CVE-2017-9212

The Bluetooth stack on the BMW 330i 2011 allows a remote crash of the CD/Multimedia software via %x or %c format string specifiers in a device name...

CVE-2018-14713

Format string vulnerability in appGet.cgi on ASUS RT-AC3200 version 3.0.0.4.382.50010 allows attackers to read arbitrary sections of memory and CPU registers via the "hook" URL parameter...

CVE-2012-0824

gnusound 0.7.5 has format string issue...

CVE-2016-10773

cPanel before 60.0.25 allows format-string injection in exception-message handling SEC-171...

CVE-2019-7228

The ABB IDAL HTTP server mishandles format strings in a username or cookie during the authentication process. Attempting to authenticate with the username %25s%25p%25x%25n will crash the server. Sending %08x.AAAA.%08x.%08x will log memory content from the stack...

CVE-2010-4235

Format string vulnerability in RealNetworks Helix Server 12.x, 13.x, and 14.x before 14.2, and Helix Mobile Server 12.x, 13.x, and 14.x before 14.2, allows remote attackers to execute arbitrary code via vectors related to the x-wap-profile HTTP header...

CVE-2019-14412

Maketext in cPanel before 78.0.2 allows format-string injection in the DCV checkdomainsviadns UAPI SEC-474...

CVE-2011-2475

Format string vulnerability in ECTrace.dll in the iMailGateway service in the Internet Mail Gateway in OneBridge Server and DMZ Proxy in Sybase OneBridge Mobile Data Suite 5.5 and 5.6 allows remote attackers to execute arbitrary code via format string specifiers in unspecified string fields,...

CVE-2018-10388

Format string vulnerability in the logMess function in TFTP Server SP 1.66 and earlier allows remote attackers to perform a denial of service or execute arbitrary code via format string sequences in a TFTP error packet...

CVE-2018-10389

Format string vulnerability in the logMess function in TFTP Server MT 1.65 and earlier allows remote attackers to perform a denial of service or execute arbitrary code via format string sequences in a TFTP error packet...

CVE-2015-10088

A vulnerability, which was classified as critical, was found in ayttm up to 0.5.0.89. This affects the function httpconnect in the library libproxy/proxy.c. The manipulation leads to format string. It is possible to initiate the attack remotely. The complexity of an attack is rather high. The...

CVE-2005-2237

Format string vulnerability in the swcons command in IBM AIX 5.3, and possibly other versions, might allow local users to execute arbitrary code via long command line arguments...

CVE-2002-2155

Format string vulnerability in the error handling of IRC invite responses for Trillian 0.725 and 0.73 allows remote IRC servers to execute arbitrary code via an invite to a channel with format string specifiers in the name...

CVE-2005-4846

Format string vulnerability in Logger.cc for Spey 0.3.3 allows attackers to cause a denial of service crash and possibly execute arbitrary code via format string specifiers in a syslog call...

CVE-2008-7228

Multiple format string vulnerabilities in WhiteDune before 0.29beta851 have unspecified impact and attack vectors, a different vulnerability than CVE-2008-0101...

CVE-2006-6750

Format string vulnerability in XM Easy Personal FTP Server 5.0.1 allows remote attackers to cause a denial of service application crash via format string specifiers in a long PORT command. NOTE: this issue might be related to CVE-2006-2226...

CVE-2007-5561

Format string vulnerability in the logging function in the Oracle OPMN daemon, as used on Oracle Enterprise Grid Console server 10.2.0.1, allows remote attackers to execute arbitrary code via format string specifiers in the URI in an HTTP request to port 6003, aka Oracle reference number 6296175...

CVE-2004-2160

Format string vulnerability in xmlelem.c for XMLStarlet Command Line XML Toolkit 0.9.3 may allow attackers to cause a denial of service or execute arbitrary code...

CVE-2003-0784

Format string vulnerability in tsm for the bos.rte.security fileset on AIX 5.2 allows remote attackers to gain root privileges via login, and local users to gain privileges via login, su, or passwd, with a username that contains format string specifiers...

CVE-2005-2236

Format string vulnerability in the paginit command in IBM AIX 5.3, and possibly other versions, might allow local users to execute arbitrary code via format strings in command line arguments...