NETGEAR R6700 httpd strtblupgrade Format String Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR R6700 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of string table file uploads. The issue results from the la...

The vulnerability of the logd daemon in the PAN-OS operating system allows a perpetrator to execute arbitrary code and increase their privileges.

The vulnerability of logd daemon in the PAN-OS operating system is related to the use of an uncontrolled format string. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely and gain elevated privileges...

FreeBSD : Anydesk -- Multiple Vulnerabilities (4344861a-be0b-11ea-9172-4c72b94353b5)

Anydesk reports : AnyDesk before 5.5.3 on Linux and FreeBSD has a format string vulnerability that can be exploited for remote code execution. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from the FreeBSD VuXML database : Copyright 2003-20...

AnyDesk GUI Format String Write Exploit

The AnyDesk GUI is vulnerable to a remotely exploitable format string vulnerability. By sending a specially crafted discovery packet, an attacker can corrupt the frontend process when it loads or refreshes. While the discovery service is always running, the GUI frontend must be started to trigger...

AnyDesk GUI Format String Write

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'AnyDesk GUI Format String Write', 'Description' = %q The AnyDesk GUI is vulnerable to a remotely exploitable format string vulnerability. By...

AnyDesk GUI Format String Write

The AnyDesk GUI is vulnerable to a remotely exploitable format string vulnerability. By sending a specially crafted discovery packet, an attacker can corrupt the frontend process when it loads or refreshes. While the discovery service is always running, the GUI frontend must be started to trigger...

AnyDesk Formatting String Error Vulnerability

FreeBSD is a set of Unix-like operating systems from the FreeBSD Foundation. A format string error vulnerability exists in AnyDesk versions prior to 5.5.3 Linux and FreeBSD platforms. A remote attacker could exploit this vulnerability to execute code...

Anydesk -- Multiple Vulnerabilities

Anydesk reports: AnyDesk before 5.5.3 on Linux and FreeBSD has a format string vulnerability that can be exploited for remote code execution...

CVE-2020-13160

AnyDesk before 5.5.3 on Linux and FreeBSD has a format string vulnerability that can be exploited for remote code execution...

CVE-2020-13160

AnyDesk before 5.5.3 on Linux and FreeBSD has a format string vulnerability that can be exploited for remote code execution...

Format string

AnyDesk before 5.5.3 on Linux and FreeBSD has a format string vulnerability that can be exploited for remote code execution...

CVE-2020-13160

CVE-2020-13160 – AnyDesk GUI (Linux/FreeBSD) Affected: AnyDesk GUI on Linux and FreeBSD prior to version 5.5.3.Root cause: A format string vulnerability in the GUI/discovery path that can be triggered remotely.Impact: Remote code execution (RCE) with the privileges of the user running the AnyDesk...

CVE-2020-13160

AnyDesk before 5.5.3 on Linux and FreeBSD has a format string vulnerability that can be exploited for remote code execution...

CVE-2020-13160

AnyDesk before 5.5.3 on Linux and FreeBSD has a format string vulnerability that can be exploited for remote code execution. Recent assessments: zeroSteiner at June 17, 2020 7:54pm UTC reported: The AnyDesk GUI is vulnerable to a remotely exploitable format string vulnerability. By sending a...

Security update for axel (moderate)

openSUSE Security Update: Security update for axel Announcement ID: openSUSE-SU-2020:0778-1 Rating: moderate References: 1172159 Cross-References: CVE-2020-13614 Affected Products: openSUSE Leap 15.1 An update that fixes one vulnerability is now available. Description: This update for axel fixes...

Huawei Data Communication: Two Vulnerabilities of License Module in Some Huawei Products (huawei-sa-20171206-01-license)

There is a uncontrolled format string vulnerability when the license module of some Huawei products output the log information. This VT has been deprecated and is therefore no longer functional. SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced...

Remote Code Execution (RCE)

ncurses is vulnerable to denial of service. Due to a flaw, there is a format string vulnerability in the fmtentry function. A crafted input will lead to a remote arbitrary code execution attack...

[ASA-202005-4] a2ps: multiple issues

Arch Linux Security Advisory ASA-202005-4 ========================================= Severity: High Date : 2020-05-06 CVE-ID : CVE-2014-0466 CVE-2015-8107 Package : a2ps Type : multiple issues Remote : No Link : https://security.archlinux.org/AVG-1150 Summary ======= The package a2ps before versio...

Arbitrary Code Execution

glibc is vulnerable to arbitrary code execution. An integer overflow flaw was found in the implementation of the printf functions family. This could allow an attacker to bypass FORTIFYSOURCE protections and execute arbitrary code using a format string flaw in an application, even though these...

Denial Of Service (DoS)

scsi-target-utils is vulnerable to denial of service. A format string flaw was found in scsi-target-utils' tgtd daemon. A remote attacker could trigger this flaw by sending a carefully-crafted Internet Storage Name Service iSNS request, causing the tgtd daemon to crash...