ALPINE-CVE-2016-9586

curl before version 7.52.0 is vulnerable to a buffer overflow when doing a large floating point output in libcurl's implementation of the printf functions. If there are any application that accepts a format string from the outside without necessary input filtering, it could allow remote attacks...

ICSA-18-107-03_Rockwell Automation Stratix Services Router

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION : Exploitable remotely/low skill level to exploit. Vendor : Rockwell Automation Equipment : Allen-Bradley Stratix 5900 Services Router Vulnerabilities : Improper Input Validation, Improper Restriction of Operations within the Bounds of a Memory Buffer,...

Format string

In Ruby before 2.2.10, 2.3.x before 2.3.7, 2.4.x before 2.4.4, 2.5.x before 2.5.1, and 2.6.0-preview1, an attacker controlling the unpacking format similar to format string vulnerabilities can trigger a buffer under-read in the Stringunpack method, resulting in a massive and controlled informatio...

UBUNTU-CVE-2018-8778

In Ruby before 2.2.10, 2.3.x before 2.3.7, 2.4.x before 2.4.4, 2.5.x before 2.5.1, and 2.6.0-preview1, an attacker controlling the unpacking format similar to format string vulnerabilities can trigger a buffer under-read in the Stringunpack method, resulting in a massive and controlled informatio...

Format string

Format String vulnerability in the Link Layer Discovery Protocol LLDP subsystem of Cisco IOS Software, Cisco IOS XE Software, and Cisco IOS XR Software could allow an unauthenticated, adjacent attacker to cause a denial of service DoS condition or execute arbitrary code with elevated privileges o...

CVE-2018-0175

CVE-2018-0175 is a vulnerability in the LLDP subsystem of Cisco IOS Software, IOS XE Software, and IOS XR Software. The issue stems from a Format String vulnerability in LLDP that could allow an unauthenticated, adjacent attacker to cause a denial of service or to execute arbitrary code with elev...

CVE-2018-0175

Format String vulnerability in the Link Layer Discovery Protocol LLDP subsystem of Cisco IOS Software, Cisco IOS XE Software, and Cisco IOS XR Software could allow an unauthenticated, adjacent attacker to cause a denial of service DoS condition or execute arbitrary code with elevated privileges o...

CVE-2018-0175

Format String vulnerability in the Link Layer Discovery Protocol LLDP subsystem of Cisco IOS Software, Cisco IOS XE Software, and Cisco IOS XR Software could allow an unauthenticated, adjacent attacker to cause a denial of service DoS condition or execute arbitrary code with elevated privileges o...

Information Disclosure Through C Format String

grpc is vulnerable to information disclosure through a C Format String vulnerability. The vulnerability exists as the %s string format is not specified, potentially allowing other data to be read, and in some cases causes the application to crash...

PT-2018-3804 · Cisco · Cisco Ios Xe +2

Name of the Vulnerable Software and Affected Versions: Cisco IOS Software affected versions not specified Cisco IOS XE Software affected versions not specified Cisco IOS XR Software affected versions not specified Description: A Format String vulnerability in the Link Layer Discovery Protocol LLD...

ruby: Buffer underrun vulnerability in Kernel.sprintf

A buffer underflow was found in ruby's sprintf function. An attacker, with ability to control its format string parameter, could send a specially crafted string that would disclose heap memory or crash the interpreter...

ruby: Buffer underrun vulnerability in Kernel.sprintf

A buffer underflow was found in ruby's sprintf function. An attacker, with ability to control its format string parameter, could send a specially crafted string that would disclose heap memory or crash the interpreter...

CVE-2018-6875

Format String vulnerability in KeepKey version 4.0.0 allows attackers to trigger information display of information that should not be accessible, related to text containing characters that the device's font lacks...

CVE-2018-6875

Format String vulnerability in KeepKey version 4.0.0 allows attackers to trigger information display of information that should not be accessible, related to text containing characters that the device's font lacks...

Format string

Format String vulnerability in KeepKey version 4.0.0 allows attackers to trigger information display of information that should not be accessible, related to text containing characters that the device's font lacks...

CVE-2018-6875

CVE-2018-6875 affects KeepKey v4.0.0: a Format String vulnerability could cause the device to display information it should not access, triggered by text containing characters the device font cannot render. The issue is described across multiple sources (e.g., NVD entry and CNVD/CVE mirrors) as a...

CVE-2018-6875

Format String vulnerability in KeepKey version 4.0.0 allows attackers to trigger information display of information that should not be accessible, related to text containing characters that the device's font lacks...

Solaris 10 (x86) : 122082-01

SunOS 5.10x86: perl format string patch. Date this patch was last updated by Sun : Feb/23/06 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text in this plugin was extracted from the Oracle SunOS Patch Updates. include'deprecatednasllevel.inc'; include'compat.inc'; if...

Format string

Huawei VP9660 V500R002C10 has a uncontrolled format string vulnerability when the license module output the log information. An authenticated local attacker could exploit this vulnerability to cause a denial of service...

CVE-2017-17132

Huawei VP9660 V500R002C10 has a uncontrolled format string vulnerability when the license module output the log information. An authenticated local attacker could exploit this vulnerability to cause a denial of service...