Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8488 matches found

CNNVD
CNNVDadded 2023/09/07 12:0 a.m.3 views

ASUS RT-AX56U Formatting String Error Vulnerability

The ASUS RT-AX56U is a wireless router from Asus China. The ASUS RT-AX56U suffers from a format string error vulnerability that stems from a lack of validation of specific values in its setiperf3svr.cgi module, resulting in a format string vulnerability...

7.2CVSS6.8AI score0.04596EPSS
Exploits0References2
Tenable Nessus
Tenable Nessusadded 2023/09/07 12:0 a.m.13 views

Oracle Linux 7 : udisks2 (ELSA-2019-2178)

The remote Oracle Linux 7 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2019-2178 advisory. - CVE-2018-17336: Fix format string vulnerability in udiskslog 1637427 Tenable has extracted the preceding description block directly from the Oracle Linux...

7.8CVSS7.1AI score0.00344EPSS
Exploits1References2
CNNVD
CNNVDadded 2023/09/07 12:0 a.m.2 views

ASUS RT-AX56U Formatting String Error Vulnerability

The ASUS RT-AX56U is a wireless router from Asus China. A format string error vulnerability exists in ASUS RT-AX56U version V2. The vulnerability stems from a lack of validation of a specific value in the apply.cgi module. A format string vulnerability exists, which can be exploited by an...

7.2CVSS7.6AI score0.01128EPSS
Exploits0References2
Tenable Nessus
Tenable Nessusadded 2023/09/07 12:0 a.m.39 views

Oracle Linux 5 : mysql (ELSA-2009-1289)

The remote Oracle Linux 5 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2009-1289 advisory. - Add fix for CVE-2009-2446 format string vulnerability in COMCREATEDB and COMDROPDB processing Resolves: 512200 - Back-port upstream fix for...

8.5CVSS7AI score0.07267EPSS
Exploits6References5
Prion
Prionadded 2023/09/06 6:15 p.m.14 views

Format string

AccessControl provides a general security framework for use in Zope. Python's "format" functionality allows someone controlling the format string to "read" objects accessible recursively via attribute access and subscription from accessible objects. Those attribute accesses and subscriptions use...

4CVSS7.5AI score0.00323EPSS
Exploits0References2Affected Software2
CNNVD
CNNVDadded 2023/09/06 12:0 a.m.4 views

Zope AccessControl Information Disclosure Vulnerability

Zope AccessControl is a generic security framework used in Zope from the Zope Foundation. An information disclosure vulnerability exists in Zope AccessControl that stems from allowing a person controlling a format string to read accessible recursive objects via attribute access and subscription o...

7.7CVSS6.1AI score0.00323EPSS
Exploits0References3
BDU FSTEC
BDU FSTECadded 2023/09/05 12:0 a.m.0 views

The vulnerability of the Validity_check() function in the microprogramming software for TOTOLINK N200RE V5 allows a perpetrator to execute arbitrary commands.

The vulnerability of the Validitycheck function in the TOTOLINK N200RE V5 router software lies in the use of uncontrolled format strings when processing the % symbol. Exploiting this vulnerability allows a remote attacker to execute arbitrary commands...

9CVSS0.00225EPSS
Exploits1References3Affected Software1
Positive Technologies
Positive Technologiesadded 2023/09/05 12:0 a.m.3 views

PT-2023-4771 · Asus · Asus Rt-Ax56U V2

Name of the Vulnerable Software and Affected Versions: ASUS RT-AX56U V2 Description: A format string vulnerability is identified in the set iperf3 svr.cgi module of ASUS RT-AX56U V2, caused by lacking validation for a specific value within this module. This vulnerability can be exploited by a...

10CVSS9.3AI score0.04596EPSS
Exploits0References22
OSV
OSVadded 2023/09/04 1:15 a.m.1 views

CVE-2023-4746

A vulnerability classified as critical has been found in TOTOLINK N200RE V5 9.3.5u.6437B20230519. This affects the function Validitycheck. The manipulation leads to format string. It is possible to initiate the attack remotely. The root-cause of the vulnerability is a format string issue. But the...

8.8CVSS5.4AI score0.00225EPSS
Exploits1References3
NVD
NVDadded 2023/09/04 1:15 a.m.11 views

CVE-2023-4746

A vulnerability classified as critical has been found in TOTOLINK N200RE V5 9.3.5u.6437B20230519. This affects the function Validitycheck. The manipulation leads to format string. It is possible to initiate the attack remotely. The root-cause of the vulnerability is a format string issue. But the...

