8436 matches found
CVE-2019-12297
An issue was discovered in scopd on Motorola routers CX2 1.01 and M2 1.01. There is a Use of an Externally Controlled Format String, reachable via TCP port 8010 or UDP port 8080...
binary-exploitation-labs
Binary Exploitation Labs This repository is my long-term pu...
PT-2026-2164
Name of the Vulnerable Software and Affected Versions Panda3D versions up to and including 1.10.16 Description Panda3D’s egg-mkfont utility contains an uncontrolled format string issue. The -gp command-line option is directly used as the format string for the sprintf function with a single...
Exploit for Off-by-one Error in Sudo_Project Sudo
ExploitForge - AI-Powered Automatic Exploit Generation !Pyt...
CVE-2025-53591
A use of externally-controlled format string vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to obtain secret data or modify memory. We have already fixed the vulnerabili...
CVE-2025-53591
A use of externally-controlled format string vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to obtain secret data or modify memory. We have already fixed the vulnerabili...
CVE-2025-53591
A use of externally-controlled format string vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to obtain secret data or modify memory. We have already fixed the vulnerabili...
CVE-2025-53591 QTS, QuTS hero
A use of externally-controlled format string vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to obtain secret data or modify memory. We have already fixed the vulnerabili...
CVE-2025-53591 QTS, QuTS hero
A use of externally-controlled format string vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to obtain secret data or modify memory. We have already fixed the vulnerabili...
CVE-2025-53591
CVE-2025-53591 affects QNAP QTS and QuTS hero due to a use of externally-controlled format string vulnerability. The issue could allow a remote attacker with an administrator account to obtain secret data or modify memory. Fixes are available in QTS 5.2.7.3256 build 20250913 and later, QuTS hero ...
PT-2026-1082
Name of the Vulnerable Software and Affected Versions QNAP versions prior to QTS 5.2.7.3256 build 20250913 QNAP versions prior to QuTS hero h5.2.7.3256 build 20250913 QNAP versions prior to QuTS hero h5.3.1.3250 build 20250912 Description A use of externally-controlled format string vulnerability...
EUVD-2023-60269
In the Linux kernel, the following vulnerability has been resolved: iommu/amd: Add a length limitation for the ivrsacpihid command-line parameter The 'acpiid' buffer in the parseivrsacpihid function may overflow, because the string specifier in the format string sscanf has no width limitation...
EUVD-2023-60228
SOUND4 LinkAndShare Transmitter 1.1.2 contains a format string vulnerability that allows attackers to trigger memory stack overflows through maliciously crafted environment variables. Attackers can manipulate the username environment variable with format string payloads to potentially execute...
CVE-2023-53966
SOUND4 LinkAndShare Transmitter 1.1.2 contains a format string vulnerability that allows attackers to trigger memory stack overflows through maliciously crafted environment variables. Attackers can manipulate the username environment variable with format string payloads to potentially execute...
CVE-2023-53966
SOUND4 LinkAndShare Transmitter 1.1.2 contains a format string vulnerability that allows attackers to trigger memory stack overflows through maliciously crafted environment variables. Attackers can manipulate the username environment variable with format string payloads to potentially execute...
CVE-2023-53966 SOUND4 LinkAndShare Transmitter 1.1.2 Format String Stack Buffer Overflow
SOUND4 LinkAndShare Transmitter 1.1.2 contains a format string vulnerability that allows attackers to trigger memory stack overflows through maliciously crafted environment variables. Attackers can manipulate the username environment variable with format string payloads to potentially execute...
CVE-2023-53966
CVE-2023-53966 affects SOUND4 LinkAndShare Transmitter 1.1.2. It describes a format string vulnerability in getenv() usage where the attacker can manipulate the username environment variable to trigger memory stack overflows, potentially enabling arbitrary code execution and causing a crash. This...
CVE-2023-53966 SOUND4 LinkAndShare Transmitter 1.1.2 Format String Stack Buffer Overflow
SOUND4 LinkAndShare Transmitter 1.1.2 contains a format string vulnerability that allows attackers to trigger memory stack overflows through maliciously crafted environment variables. Attackers can manipulate the username environment variable with format string payloads to potentially execute...
PT-2025-52703
Name of the Vulnerable Software and Affected Versions SOUND4 LinkAndShare Transmitter version 1.1.2 Description SOUND4 LinkAndShare Transmitter version 1.1.2 contains a format string vulnerability. This allows attackers to trigger memory stack overflows through maliciously crafted environment...
SUSE SLES16 Security Update : ImageMagick (SUSE-SU-2025:21211-1)
The remote SUSE Linux SLES16 / SLESSAP16 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:21211-1 advisory. - CVE-2025-62594: unsigned underflow and division-by-zero can lead to OOB pointer arithmetic and process crash bsc1252749. -...