8515 matches found
PT-2023-8709 · Zyxel · Zyxel Usg Flex Series +3
Name of the Vulnerable Software and Affected Versions: Zyxel ATP series versions 4.32 through 5.37 Patch 1 Zyxel USG FLEX series versions 4.50 through 5.37 Patch 1 Zyxel USG FLEX 50W series versions 4.16 through 5.37 Patch 1 Zyxel USG20W-VPN series versions 4.16 through 5.37 Patch 1 Zyxel USG FLE...
Format string
wire-avs provides Audio, Visual, and Signaling AVS functionality sure the secure messaging software Wire. Prior to versions 9.2.22 and 9.3.5, a remote format string vulnerability could potentially allow an attacker to cause a denial of service or possibly execute arbitrary code. The issue has bee...
CVE-2023-48221 wire-avs remote format string vulnerability
wire-avs provides Audio, Visual, and Signaling AVS functionality sure the secure messaging software Wire. Prior to versions 9.2.22 and 9.3.5, a remote format string vulnerability could potentially allow an attacker to cause a denial of service or possibly execute arbitrary code. The issue has bee...
CVE-2023-48221
CVE-2023-48221 affects wire-avs (AVS component of Wire). A remote format string vulnerability in Wire’s AVS prior to versions 9.2.22 and 9.3.5 could potentially cause a denial of service or, possibly, execute arbitrary code. The issue has been fixed in wire-avs 9.2.22 and 9.3.5 and is already inc...
CVE-2023-48221 wire-avs remote format string vulnerability
wire-avs provides Audio, Visual, and Signaling AVS functionality sure the secure messaging software Wire. Prior to versions 9.2.22 and 9.3.5, a remote format string vulnerability could potentially allow an attacker to cause a denial of service or possibly execute arbitrary code. The issue has bee...
PT-2023-30738 · Wire-Avs · Wire-Avs
Name of the Vulnerable Software and Affected Versions: wire-avs versions prior to 9.2.22 wire-avs versions prior to 9.3.5 Description: A remote format string issue could potentially allow an attacker to cause a denial of service or possibly execute arbitrary code. Recommendations: For versions...
The vulnerabilities of the input/output modules in the Rsyslog software utility for logging processing allow a perpetrator to gain access to confidential data, compromise its integrity, and cause service failures.
The vulnerability of the input/output modules of the Rsyslog log processing software is related to insufficient handling of the format string. Exploiting this vulnerability allows a remote attacker to gain access to confidential data, compromise its integrity, and cause service failures...
The vulnerability of the yajl_string_decode function in the yajl_encode.c component of the YAJL-ruby library allows a attacker to cause a service failure.
The vulnerability of the yajlstringdecode function in the yajlencode.c component of the YAJL-ruby library is related to insufficient processing of the format string. Exploiting this vulnerability could allow a malicious actor to cause a service failure by using a specially created JSON file...
The vulnerability of the STST TA component in Samsung Teegris’ Android operating system allows a hacker to execute arbitrary code.
The vulnerability of the STST TA component in Samsung Teegris’ Android operating system security system is related to the use of uncontrolled format strings. Exploiting this vulnerability could allow an attacker to execute arbitrary code...
mariadb: lack of proper validation of a user-supplied string before using it as a format specifier
MariaDB CONNECT Storage Engine Format String Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of MariaDB. Authentication is required to exploit this vulnerability. The specific flaw exists within the processing of SQL...
RockyLinux 8 : mariadb:10.5 (RLSA-2022:5826)
The remote RockyLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2022:5826 advisory. mariadb: MariaDB through 10.5.9 allows attackers to trigger a convertconsttoint use-after-free when the BIGINT data type is used CVE-2021-46669 mariadb:...
Rocky Linux 8 : libinput (RLSA-2022:5331)
The remote Rocky Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2022:5331 advisory. - A format string vulnerability was found in libinput CVE-2022-1215 Note that Nessus has not tested for this issue but has instead relied only on the application...
libinput: format string vulnerability when using xf86-input-libinput
Background A library to handle input devices in Wayland and, via xf86-input-libinput, in X.org. Description An attacker may be able to run malicious code by exploiting a format string vulnerability. Please review the CVE identifier referenced below for details. Impact When a device is detected by...
GLSA-202310-14 : libinput: format string vulnerability when using xf86-input-libinput
The remote host is affected by the vulnerability described in GLSA-202310-14 libinput: format string vulnerability when using xf86-input-libinput - A format string vulnerability was found in libinput CVE-2022-1215 Note that Nessus has not tested for this issue but has instead relied only on the...
CVE-2023-5746
A vulnerability regarding use of externally-controlled format string is found in the cgi component. This allows remote attackers to execute arbitrary code via unspecified vectors. The following models with Synology Camera Firmware versions before 1.0.5-0185 may be affected: BC500 and TC500...
Format string
A vulnerability regarding use of externally-controlled format string is found in the cgi component. This allows remote attackers to execute arbitrary code via unspecified vectors. The following models with Synology Camera Firmware versions before 1.0.5-0185 may be affected: BC500 and TC500...
CVE-2023-5746
A vulnerability regarding use of externally-controlled format string is found in the cgi component. This allows remote attackers to execute arbitrary code via unspecified vectors. The following models with Synology Camera Firmware versions before 1.0.5-0185 may be affected: BC500 and TC500...
CVE-2022-26941
A format string vulnerability exists in Motorola MTM5000 series firmware AT command handler for the AT+CTGL command. An attacker-controllable string is improperly handled, allowing for a write-anything-anywhere scenario. This can be leveraged to obtain arbitrary code execution inside the tedsapp...
Format string
A format string vulnerability exists in Motorola MTM5000 series firmware AT command handler for the AT+CTGL command. An attacker-controllable string is improperly handled, allowing for a write-anything-anywhere scenario. This can be leveraged to obtain arbitrary code execution inside the tedsapp...
CVE-2022-26941 Format string vulnerability in AT+CTGL command in Motorola MTM5000
A format string vulnerability exists in Motorola MTM5000 series firmware AT command handler for the AT+CTGL command. An attacker-controllable string is improperly handled, allowing for a write-anything-anywhere scenario. This can be leveraged to obtain arbitrary code execution inside the tedsapp...