Total
329 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2018-14713 | 1 Asus | 2 Rt-ac3200, Rt-ac3200 Firmware | 2024-02-28 | 5.5 MEDIUM | 8.1 HIGH |
Format string vulnerability in appGet.cgi on ASUS RT-AC3200 version 3.0.0.4.382.50010 allows attackers to read arbitrary sections of memory and CPU registers via the "hook" URL parameter. | |||||
CVE-2019-6840 | 1 Schneider-electric | 8 Meg6260-0410, Meg6260-0410 Firmware, Meg6260-0415 and 5 more | 2024-02-28 | 7.5 HIGH | 9.8 CRITICAL |
A Format String: CWE-134 vulnerability exists in U.motion Server (MEG6501-0001 - U.motion KNX server, MEG6501-0002 - U.motion KNX Server Plus, MEG6260-0410 - U.motion KNX Server Plus, Touch 10, MEG6260-0415 - U.motion KNX Server Plus, Touch 15), which could allow an attacker to send a crafted message to the target server, thereby causing arbitrary commands to be executed. | |||||
CVE-2019-14412 | 1 Cpanel | 1 Cpanel | 2024-02-28 | 2.1 LOW | 3.3 LOW |
Maketext in cPanel before 78.0.2 allows format-string injection in the DCV check_domains_via_dns UAPI (SEC-474). | |||||
CVE-2017-7519 | 2 Ceph, Debian | 2 Ceph, Debian Linux | 2024-02-28 | 2.1 LOW | 4.4 MEDIUM |
In Ceph, a format string flaw was found in the way libradosstriper parses input from user. A user could crash an application or service using the libradosstriper library. | |||||
CVE-2018-15749 | 1 Pulsesecure | 1 Pulse Secure Desktop Client | 2024-02-28 | 2.1 LOW | 5.5 MEDIUM |
The Pulse Secure Desktop (macOS) 5.3RX before 5.3R5 and 9.0R1 has a Format String Vulnerability. | |||||
CVE-2018-14799 | 1 Philips | 10 Pagewriter Tc10, Pagewriter Tc10 Firmware, Pagewriter Tc20 and 7 more | 2024-02-28 | 4.6 MEDIUM | 3.7 LOW |
In Philips PageWriter TC10, TC20, TC30, TC50, TC70 Cardiographs, all versions prior to May 2018, the PageWriter device does not sanitize data entered by user. This can lead to buffer overflow or format string vulnerabilities. | |||||
CVE-2018-16554 | 1 Jhead Project | 1 Jhead | 2024-02-28 | 6.8 MEDIUM | 7.8 HIGH |
The ProcessGpsInfo function of the gpsinfo.c file of jhead 3.00 may allow a remote attacker to cause a denial-of-service attack or unspecified other impact via a malicious JPEG file, because of inconsistency between float and double in a sprintf format string during TAG_GPS_ALT handling. | |||||
CVE-2018-17336 | 2 Canonical, Freedesktop | 2 Ubuntu Linux, Udisks | 2024-02-28 | 4.6 MEDIUM | 7.8 HIGH |
UDisks 2.8.0 has a format string vulnerability in udisks_log in udiskslogging.c, allowing attackers to obtain sensitive information (stack contents), cause a denial of service (memory corruption), or possibly have unspecified other impact via a malformed filesystem label, as demonstrated by %d or %n substrings. | |||||
CVE-2018-1352 | 1 Fortinet | 1 Fortios | 2024-02-28 | 7.5 HIGH | 9.8 CRITICAL |
A format string vulnerability in Fortinet FortiOS 5.6.0 allows attacker to execute unauthorized code or commands via the SSH username variable. | |||||
CVE-2017-17132 | 1 Huawei | 2 Vp9660, Vp9660 Firmware | 2024-02-28 | 2.1 LOW | 5.5 MEDIUM |
Huawei VP9660 V500R002C10 has a uncontrolled format string vulnerability when the license module output the log information. An authenticated local attacker could exploit this vulnerability to cause a denial of service. | |||||
CVE-2017-16602 | 1 Netgain-systems | 1 Enterprise Manager | 2024-02-28 | 6.5 MEDIUM | 8.8 HIGH |
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of NetGain Systems Enterprise Manager 7.2.730 build 1034. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the org.apache.jsp.u.jsp.tools.exec_jsp servlet, which listens on TCP port 8081 by default. When parsing the command parameter, the process does not properly validate a user-supplied string before using it to execute a system call. An attacker can leverage this vulnerability to execute code under the context of Administrator. Was ZDI-CAN-5193. | |||||
