8501 matches found
CVE-2017-17132
Huawei VP9660 V500R002C10 has a uncontrolled format string vulnerability when the license module output the log information. An authenticated local attacker could exploit this vulnerability to cause a denial of service...
CVE-2017-17132
Huawei VP9660 V500R002C10 has a uncontrolled format string vulnerability when the license module output the log information. An authenticated local attacker could exploit this vulnerability to cause a denial of service...
CVE-2017-17132
CVE-2017-17132: Affected Huawei VP9660 (V500R002C10) license module exhibits an uncontrolled format string in log output. This enables a local, authenticated attacker to trigger a denial of service. The vulnerability stems from improper handling of log formatting inside the license module. Public...
ruby: Buffer underrun vulnerability in Kernel.sprintf
A buffer underflow was found in ruby's sprintf function. An attacker, with ability to control its format string parameter, could send a specially crafted string that would disclose heap memory or crash the interpreter...
H2O HTTP Server < 2.0.4 DoS Vulnerability
H2O allows remote attackers to cause a denial of service DoS via format string specifiers in a template file via fastcgi, mruby, proxy, redirect or reproxy. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the...
DEBIAN-CVE-2018-7186
Leptonica before 1.75.3 does not limit the number of characters in a %s format argument to fscanf or sscanf, which allows remote attackers to cause a denial of service stack-based buffer overflow or possibly have unspecified other impact via a long string, as demonstrated by the gplotRead and...
Claymore Dual GPU Miner Format String dos attack
Claymore’s Dual GPU Miner 10.5 and below is vulnerable to a format strings vulnerability. This allows an unauthenticated attacker to read memory addresses, or immediately terminate the mining process causing a denial of service. !/usr/bin/env python3 -- coding: utf-8 - import socket import json...
Claymore Dual GPU Miner 10.5 - Format String
Claymore’s Dual GPU Miner 10.5 and below is vulnerable to a format strings vulnerability. This allows an unauthenticated attacker to read memory addresses, or immediately terminate the mining process causing a denial of service. After reading about the recent vulnerabilities with previous version...
Claymore Dual GPU Miner 10.5 - Format String
Claymore Dual GPU Miner 10.5 - Format String Claymore’s Dual GPU Miner 10.5 and below is vulnerable to a format strings vulnerability. This allows an unauthenticated attacker to read memory addresses, or immediately terminate the mining process causing a denial of service. After reading about the...
Ubiquiti Inc.: Format String Vulnerability in the EdgeSwitch restricted CLI
In EdgeSwitch 1.7.3 and prior, an user with admin credentials can make use of specially crafted commands to execute arbitrary shell instructions, bypassing the SSH/TELNET CLI interface. There was a format string vulnerability present in the Admin CLI for the EdgeSwitch. Exploiting this...
Format string
The remote management interface in Claymore Dual Miner 10.5 and earlier is vulnerable to an unauthenticated format string vulnerability, allowing remote attackers to read memory or cause a denial of service...
CVE-2018-6317
The remote management interface in Claymore Dual Miner 10.5 and earlier is vulnerable to an unauthenticated format string vulnerability, allowing remote attackers to read memory or cause a denial of service...
CVE-2018-6317
The remote management interface in Claymore Dual Miner 10.5 and earlier is vulnerable to an unauthenticated format string vulnerability, allowing remote attackers to read memory or cause a denial of service...
CVE-2018-6317
CVE-2018-6317 affects Claymore’s Dual Miner remote management interface. Versions 10.5 and earlier are vulnerable to an unauthenticated format-string vulnerability that can read memory or cause a denial of service. A fixed version is 10.6 (per 1337DAY entry). Public references show exploit/media ...
CVE-2018-6317
The remote management interface in Claymore Dual Miner 10.5 and earlier is vulnerable to an unauthenticated format string vulnerability, allowing remote attackers to read memory or cause a denial of service...
MGASA-2018-0001 Updated ncurses packages fix security vulnerabilities
Possible RCE via stack-based buffer overflow in the fmtentry function CVE-2017-10684. Possible RCE with format string vulnerability in the fmtentry function CVE-2017-10685. Illegal address access in appendacs CVE-2017-11112. Dereferencing NULL pointer in ncparseentry CVE-2017-11113...
Updated ncurses packages fix security vulnerabilities
Possible RCE via stack-based buffer overflow in the fmtentry function CVE-2017-10684. Possible RCE with format string vulnerability in the fmtentry function CVE-2017-10685. Illegal address access in appendacs CVE-2017-11112. Dereferencing NULL pointer in ncparseentry CVE-2017-11113...
Updated ncurses packages fix security vulnerabilities
Possible RCE via stack-based buffer overflow in the fmtentry function CVE-2017-10684. Possible RCE with format string vulnerability in the fmtentry function CVE-2017-10685. Illegal address access in appendacs CVE-2017-11112. Dereferencing NULL pointer in ncparseentry CVE-2017-11113. Fix infinite...
Username Anarchy - Username Tools For Penetration Testing
Tools for generating usernames when penetration testing. Usernames are half the password brute force problem. This is useful for user account/password brute force guessing and username enumeration when usernames are based on the users' names. By attempting a few weak passwords across a large set ...
ruby: Buffer underrun vulnerability in Kernel.sprintf
A buffer underflow was found in ruby's sprintf function. An attacker, with ability to control its format string parameter, could send a specially crafted string that would disclose heap memory or crash the interpreter...