CVE-2021-0646

In sqlite3strvappendf of sqlite3.c, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege if the user can also inject a printf into a privileged process's SQL with no additional execution privileges needed. User interaction is n...

RHEL 7 : glibc (RHSA-2021:2998)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2021:2998 advisory. The glibc packages provide the standard C libraries libc, POSIX thread libraries libpthread, standard math libraries libm, and the name...

glibc: stack-based buffer overflow if the input to any of the printf family of functions is an 80-bit long double with a non-canonical bit pattern

A stack buffer overflow flaw was found in glibc in the way the printf family of functions processed an 80-bit long double with a non-canonical bit pattern. This flaw allows an attacker who can control the arguments of these functions with the non-standard long double pattern to trigger an overflo...

Moderate: Red Hat Security Advisory: glibc security update

An update for glibc is now available for Red Hat Enterprise Linux 7.7 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for ea...

glibc: stack-based buffer overflow if the input to any of the printf family of functions is an 80-bit long double with a non-canonical bit pattern

A stack buffer overflow flaw was found in glibc in the way the printf family of functions processed an 80-bit long double with a non-canonical bit pattern. This flaw allows an attacker who can control the arguments of these functions with the non-standard long double pattern to trigger an overflo...

Cross-site Scripting (XSS) - Reflected in falconchristmas/fpp

✍️ Description GET parameter ?plugin= of plugin.php is vulnerable to reflected cross site scripting. plugin.php sends unvalidated data to a web browser, which can result in the browser executing malicious code. In this case the data is sent at printf in plugin.php 🕵️‍♂️ Proof of Concept 1. Visit...

Cross-site Scripting (XSS) - Reflected in falconchristmas/fpp

✍️ Description GET parameter ?plugin= is vulnerable to reflected cross site scripting. Line 17 of pluginconfig.php sends unvalidated data to a web browser, which can result in the browser executing malicious code. In this case the data is sent at printf in pluginconfig.php at line 17. 🕵️‍♂️ Proof...

sqlite: integer overflow in sqlite3_str_vappendf function in printf.c

An integer overflow flaw was found in the SQLite implementation of the printf function. This flaw allows an attacker who can control the precision of floating-point conversions, to crash the application, resulting in a denial of service...

Denial Of Service (DoS)

mpv is vulnerable to denial of service. An attacker is able to crash the application through a buffer overflow by specifying a printf format string which is not verified...

Linux/x86 - execve(/bin/sh) Shellcode (17 bytes)

Linux/x86 - execve/bin/sh Shellcode 17 bytes Author: s1ege Tested on: i686 GNU/Linux Shellcode length: 17 / ; nasm -felf32 shellcode.asm && ld -melfi386 shellcode.o -o shellcode section .text global start start: push 0x0b pop eax push 0x0068732f push 0x6e69622f mov ebx, esp int 0x80 / include...

SUSE SLES12 Security Update : glibc (SUSE-SU-2021:1165-1)

This update for glibc fixes the following issues : CVE-2020-27618: Accept redundant shift sequences in IBM1364 bsc1178386 CVE-2020-29562: Fix incorrect UCS4 inner loop bounds bsc1179694 CVE-2020-29573: Harden printf against non-normal long double values bsc1179721 Check vector support in memmove...

SUSE-SU-2021:1165-1 Security update for glibc

This update for glibc fixes the following issues: - CVE-2020-27618: Accept redundant shift sequences in IBM1364 bsc1178386 - CVE-2020-29562: Fix incorrect UCS4 inner loop bounds bsc1179694 - CVE-2020-29573: Harden printf against non-normal long double values bsc1179721 - Check vector support in...

printf vulnerable to Regular Expression Denial of Service (ReDoS)

The package printf before 0.6.1 are vulnerable to Regular Expression Denial of Service ReDoS via the regex string regex /%?:\w.+|1-9\d$?0 +-\|\d+?.?|\d+?hlL?%bscdeEfFgGioOuxX/g in lib/printf.js. The vulnerable regular expression has cubic worst-case time complexity...

1ib (>=1.0.9 <=1.0.11), 4front-cli (>=0.0.1 <=0.0.20) +375 more potentially affected by CVE-2021-23354 via printf (>=0.0.4 <=0.6.0)

printf NPM version =0.0.4, =1.0.9, =0.0.1, =1.0.0, =0.1.0, =0.1.0, =0.1.0, =0.2.0, =0.1.0, =0.1.5, =1.3.0, =1.2.26, =1.2.31, =7.54.0 and more Source cves: CVE-2021-23354 Source advisory: OSV:GHSA-XFHP-GMH8-R8V2...

GHSA-XFHP-GMH8-R8V2 printf vulnerable to Regular Expression Denial of Service (ReDoS)

The package printf before 0.6.1 are vulnerable to Regular Expression Denial of Service ReDoS via the regex string regex /%?:\w.+|1-9\d$?0 +-\|\d+?.?|\d+?hlL?%bscdeEfFgGioOuxX/g in lib/printf.js. The vulnerable regular expression has cubic worst-case time complexity...

CVE-2021-23354

The package printf before 0.6.1 are vulnerable to Regular Expression Denial of Service ReDoS via the regex string /%?:\w.+|1-9\d$?0 +-\|\d+?.?|\d+?hlL?%bscdeEfFgGioOuxX/g in lib/printf.js. The vulnerable regular expression has cubic worst-case time complexity...

CVE-2021-23354

The package printf before 0.6.1 are vulnerable to Regular Expression Denial of Service ReDoS via the regex string /%?:\w.+|1-9\d$?0 +-\|\d+?.?|\d+?hlL?%bscdeEfFgGioOuxX/g in lib/printf.js. The vulnerable regular expression has cubic worst-case time complexity...

Design/Logic Flaw

The package printf before 0.6.1 are vulnerable to Regular Expression Denial of Service ReDoS via the regex string /%?:\w.+|1-9\d$?0 +-\|\d+?.?|\d+?hlL?%bscdeEfFgGioOuxX/g in lib/printf.js. The vulnerable regular expression has cubic worst-case time complexity...

CVE-2021-23354

CVE-2021-23354 affects the Node.js printf package prior to 0.6.1. A vulnerable regex in lib/printf.js can cause a Regular Expression Denial of Service (ReDoS) with cubic worst-case time complexity. Exposure is tied to the printf implementation, not a broader platform. To remediate, upgrade to 0.6...

CVE-2021-23354

The package printf before 0.6.1 are vulnerable to Regular Expression Denial of Service ReDoS via the regex string /%?:\w.+|1-9\d$?0 +-\|\d+?.?|\d+?hlL?%bscdeEfFgGioOuxX/g in lib/printf.js. The vulnerable regular expression has cubic worst-case time complexity...