8491 matches found
Apache Airflow vulnerable to Use of Externally-Controlled Format String
In Apache Airflow 2.3.0 through 2.3.4, part of a url was unnecessarily formatted, allowing for possible information extraction...
Internet Bug Bounty: CVE-2022-40604: Apache Airflow: Format String Vulnerability
There is a format string vulnerability in Apache Airflow versions 2.3.0 through 2.3.4 in the src/airflow/utils/log/filetaskhandler.py file. The vulnerability was caused by unnecessary formatting of a URL, which could allow for information extraction...
CVE-2022-40604 Format String Vulnerability
In Apache Airflow 2.3.0 through 2.3.4, part of a url was unnecessarily formatted, allowing for possible information extraction...
CVE-2022-40604 Format String Vulnerability
In Apache Airflow 2.3.0 through 2.3.4, part of a url was unnecessarily formatted, allowing for possible information extraction...
Huawei EulerOS: Security Advisory for tcl (EulerOS-SA-2022-2305)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for tcl (EulerOS-SA-2022-2334)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for libinput (EulerOS-SA-2022-2295)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
EulerOS 2.0 SP9 : tcl (EulerOS-SA-2022-2305)
According to the versions of the tcl package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - DISPUTED In Tcl 8.6.11, a format string vulnerability in nmakehlp.c might allow code execution via a crafted file. NOTE: multiple third parties...
EulerOS 2.0 SP9 : libinput (EulerOS-SA-2022-2295)
According to the versions of the libinput packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A format string vulnerability was found in libinput CVE-2022-1215 Note that Tenable Network Security has extracted the preceding description...
mariadb: lack of proper validation of a user-supplied string before using it as a format specifier
MariaDB CONNECT Storage Engine Format String Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of MariaDB. Authentication is required to exploit this vulnerability. The specific flaw exists within the processing of SQL...
CVE-2022-26393
The Baxter Spectrum WBM is susceptible to format string attacks via application messaging. An attacker could use this to read memory in the WBM to access sensitive information or cause a Denial of Service DoS on the WBM...
CVE-2022-26393
The Baxter Spectrum WBM is susceptible to format string attacks via application messaging. An attacker could use this to read memory in the WBM to access sensitive information or cause a Denial of Service DoS on the WBM...
CVE-2022-26392
The Baxter Spectrum WBM v16, v16D38 and Baxter Spectrum WBM v17, v17D19, v20D29 to v20D32 when in superuser mode is susceptible to format string attacks via application messaging. An attacker could use this to read memory in the WBM to access sensitive information...
CVE-2022-26392
The Baxter Spectrum WBM v16, v16D38 and Baxter Spectrum WBM v17, v17D19, v20D29 to v20D32 when in superuser mode is susceptible to format string attacks via application messaging. An attacker could use this to read memory in the WBM to access sensitive information...
Format string
The Baxter Spectrum WBM v16, v16D38 and Baxter Spectrum WBM v17, v17D19, v20D29 to v20D32 when in superuser mode is susceptible to format string attacks via application messaging. An attacker could use this to read memory in the WBM to access sensitive information...
Format string
The Baxter Spectrum WBM is susceptible to format string attacks via application messaging. An attacker could use this to read memory in the WBM to access sensitive information or cause a Denial of Service DoS on the WBM...
CVE-2022-26392
CVE-2022-26392 is a format-string vulnerability in Baxter Spectrum WBM firmware (v16, v16D38, v17, v17D19, v20D29–v20D32) that is exploitable when the device runs in superuser mode and processes application messages. The issue can let an attacker read memory on the WBM via a Telnet/hostmessage co...
CVE-2022-26393
CVE-2022-26393 is a Baxter Sigma Spectrum/WBM format-string vulnerability impacting Wi‑Fi SSID processing (v20D29 in WBM). The flaw allows attackers to trigger format string attacks to read memory and, in some contexts, cause DoS when processing SSID data over the Wi‑Fi interface. Affected produc...
CVE-2022-26393 Format String vulnerability
The Baxter Spectrum WBM is susceptible to format string attacks via application messaging. An attacker could use this to read memory in the WBM to access sensitive information or cause a Denial of Service DoS on the WBM...
CVE-2022-26392 Format String vulnerability
The Baxter Spectrum WBM v16, v16D38 and Baxter Spectrum WBM v17, v17D19, v20D29 to v20D32 when in superuser mode is susceptible to format string attacks via application messaging. An attacker could use this to read memory in the WBM to access sensitive information...