CVE-2022-43953

A use of externally-controlled format string in Fortinet FortiOS version 7.2.0 through 7.2.4, FortiOS all versions 7.0, FortiOS all versions 6.4, FortiOS all versions 6.2, FortiProxy version 7.2.0 through 7.2.1, FortiProxy version 7.0.0 through 7.0.7 allows attacker to execute unauthorized code o...

CVE-2022-43953

A use of externally-controlled format string in Fortinet FortiOS version 7.2.0 through 7.2.4, FortiOS all versions 7.0, FortiOS all versions 6.4, FortiOS all versions 6.2, FortiProxy version 7.2.0 through 7.2.1, FortiProxy version 7.0.0 through 7.0.7 allows attacker to execute unauthorized code o...

CVE-2022-43953

A use of externally-controlled format string in Fortinet FortiOS version 7.2.0 through 7.2.4, FortiOS all versions 7.0, FortiOS all versions 6.4, FortiOS all versions 6.2, FortiProxy version 7.2.0 through 7.2.1, FortiProxy version 7.0.0 through 7.0.7 allows attacker to execute unauthorized code o...

Fortinet FortiOS 格式化字符串错误漏洞

Fortinet FortiOS is a set of security operating system dedicated to FortiGate network security platform from American Fita Fortinet. The system provides users with a variety of security features such as firewall, antivirus, IPSec/SSLVPN, Web content filtering, and anti-spam. A security...

Protect

A use of externally-controlled format string vulnerability CWE-134 in the Fclicense daemon of FortiOS may allow a remote authenticated attacker to execute arbitrary code or commands via specially crafted requests...

Protect

A format string vulnerability CWE-134 in the command line interpreter of FortiOS and FortiProxy may allow an authenticated user to execute unauthorized code or commands via specially crafted command arguments...

PT-2023-3353 · Fortinet · Fortiproxy +2

Name of the Vulnerable Software and Affected Versions: FortiOS versions 7.2.0 through 7.2.4 FortiOS versions 7.0.0 through 7.0.11 FortiOS versions 6.4.0 through 6.4.12 FortiOS versions 6.2.0 through 6.2.14 FortiOS versions 6.0.0 through 6.0.16 FortiProxy versions 7.2.0 through 7.2.4 FortiProxy...

Fortinet Fortigate Format String Bug in Fclicense daemon (FG-IR-23-119)

The version of Fortigate installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the FG-IR-23-119 advisory. - A use of externally-controlled format string in Fortinet FortiOS 7.2.0 through 7.2.4, 7.0.0 through 7.0.11, 6.4.0 through...

The vulnerability of the executable file GTWWebMonitor.exe in the SCADA system SCADA Data Gateway allows a intruder to trigger a service failure or execute arbitrary code.

The vulnerability of the GTWWebMonitor.exe executable in the SCADA system SCADA Data Gateway is related to the use of uncontrolled format strings. Exploiting this vulnerability could allow a malicious actor to cause service interruptions or execute arbitrary code by sending specially crafted...

The vulnerability of FortiWeb web applications’ network firewalls, related to the use of an uncontrolled format string, allows attackers to execute arbitrary code.

The vulnerability of FortiWeb web applications’ network firewalls is related to the use of an uncontrolled format string. Exploiting this vulnerability could allow a hacker to execute arbitrary code...

CVE-2023-2186

On Triangle MicroWorks' SCADA Data Gateway version = v5.01.03, an unauthenticated attacker can send a specially crafted broadcast message including format string characters to the SCADA Data Gateway to perform unrestricted memory reads.An unauthenticated user can use this format string...

Format string

On Triangle MicroWorks' SCADA Data Gateway version = v5.01.03, an unauthenticated attacker can send a specially crafted broadcast message including format string characters to the SCADA Data Gateway to perform unrestricted memory reads.An unauthenticated user can use this format string...

CVE-2023-2186

CVE-2023-2186 affects Triangle MicroWorks SCADA Data Gateway

Triangle MicroWorks SCADA Data Gateway 格式化字符串错误漏洞

Triangle MicroWorks SCADA Data Gateway is a SCADA data gateway product from Triangle MicroWorks, Inc. A formatting string error vulnerability exists in Triangle MicroWorks SCADA Data Gateway, which can be exploited by an attacker to execute arbitrary code and gain host privileges...

PT-2023-3606 · Zyxel · Zyxel Usg Flex Series +4

Name of the Vulnerable Software and Affected Versions: Zyxel ATP series versions 5.10 through 5.36 Patch 2 Zyxel USG FLEX series versions 5.00 through 5.36 Patch 2 Zyxel USG FLEX 50W series versions 5.10 through 5.36 Patch 2 Zyxel USG20W-VPN series versions 5.10 through 5.36 Patch 2 Zyxel VPN...

The vulnerability of the Zyxel NBG-418N v2 Wi-Fi router’s microprogramming software, related to the use of uncontrolled format strings, allows a hacker to trigger a service failure.

The vulnerability of the microprogrammed Wi-Fi router Zyxel NBG-418N v2 lies in the use of uncontrolled format strings when processing binary files. Exploiting this vulnerability allows a remote attacker to cause service interruptions by sending specially crafted packets...

Huawei EulerOS: Security Advisory for tcl (EulerOS-SA-2023-1728)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS Virtualization 3.0.2.0 : tcl (EulerOS-SA-2023-1728)

According to the versions of the tcl packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - In Tcl 8.6.11, a format string vulnerability in nmakehlp.c might allow code execution via a crafted file. NOTE: multiple third parti...

CVE-2023-21497

Use of externally-controlled format string vulnerability in mPOS TUI trustlet prior to SMR May-2023 Release 1 allows local attackers to access the memory address...

Format string

Use of externally-controlled format string vulnerability in mPOS TUI trustlet prior to SMR May-2023 Release 1 allows local attackers to access the memory address...