8491 matches found
Arbitrary Code Execution
wireshark is vulnerable to arbitrary code execution. The vulnerability exists as a format string flaw was found in Wireshark. If Wireshark read a malformed packet off a network or opened a malicious dump file, it could crash or, possibly, execute arbitrary code as the user running Wireshark...
Arbitrary Code Execution
evolution is vulnerable to arbitrary code execution. A format string flaw was found in the way Evolution displayed encrypted mail content. If a user opened a carefully crafted mail message, arbitrary code could be executed as the user running Evolution...
Arbitrary Code Execution
php is vulnerable to arbitrary code execution. If the odbcresultall function was used to display data from a database, and the database table contents were under an attacker's control, a format string vulnerability was possible which could allow arbitrary code execution...
CVE-2020-1992
A format string vulnerability in the Varrcvr daemon of PAN-OS on PA-7000 Series devices with a Log Forwarding Card LFC allows remote attackers to crash the daemon creating a denial of service condition or potentially execute code with root privileges. This issue affects Palo Alto Networks PAN-OS...
CVE-2020-1992
A format string vulnerability in the Varrcvr daemon of PAN-OS on PA-7000 Series devices with a Log Forwarding Card LFC allows remote attackers to crash the daemon creating a denial of service condition or potentially execute code with root privileges. This issue affects Palo Alto Networks PAN-OS...
Format string
A format string vulnerability in the Varrcvr daemon of PAN-OS on PA-7000 Series devices with a Log Forwarding Card LFC allows remote attackers to crash the daemon creating a denial of service condition or potentially execute code with root privileges. This issue affects Palo Alto Networks PAN-OS...
CVE-2020-1992 PAN-OS on PA-7000 Series: Varrcvr daemon network-based denial of service or privilege escalation
A format string vulnerability in the Varrcvr daemon of PAN-OS on PA-7000 Series devices with a Log Forwarding Card LFC allows remote attackers to crash the daemon creating a denial of service condition or potentially execute code with root privileges. This issue affects Palo Alto Networks PAN-OS...
PAN-OS on PA-7000 Series: Varrcvr daemon network-based denial of service or privilege escalation
A format string vulnerability in the Varrcvr daemon of PAN-OS on PA-7000 Series devices with a Log Forwarding Card LFC allows remote attackers to crash the daemon creating a denial of service condition or potentially execute code with root privileges. This issue affects Palo Alto Networks PAN-OS...
Palo Alto Networks PAN-OS 8.1.x < 8.1.13 Privilege Escalation (PAN-97584)
The version of Palo Alto Networks PAN-OS running on the remote host is 8.1.x prior to 8.1.13. It is, therefore, affected by a format string vulnerability in the PAN-OS log daemon logd on Panorama due to improper handling of user-supplied input. An authenticated, local attacker can exploit this, b...
CVE-2020-1979
A format string vulnerability in the PAN-OS log daemon logd on Panorama allows a network based attacker with knowledge of registered firewall devices and access to Panorama management interfaces to execute arbitrary code, bypassing the restricted shell and escalating privileges. This issue affect...
Format string
A format string vulnerability in the PAN-OS log daemon logd on Panorama allows a network based attacker with knowledge of registered firewall devices and access to Panorama management interfaces to execute arbitrary code, bypassing the restricted shell and escalating privileges. This issue affect...
CVE-2020-1979
The CVE-2020-1979 entry describes a format-string vulnerability in Palo Alto Networks PAN-OS log daemon (logd) on Panorama. Affected are PAN-OS 8.1.x versions before 8.1.13; PAN-OS 7.1, 9.0, and later are not affected. An authenticated, local attacker with access to Panorama management interfaces...
PAN-OS: A format string vulnerability in PAN-OS log daemon (logd) on Panorama allows local privilege escalation
A format string vulnerability in the PAN-OS log daemon logd on Panorama allows a network based attacker with knowledge of registered firewall devices and access to Panorama management interfaces to execute arbitrary code, bypassing the restricted shell and escalating privileges. This issue affect...
The vulnerability of the Cisco Discovery protocol implementation in the Cisco IOS XR operating system allows a perpetrator to execute arbitrary code or trigger a reboot of the vulnerable device.
The vulnerability of the Cisco Discovery protocol implementation in the Cisco IOS XR operating system is related to the use of uncontrolled format strings. Exploiting this vulnerability allows a malicious actor to execute arbitrary code or trigger a restart of the vulnerable device remotely...
Debian: Security Advisory (DLA-2131-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] [DLA 2131-1] rrdtool security update
Package : rrdtool Version : 1.4.8-1.2+deb8u1 CVE ID : CVE-2014-6262 Multiple format string vulnerabilities in RRDtool, as used in Zenoss Core before 4.2.5 and other products, allow remote attackers to execute arbitrary code or cause a denial of service application crash via a crafted third argume...
CVE-2019-5143
An exploitable format string vulnerability exists in the iwconsole coniowritestr functionality of the Moxa AWK-3131A firmware version 1.13. A specially crafted time server entry can cause an overflow of the time server buffer, resulting in remote code execution. An attacker can send commands whil...
CVE-2019-5143
An exploitable format string vulnerability exists in the iwconsole coniowritestr functionality of the Moxa AWK-3131A firmware version 1.13. A specially crafted time server entry can cause an overflow of the time server buffer, resulting in remote code execution. An attacker can send commands whil...
Format string
An exploitable format string vulnerability exists in the iwconsole coniowritestr functionality of the Moxa AWK-3131A firmware version 1.13. A specially crafted time server entry can cause an overflow of the time server buffer, resulting in remote code execution. An attacker can send commands whil...
CVE-2019-5143
An exploitable format string vulnerability exists in the iwconsole coniowritestr functionality of the Moxa AWK-3131A firmware version 1.13. A specially crafted time server entry can cause an overflow of the time server buffer, resulting in remote code execution. An attacker can send commands whil...