Rt-ac3200 Firmware | 2024-08-05 | N/A |
| Format string vulnerability in appGet.cgi on ASUS RT-AC3200 version 3.0.0.4.382.50010 allows attackers to read arbitrary sections of memory and CPU registers via the "hook" URL parameter. | ||||
| CVE-2018-14661 | 3 Debian, Gluster, Redhat | 7 Debian Linux, Glusterfs, Enterprise Linux and 4 more | 2024-08-05 | 6.5 Medium |
| It was found that usage of snprintf function in feature/locks translator of glusterfs server 3.8.4, as shipped with Red Hat Gluster Storage, was vulnerable to a format string attack. A remote, authenticated attacker could use this flaw to cause remote denial of service. | ||||
| CVE-2018-10389 | 1 Open Tftp Server Project | 1 Open Tftp Server | 2024-08-05 | 9.8 Critical |
| Format string vulnerability in the logMess function in TFTP Server MT 1.65 and earlier allows remote attackers to perform a denial of service or execute arbitrary code via format string sequences in a TFTP error packet. | ||||
| CVE-2018-10388 | 1 Open Tftp Server Project | 1 Open Tftp Server | 2024-08-05 | 9.8 Critical |
| Format string vulnerability in the logMess function in TFTP Server SP 1.66 and earlier allows remote attackers to perform a denial of service or execute arbitrary code via format string sequences in a TFTP error packet. | ||||
| CVE-2018-8778 | 4 Canonical, Debian, Redhat and 1 more | 9 Ubuntu Linux, Debian Linux, Enterprise Linux and 6 more | 2024-08-05 | N/A |
| In Ruby before 2.2.10, 2.3.x before 2.3.7, 2.4.x before 2.4.4, 2.5.x before 2.5.1, and 2.6.0-preview1, an attacker controlling the unpacking format (similar to format string vulnerabilities) can trigger a buffer under-read in the String#unpack method, resulting in a massive and controlled information disclosure. | ||||
| CVE-2018-6875 | 2 Keepkey, Shapeshift | 2 Keepkey, Keepkey Firmware | 2024-08-05 | N/A |
| Format String vulnerability in KeepKey version 4.0.0 allows attackers to trigger information display (of information that should not be accessible), related to text containing characters that the device's font lacks. | ||||
| CVE-2018-6317 | 1 Claymore Dual Miner Project | 1 Claymore Dual Miner | 2024-08-05 | N/A |
| The remote management interface in Claymore Dual Miner 10.5 and earlier is vulnerable to an unauthenticated format string vulnerability, allowing remote attackers to read memory or cause a denial of service. | ||||
| CVE-2018-5704 | 2 Debian, Openocd | 2 Debian Linux, Open On-chip Debugger | 2024-08-05 | N/A |
| Open On-Chip Debugger (OpenOCD) 0.10.0 does not block attempts to use HTTP POST for sending data to 127.0.0.1 port 4444, which allows remote attackers to conduct cross-protocol scripting attacks, and consequently execute arbitrary commands, via a crafted web site. | ||||
| CVE-2018-5205 | 3 Canonical, Debian, Irssi | 3 Ubuntu Linux, Debian Linux, Irssi | 2024-08-05 | N/A |
| When using incomplete escape codes, Irssi before 1.0.6 may access data beyond the end of the string. | ||||
| CVE-2018-5207 | 2 Debian, Irssi | 2 Debian Linux, Irssi | 2024-08-05 | N/A |
| When using an incomplete variable argument, Irssi before 1.0.6 may access data beyond the end of the string. | ||||
| CVE-2019-18420 | 3 Debian, Fedoraproject, Xen | 3 Debian Linux, Fedora, Xen | 2024-08-05 | 6.5 Medium |
| An issue was discovered in Xen through 4.12.x allowing x86 PV guest OS users to cause a denial of service via a VCPUOP_initialise hypercall. hypercall_create_continuation() is a variadic function which uses a printf-like format string to interpret its parameters. Error handling for a bad format character was done using BUG(), which crashes Xen. One path, via the VCPUOP_initialise hypercall, has a bad format character. The BUG() can be hit if VCPUOP_initialise executes for a sufficiently long period of time for a continuation to be created. Malicious guests may cause a hypervisor crash, resulting in a Denial of Service (DoS). Xen versions 4.6 and newer are vulnerable. Xen versions 4.5 and earlier are not vulnerable. Only x86 PV guests can exploit the vulnerability. HVM and PVH guests, and guests on ARM systems, cannot exploit the vulnerability. | ||||
| CVE-2019-15546 | 1 Pancurses Project | 1 Pancurses | 2024-08-05 | N/A |
| An issue was discovered in the pancurses crate through 0.16.1 for Rust. printw and mvprintw have format string vulnerabilities. | ||||
| CVE-2019-15547 | 1 Ncurses Project | 1 Ncurses | 2024-08-05 | N/A |
| An issue was discovered in the ncurses crate through 5.99.0 for Rust. There are format string issues in printw functions because C format arguments are mishandled. | ||||
| CVE-2019-14412 | 1 Cpanel | 1 Cpanel | 2024-08-05 | N/A |
| Maketext in cPanel before 78.0.2 allows format-string injection in the DCV check_domains_via_dns UAPI (SEC-474). | ||||
| CVE-2019-14410 | 1 Cpanel | 1 Cpanel | 2024-08-05 | N/A |
| Maketext in cPanel before 78.0.2 allows format-string injection in the Email store_filter UAPI (SEC-472). | ||||
| CVE-2019-13318 | 2 Foxitsoftware, Microsoft | 3 Phantompdf, Reader, Windows | 2024-08-04 | 5.5 Medium |
| This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit Reader 9.5.0.20723. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the processing of the util.printf Javascript method. The application processes the %p parameter in the format string, allowing heap addresses to be returned to the script. An attacker can leverage this in conjunction with other vulnerabilities to execute code in the context of the current process. Was ZDI-CAN-8544. | ||||
| CVE-2019-13117 | 6 Canonical, Debian, Fedoraproject and 3 more | 6 Ubuntu Linux, Debian Linux, Fedora and 3 more | 2024-08-04 | 5.3 Medium |
| In numbers.c in libxslt 1.1.33, an xsl:number with certain format strings could lead to a uninitialized read in xsltNumberFormatInsertNumbers. This could allow an attacker to discern whether a byte on the stack contains the characters A, a, I, i, or 0, or any other character. | ||||
| CVE-2019-12297 | 1 Motorola | 4 Cx2, Cx2 Firmware, M2 and 1 more | 2024-08-04 | N/A |
| An issue was discovered in scopd on Motorola routers CX2 1.01 and M2 1.01. There is a Use of an Externally Controlled Format String, reachable via TCP port 8010 or UDP port 8080. | ||||
| CVE-2019-7712 | 1 Ghs | 1 Integrity Rtos | 2024-08-04 | N/A |
| An issue was discovered in handler_ipcom_shell_pwd in the Interpeak IPCOMShell TELNET server on Green Hills INTEGRITY RTOS 5.0.4. When using the pwd command, the current working directory path is used as the first argument to printf() without a proper check. An attacker may thus forge a path containing format string modifiers to get a custom format string evaluated. This results in an information leak of memory addresses. | ||||
| CVE-2019-7711 | 1 Ghs | 1 Integrity Rtos | 2024-08-04 | N/A |
| An issue was discovered in the Interpeak IPCOMShell TELNET server on Green Hills INTEGRITY RTOS 5.0.4. The undocumented shell command "prompt" sets the (user controlled) shell's prompt value, which is used as a format string input to printf, resulting in an information leak of memory addresses. | ||||