SUSE CVE-2021-30145

A format string vulnerability in mpv through 0.33.0 allows user-assisted remote attackers to achieve code execution via a crafted m3u playlist file...

SUSE CVE-2021-35331

In Tcl 8.6.11, a format string vulnerability in nmakehlp.c might allow code execution via a crafted file. NOTE: multiple third parties dispute the significance of this finding...

SUSE CVE-2022-1215

A format string vulnerability was found in libinput...

SUSE CVE-2022-4639

A vulnerability, which was classified as critical, has been found in sslh. This issue affects the function hexdump of the file probe.c of the component Packet Dumping Handler. The manipulation of the argument msginfo leads to format string. The attack may be initiated remotely. The name of the...

SUSE CVE-2022-24051

MariaDB CONNECT Storage Engine Format String Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of MariaDB. Authentication is required to exploit this vulnerability. The specific flaw exists within the processing of SQL...

CVE-2022-43869

IBM Spectrum Scale 5.1.0.0 through 5.1.2.8 and 5.1.3.0 through 5.1.5.1 and IBM Elastic Storage System 6.1.0.0 through 6.1.2.4 and 6.1.3.0 through 6.1.4.1 could allow an authenticated user to cause a denial of service through the GUI using a format string attack. IBM X-Force ID: 239539...

CVE-2022-43869

IBM Spectrum Scale 5.1.0.0 through 5.1.2.8 and 5.1.3.0 through 5.1.5.1 and IBM Elastic Storage System 6.1.0.0 through 6.1.2.4 and 6.1.3.0 through 6.1.4.1 could allow an authenticated user to cause a denial of service through the GUI using a format string attack. IBM X-Force ID: 239539...

Format string

IBM Spectrum Scale 5.1.0.0 through 5.1.2.8 and 5.1.3.0 through 5.1.5.1 and IBM Elastic Storage System 6.1.0.0 through 6.1.2.4 and 6.1.3.0 through 6.1.4.1 could allow an authenticated user to cause a denial of service through the GUI using a format string attack. IBM X-Force ID: 239539...

PT-2023-20158

Name of the Vulnerable Software and Affected Versions DataHub affected versions not specified Description The issue concerns the AuthServiceClient in DataHub, which is responsible for managing accounts and authentication. It crafts JSON strings using format strings with user-controlled data,...

CVE-2023-21420

Use of Externally-Controlled Format String vulnerabilities in STST TA prior to SMR Jan-2023 Release 1 allows arbitrary code execution...

CVE-2023-21420

Use of Externally-Controlled Format String vulnerabilities in STST TA prior to SMR Jan-2023 Release 1 allows arbitrary code execution...

Format string

Use of Externally-Controlled Format String vulnerabilities in STST TA prior to SMR Jan-2023 Release 1 allows arbitrary code execution...

CVE-2023-21420

Use of Externally-Controlled Format String vulnerabilities in STST TA prior to SMR Jan-2023 Release 1 allows arbitrary code execution...

CVE-2023-21420

Use of Externally-Controlled Format String vulnerabilities in STST TA prior to SMR Jan-2023 Release 1 allows arbitrary code execution...

CVE-2023-21420

Technical details for CVE-2023-21420 are not publicly available in the provided documents. The entries mention an externally controlled format string issue in STST TA with arbitrary code execution but do not specify products, versions, impact, or fixes. Monitor for updates.

CVE-2022-43869 IBM Spectrum Scale denial of service

IBM Spectrum Scale 5.1.0.0 through 5.1.2.8 and 5.1.3.0 through 5.1.5.1 and IBM Elastic Storage System 6.1.0.0 through 6.1.2.4 and 6.1.3.0 through 6.1.4.1 could allow an authenticated user to cause a denial of service through the GUI using a format string attack. IBM X-Force ID: 239539...

CVE-2022-43869

Summary: CVE-2022-43869 affects IBM Spectrum Scale (versions 5.1.0.0–5.1.2.8 and 5.1.3.0–5.1.5.1) and IBM Elastic Storage System (ESS) (6.1.0.0–6.1.2.4 and 6.1.3.0–6.1.4.1). An authenticated user can cause a denial of service through the GUI by exploiting a format-string vulnerability in the GUI ...

SOUND4 LinkAndShare Transmitter 1.1.2 Format String Stack Buffer Overflow

Summary The SOUND4 Link&Share L&S is a simple and open protocol that allow users to remotely control SOUND4 processors through a network connection. SOUND4 offers a tool that manage sending L&S commands to your processors: the Link&Share Transmitter. Description The application suffers from a...

New High-Severity Vulnerabilities Discovered in Cisco IOx and F5 BIG-IP Products

F5 has warned of a high-severity flaw impacting BIG-IP appliances that could lead to denial-of-service DoS or arbitrary code execution. The issue is rooted in the iControl Simple Object Access Protocol SOAP interface and affects the following versions of BIG-IP - 13.1.5 14.1.4.6 - 14.1.5 15.1.5.1...

CVE-2023-22374

A format string vulnerability exists in iControl SOAP that allows an authenticated attacker to crash the iControl SOAP CGI process or, potentially execute arbitrary code. In appliance mode BIG-IP, a successful exploit of this vulnerability can allow the attacker to cross a security boundary. Note...