CVE-2015-9238 | 1 Secure-compare Project | 1 Secure-compare | 2024-02-28 | 5.0 MEDIUM | 5.3 MEDIUM |
secure-compare 3.0.0 and below do not actually compare two strings properly. compare was actually comparing the first argument with itself, meaning the check passed for any two strings of the same length. | |||||
CVE-2018-1000052 | 1 Fmt | 1 Fmt | 2024-02-28 | 5.0 MEDIUM | 7.5 HIGH |
fmtlib version prior to version 4.1.0 (before commit 0555cea5fc0bf890afe0071a558e44625a34ba85) contains a Memory corruption (SIGSEGV), CWE-134 vulnerability in fmt::print() library function that can result in Denial of Service. This attack appear to be exploitable via Specifying an invalid format specifier in the fmt::print() function results in a SIGSEGV (memory corruption, invalid write). This vulnerability appears to have been fixed in after commit 8cf30aa2be256eba07bb1cefb998c52326e846e7. | |||||
CVE-2018-6508 | 1 Puppet | 1 Puppet Enterprise | 2024-02-28 | 6.0 MEDIUM | 8.0 HIGH |
Puppet Enterprise 2017.3.x prior to 2017.3.3 are vulnerable to a remote execution bug when a specially crafted string was passed into the facter_task or puppet_conf tasks. This vulnerability only affects tasks in the affected modules, if you are not using puppet tasks you are not affected by this vulnerability. | |||||
CVE-2017-16608 | 1 Netgain-systems | 1 Enterprise Manager | 2024-02-28 | 7.5 HIGH | 9.8 CRITICAL |
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Netgain Enterprise Manager. Authentication is not required to exploit this vulnerability. The specific flaw exists within exec.jsp. The issue results from the lack of proper validation of a user-supplied string before using it to execute a system call. An attacker can leverage this vulnerability to execute code under the context of the current user. Was ZDI-CAN-4749. | |||||
CVE-2018-12590 | 1 Ui | 2 Edgeswitch, Edgeswitch Firmware | 2024-02-28 | 9.0 HIGH | 7.2 HIGH |
Ubiquiti Networks EdgeSwitch version 1.7.3 and prior suffer from an externally controlled format-string vulnerability due to lack of protection on the admin CLI, leading to code execution and privilege escalation greater than administrators themselves are allowed. An attacker with access to an admin account could escape the restricted CLI and execute arbitrary code. | |||||
CVE-2018-8778 | 4 Canonical, Debian, Redhat and 1 more | 4 Ubuntu Linux, Debian Linux, Enterprise Linux and 1 more | 2024-02-28 | 5.0 MEDIUM | 7.5 HIGH |
In Ruby before 2.2.10, 2.3.x before 2.3.7, 2.4.x before 2.4.4, 2.5.x before 2.5.1, and 2.6.0-preview1, an attacker controlling the unpacking format (similar to format string vulnerabilities) can trigger a buffer under-read in the String#unpack method, resulting in a massive and controlled information disclosure. | |||||
CVE-2018-1566 | 3 Ibm, Linux, Microsoft | 3 Db2, Linux Kernel, Windows | 2024-02-28 | 4.6 MEDIUM | 7.8 HIGH |
IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, 10.1, 10.5, and 11.1 could allow a local user to execute arbitrary code due to a format string error. IBM X-Force ID: 143023. | |||||
CVE-2017-17407 | 1 Netgain-systems | 1 Enterprise Manager | 2024-02-28 | 7.5 HIGH | 9.8 CRITICAL |
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of NetGain Systems Enterprise Manager v7.2.699 build 1001. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of the content parameter provided to the script_test.jsp endpoint. A crafted content request parameter can trigger execution of a system call composed from a user-supplied string. An attacker can leverage this vulnerability to execute code under the context of the web service. Was ZDI-CAN-5080. | |||||
CVE-2018-6875 | 2 Keepkey, Shapeshift | 2 Keepkey, Keepkey Firmware | 2024-02-28 | 5.0 MEDIUM | 7.5 HIGH |
Format String vulnerability in KeepKey version 4.0.0 allows attackers to trigger information display (of information that should not be accessible), related to text containing characters that the device's font lacks. |