Fortinet Fortigate Format String Bug in cli command (FG-IR-23-137)

The version of Fortigate installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the FG-IR-23-137 advisory. - A use of externally-controlled format string in Fortinet FortiProxy versions 7.2.0 through 7.2.5, 7.0.0 through...

Fortinet Fortigate - Format String in CLI command (FG-IR-23-413)

The version of Fortigate installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the FG-IR-23-413 advisory. - A use of externally-controlled format string vulnerability CWE-134 in FortiOS version 7.4.1 and below, version 7.2.7 and...

Fortinet FortiWeb Format string vulnerability in the CLI (FG-IR-22-187)

The version of FortiWeb installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the FG-IR-22-187 advisory. - A use of externally-controlled format string in Fortinet FortiWeb version 7.0.0 through 7.0.1, FortiWeb 6.4 all versions...

The vulnerabilities of the FortiOS command-line interpreter, the FortiSwitchManager local management platform, and the FortiProxy proxy server for protecting against internet attacks allow attackers to execute arbitrary code.

The vulnerability of the FortiOS command-line interpreter, the local management platform FortiSwitchManager, and the FortiProxy proxy server for protecting against Internet attacks is related to the use of uncontrolled format strings in processing binary files. Exploiting this vulnerability allow...

CVE-2023-45583

A use of externally-controlled format string vulnerability in Fortinet FortiOS 7.4.0, FortiOS 7.2.0 through 7.2.5, FortiOS 7.0 all versions, FortiOS 6.4 all versions, FortiOS 6.2 all versions, FortiOS 6.0.0 through 6.0.16, FortiPAM 1.1.0, FortiPAM 1.0 all versions, FortiProxy 7.2.0 through 7.2.5,...

CVE-2023-45583

A use of externally-controlled format string in Fortinet FortiProxy versions 7.2.0 through 7.2.5, 7.0.0 through 7.0.11, 2.0.0 through 2.0.13, 1.2.0 through 1.2.13, 1.1.0 through 1.1.6 FortiPAM versions 1.1.0, 1.0.0 through 1.0.3 FortiOS versions 7.4.0, 7.2.0 through 7.2.5, 7.0.0 through 7.0.13,...

CVE-2023-36640

A use of externally-controlled format string in Fortinet FortiProxy versions 7.2.0 through 7.2.4, 7.0.0 through 7.0.10, 2.0.0 through 2.0.13, 1.2.0 through 1.2.13, 1.1.0 through 1.1.6, 1.0.0 through 1.0.7, FortiPAM versions 1.0.0 through 1.0.3, FortiOS versions 7.2.0, 7.0.0 through 7.0.12, 6.4.0...

CVE-2023-36640

A use of externally-controlled format string vulnerability in Fortinet FortiOS 7.4.0, FortiOS 7.2.0 through 7.2.5, FortiOS 7.0 all versions, FortiOS 6.4 all versions, FortiOS 6.2 all versions, FortiOS 6.0.0 through 6.0.16, FortiPAM 1.1.0, FortiPAM 1.0 all versions, FortiProxy 7.2.0 through 7.2.5,...

CVE-2023-36640

A use of externally-controlled format string vulnerability in Fortinet FortiOS 7.4.0, FortiOS 7.2.0 through 7.2.5, FortiOS 7.0 all versions, FortiOS 6.4 all versions, FortiOS 6.2 all versions, FortiOS 6.0.0 through 6.0.16, FortiPAM 1.1.0, FortiPAM 1.0 all versions, FortiProxy 7.2.0 through 7.2.5,...

CVE-2023-36640

CVE-2023-36640 describes a use of externally-controlled format string in Fortinet FortiProxy and related Fortinet products, enabling an attacker to execute unauthorized code or commands via specially crafted commands. Affected software includes FortiProxy versions 7.2.0–7.2.4, 7.0.0–7.0.12, 2.0.0...

CVE-2023-36640

A use of externally-controlled format string vulnerability in Fortinet FortiOS 7.4.0, FortiOS 7.2.0 through 7.2.5, FortiOS 7.0 all versions, FortiOS 6.4 all versions, FortiOS 6.2 all versions, FortiOS 6.0.0 through 6.0.16, FortiPAM 1.1.0, FortiPAM 1.0 all versions, FortiProxy 7.2.0 through 7.2.5,...

CVE-2023-45583

A use of externally-controlled format string vulnerability in Fortinet FortiOS 7.4.0, FortiOS 7.2.0 through 7.2.5, FortiOS 7.0 all versions, FortiOS 6.4 all versions, FortiOS 6.2 all versions, FortiOS 6.0.0 through 6.0.16, FortiPAM 1.1.0, FortiPAM 1.0 all versions, FortiProxy 7.2.0 through 7.2.5,...

CVE-2023-45583

A use of externally-controlled format string vulnerability in Fortinet FortiOS 7.4.0, FortiOS 7.2.0 through 7.2.5, FortiOS 7.0 all versions, FortiOS 6.4 all versions, FortiOS 6.2 all versions, FortiOS 6.0.0 through 6.0.16, FortiPAM 1.1.0, FortiPAM 1.0 all versions, FortiProxy 7.2.0 through 7.2.5,...

CVE-2023-45583

The CVE-2023-45583 vulnerability is a use of externally-controlled format string affecting Fortinet FortiProxy, FortiPAM, FortiOS, and FortiSwitchManager across multiple versions (e.g., FortiProxy 7.2.0–7.2.5, 7.0.x, 2.0.x, 1.x; FortiOS 7.x and 6.x; FortiPAM 1.x; FortiSwitchManager 7.x). The unde...

PT-2024-3554

Name of the Vulnerable Software and Affected Versions FortiProxy versions 1.0.0 through 1.2.13 FortiProxy versions 2.0.0 through 2.0.13 FortiProxy versions 7.0.0 through 7.2.4 FortiPAM versions 1.0.0 through 1.0.3 FortiOS versions 6.0.0 through 6.4.14 FortiOS versions 7.0.0 through 7.2.0...

RHEL 7 : mariadb (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - mariadb: CONNECT storage engine heap-based buffer overflow CVE-2022-24052 - getsortbytable in MariaDB...

PT-2024-4558

Name of the Vulnerable Software and Affected Versions Artifex Ghostscript versions prior to 10.03.1 Description The vulnerability in Artifex Ghostscript is related to a format string injection in the uniprint device, which can lead to memory corruption and allow an attacker to bypass the -dSAFER...

UBUNTU-CVE-2024-29510

Artifex Ghostscript before 10.03.1 allows memory corruption, and SAFER sandbox bypass, via format string injection with a uniprint device...

CVE-2021-34970

Foxit PDF Reader print Method Use of Externally-Controlled Format String Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in...

CVE-2021-34970

CVE-2021-34970 (Foxit PDF Reader / PhantomPDF) is a vulnerability where the print method mishandles a user-supplied string used as a format specifier, due to improper validation. This leads to information disclosure on affected Foxit PDF Reader/PhantomPDF installations and, per sources, can be le...