9CVSS9.2AI score0.00225EPSS
Exploits1References3
Prion
Prionadded 2023/09/04 1:15 a.m.20 views

Format string

A vulnerability classified as critical has been found in TOTOLINK N200RE V5 9.3.5u.6437B20230519. This affects the function Validitycheck. The manipulation leads to format string. It is possible to initiate the attack remotely. The root-cause of the vulnerability is a format string issue. But the...

9CVSS9.1AI score0.00225EPSS
Exploits1References3Affected Software1
CVE
CVEadded 2023/09/04 12:0 a.m.53 views

CVE-2023-4746

CVE-2023-4746 affects TOTOLINK N200RE V5 firmware 9.3.5u.6437_B20230519. The root cause is a format string vulnerability in the function Validity_check that allows bypassing validation and leads to OS command injection. Impact is remote, with high severity (attack vector: network, no user interac...

9CVSS9.2AI score0.00225EPSS
Exploits1References3Affected Software1
Cvelist
Cvelistadded 2023/09/04 12:0 a.m.14 views

CVE-2023-4746 TOTOLINK N200RE V5 Validity_check format string

A vulnerability classified as critical has been found in TOTOLINK N200RE V5 9.3.5u.6437B20230519. This affects the function Validitycheck. The manipulation leads to format string. It is possible to initiate the attack remotely. The root-cause of the vulnerability is a format string issue. But the...

9CVSS9.3AI score0.00225EPSS
Exploits1References3
Positive Technologies
Positive Technologiesadded 2023/09/03 12:0 a.m.3 views

PT-2023-4734 · Totolink · Totolink N200Re V5

Name of the Vulnerable Software and Affected Versions: TOTOLINK N200RE V5 version 9.3.5u.6437 B20230519 Description: The issue is related to the Validity check function in the TOTOLINK N200RE V5 router's firmware. It involves the use of uncontrolled format strings when processing the % symbol,...

9CVSS8.1AI score0.00225EPSS
Exploits1References9
OSV
OSVadded 2023/08/30 6:15 p.m.0 views

UBUNTU-CVE-2023-41039

RestrictedPython is a restricted execution environment for Python to run untrusted code. Python's "format" functionality allows someone controlling the format string to "read" all objects accessible through recursive attribute lookup and subscription from objects he can access. This can lead to...

8.3CVSS5.9AI score0.00219EPSS
Exploits0References5
Prion
Prionadded 2023/08/30 6:15 p.m.11 views

Format string

RestrictedPython is a restricted execution environment for Python to run untrusted code. Python's "format" functionality allows someone controlling the format string to "read" all objects accessible through recursive attribute lookup and subscription from objects he can access. This can lead to...

4CVSS7.4AI score0.00219EPSS
Exploits0References2Affected Software1
GithubExploit
GithubExploitadded 2023/07/25 1:36 a.m.721 views

Exploit for Use of Externally-Controlled Format String in Asus Rt-Ac86U_Firmware

CVE-2023-35086-POC July 25 2023, Altin tin-z, github.com/t...

7.2CVSS9.5AI score0.75886EPSS
Exploits1
NVD
NVDadded 2023/07/21 8:15 a.m.9 views

CVE-2023-35087

It is identified a format string vulnerability in ASUS RT-AX56U V2 & RT-AC86U. This vulnerability is caused by lacking validation for a specific value when calling cmprocessChangedConfigMsg in ccmprocessREQCHANGEDCONFIG function in AiMesh system. An unauthenticated remote attacker can exploit thi...

9.8CVSS9.7AI score0.01656EPSS
Exploits0References1
OSV
OSVadded 2023/07/21 8:15 a.m.1 views

CVE-2023-35087

It is identified a format string vulnerability in ASUS RT-AX56U V2 & RT-AC86U. This vulnerability is caused by lacking validation for a specific value when calling cmprocessChangedConfigMsg in ccmprocessREQCHANGEDCONFIG function in AiMesh system. An unauthenticated remote attacker can exploit thi...

9.8CVSS6AI score0.01656EPSS
Exploits0References1
OSV
OSVadded 2023/07/21 7:15 a.m.0 views

CVE-2023-35086

It is identified a format string vulnerability in ASUS RT-AX56U V2 & RT-AC86U. This vulnerability is caused by directly using input as a format string when calling syslog in logmessagenormal function, in the dodetwancgi module of httpd. A remote attacker with administrator privilege can exploit...

7.2CVSS6AI score0.75886EPSS
Exploits1References1
Rows per page
Query Builder