CVE-2019-11287

Pivotal RabbitMQ, versions 3.7.x prior to 3.7.21 and 3.8.x prior to 3.8.1, and RabbitMQ for Pivotal Platform, 1.16.x versions prior to 1.16.7 and 1.17.x versions prior to 1.17.4, contain a web management plugin that is vulnerable to a denial of service attack. The "X-Reason" HTTP Header can be...

CVE-2012-0824

gnusound 0.7.5 has format string issue...

CVE-2012-0824

gnusound 0.7.5 has format string issue...

Format string

gnusound 0.7.5 has format string issue...

CVE-2012-0824

gnusound 0.7.5 has format string issue...

CVE-2012-0824

CVE-2012-0824 affects gnusound 0.7.5 with a format string issue (root cause: improper format string handling). Public data in the initial doc shows CVSS metrics: CVSS v2 base 7.5 (HIGH) and CVSS v3.1 base 9.8 (CRITICAL). No explicit exploitation details or affected versions beyond 0.7.5 are provi...

CVE-2011-1588

Thunar before 1.3.1 could crash when copy and pasting a file name with % format characters due to a format string error...

CVE-2011-1588

Thunar before 1.3.1 could crash when copy and pasting a file name with % format characters due to a format string error...

Format string

Thunar before 1.3.1 could crash when copy and pasting a file name with % format characters due to a format string error...

CVE-2011-1588

Thunar before 1.3.1 could crash when copy and pasting a file name with % format characters due to a format string error...

CVE-2011-1588

CVE-2011-1588 affects Thunar up to version 1.3.1, where a crash can occur when copying and pasting a file name containing % format characters due to a format string error. The root cause is a faulty format string handling in the relevant code path. The connected advisories indicate a fix in the O...

Cisco Ios Use of Externally-Controlled Format String

Format String vulnerability in the Link Layer Discovery Protocol LLDP subsystem of Cisco IOS Software, Cisco IOS XE Software, and Cisco IOS XR Software could allow an unauthenticated, adjacent attacker to cause a denial of service DoS condition or execute arbitrary code with elevated privileges o...

EulerOS 2.0 SP5 : udisks2 (EulerOS-SA-2019-2193)

According to the version of the udisks2 packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - UDisks 2.8.0 has a format string vulnerability in udiskslog in udiskslogging.c, allowing attackers to obtain sensitive information stack contents,...

Xen Project VCPUOP_initialise DoS (XSA-296)

According to its self-reported version number, the Xen hypervisor installed on the remote host is affected by a denial of service vulnerability due to poor handling of an invalid format string in 'hypercallcreatecontinuation'. This function can be reached via a long-running 'VCPUOPinitialise'...

ALPINE-CVE-2019-18420

An issue was discovered in Xen through 4.12.x allowing x86 PV guest OS users to cause a denial of service via a VCPUOPinitialise hypercall. hypercallcreatecontinuation is a variadic function which uses a printf-like format string to interpret its parameters. Error handling for a bad format...

VCPUOP_initialise DoS

ISSUE DESCRIPTION hypercallcreatecontinuation is a variadic function which uses a printf-like format string to interpret its parameters. Error handling for a bad format character was done using BUG, which crashes Xen. One path, via the VCPUOPinitialise hypercall, has a bad format character. The B...

NewStart CGSL CORE 5.04 / MAIN 5.04 : udisks2 Vulnerability (NS-SA-2019-0201)

The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has udisks2 packages installed that are affected by a vulnerability: - UDisks 2.8.0 has a format string vulnerability in udiskslog in udiskslogging.c, allowing attackers to obtain sensitive information stack contents, cause a...

CVE-2018-14661

It was found that usage of snprintf function in feature/locks translator of glusterfs server was vulnerable to a format string attack. A remote, authenticated attacker could use this flaw to cause remote denial of service...

CVE-2008-1333

Format string vulnerability in Asterisk Open Source 1.6.x before 1.6.0-beta6 might allow remote attackers to execute arbitrary code via logging messages that are not properly handled by 1 the astverbose logging API call, or 2 the astmanappend function...

CVE-2008-5660

Format string vulnerability in the vinagreutilsshowerror function src/vinagre-utils.c in Vinagre 0.5.x before 0.5.2 and 2.x before 2.24.2 might allow remote attackers to execute arbitrary code via format string specifiers in a crafted URI or VNC server response...