8511 matches found
Qnap QTS and QuTS hero Use of Externally-Controlled Format String (CVE-2024-50400)
A use of externally-controlled format string vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow remote attackers who have gained administrator access to obtain secret data or modify memory. We have already fixed the...
Qnap QTS and QuTS hero Use of Externally-Controlled Format String (CVE-2024-50403)
A use of externally-controlled format string vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow remote attackers who have gained administrator access to obtain secret data or modify memory. We have already fixed the...
Qnap QTS and QuTS hero Use of Externally-Controlled Format String (CVE-2024-50399)
A use of externally-controlled format string vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow remote attackers who have gained administrator access to obtain secret data or modify memory. We have already fixed the...
Qnap QTS and QuTS hero Use of Externally-Controlled Format String (CVE-2024-50401)
A use of externally-controlled format string vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow remote attackers who have gained administrator access to obtain secret data or modify memory. We have already fixed the...
Qnap QTS and QuTS hero Use of Externally-Controlled Format String (CVE-2024-50396)
A use of externally-controlled format string vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow remote attackers to obtain secret data or modify memory. We have already fixed the vulnerability in the following versions: QT...
Qnap QTS and QuTS hero Use of Externally-Controlled Format String (CVE-2024-50398)
A use of externally-controlled format string vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow remote attackers who have gained administrator access to obtain secret data or modify memory. We have already fixed the...
Qnap QTS and QuTS hero Use of Externally-Controlled Format String (CVE-2024-50402)
A use of externally-controlled format string vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow remote attackers who have gained administrator access to obtain secret data or modify memory. We have already fixed the...
Qnap QTS and QuTS hero Use of Externally-Controlled Format String (CVE-2024-50397)
A use of externally-controlled format string vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow remote attackers who have gained user access to obtain secret data or modify memory. We have already fixed the vulnerability i...
CLSA-2025-1765310613 python-jinja2: Fix of CVE-2024-56326
CVE-2024-56326: fix format string vulnerability impacting users of applications which execute untrusted template...
CLSA-2025-1765287413 python-jinja2: Fix of CVE-2024-56326
CVE-2024-56326: fix format string vulnerability impacting users of applications which execute untrusted template...
crackme-project
Crackme - Binary Exploitation Challenge Projektbeschreibun...
CVE-2025-11780
Stack-based buffer overflow vulnerability in Circutor SGE-PLC1000/SGE-PLC50 v9.0.2. In the 'showMeterReport' function, there is an unlimited user input that is copied to a fixed-size buffer via 'sprintf'. The 'GetParametermeter' function retrieves the user input, which is directly incorporated in...
CVE-2025-52666
Improper neutralisation of format characters in the settings of Revive Adserver 5.5.2 and 6.0.1 and earlier versions causes an administrator user to disable the admin user console due to a fatal PHP error...
CVE-2025-60686
ToToLink routers (A720R V4.1.5cu.614_B20230630; LR1200GB V9.1.0u.6619_B20230130; NR1800X V9.1.0u.6681_B20230703) contain a local stack-based buffer overflow in infostat.cgi and cstecgi.cgi. Both binaries parse /proc/net/arp using sscanf() with the %s specifier into fixed-size stack buffers withou...
Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12
In the Linux kernel, the following vulnerability has been resolved: BPF: The %p% format string is rejected in bprintf-like helpers. static const char fmt = "%p%"; bpfTracePrintkkernel, fmt, sizeoffmt; The above BPF program is not rejected, but it causes a kernel warning at runtime: “Please remove...
Astra Linux - уязвимость в tcl8.6
In Tcl 8.6.11, a format string vulnerability in nmakehlp.c might allow code execution via a crafted file. NOTE: multiple third parties dispute the significance of this finding...
mmc: core: use sysfs_emit() instead of sprintf()
...
CVE-2025-48826
A format string vulnerability exists in the formPingCmd functionality of Planet WGR-500 v1.3411b190912. A specially crafted series of HTTP requests can lead to memory corruption. An attacker can send a series of HTTP requests to trigger this vulnerability...
CVE-2025-48826
A format string vulnerability exists in the formPingCmd functionality of Planet WGR-500 v1.3411b190912. A specially crafted series of HTTP requests can lead to memory corruption. An attacker can send a series of HTTP requests to trigger this vulnerability...
CVE-2025-48826
A format string vulnerability exists in the formPingCmd functionality of Planet WGR-500 v1.3411b190912. A specially crafted series of HTTP requests can lead to memory corruption. An attacker can send a series of HTTP requests to trigger this vulnerability...