Lucene search
K

8517 matches found

Debian CVE
Debian CVE
added 2014/02/10 5:0 p.m.36 views

CVE-2012-3406

The vfprintf function in stdio-common/vfprintf.c in GNU C Library aka glibc 2.5, 2.12, and probably other versions does not "properly restrict the use of" the alloca function when allocating the SPECS array, which allows context-dependent attackers to bypass the FORTIFYSOURCE format-string...

6.8CVSS7.4AI score0.03163EPSS
Exploits0
Debian CVE
Debian CVE
added 2014/02/10 5:0 p.m.20 views

CVE-2011-4930

Multiple format string vulnerabilities in Condor 7.2.0 through 7.6.4, and possibly certain 7.7.x versions, as used in Red Hat MRG Grid and possibly other products, allow local users to cause a denial of service condorschedd daemon and failure to launch jobs and possibly execute arbitrary code via...

4.4CVSS7.5AI score0.00586EPSS
Exploits0
Debian CVE
Debian CVE
added 2014/02/10 5:0 p.m.33 views

CVE-2012-3404

The vfprintf function in stdio-common/vfprintf.c in libc in GNU C Library aka glibc 2.12 and other versions does not properly calculate a buffer length, which allows context-dependent attackers to bypass the FORTIFYSOURCE format-string protection mechanism and cause a denial of service stack...

5CVSS6.4AI score0.02225EPSS
Exploits1
Check Point Advisories
Check Point Advisories
added 2014/02/03 12:0 a.m.1 views

Solaris rwalld Format String - Ver2 (CVE-2002-0573)

A format string vulnerability has been reported in Sun Solaris. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

7.2AI score0.09217EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2014/01/27 12:0 a.m.44 views

Fedora 19 : rubygem-actionmailer-3.2.13-2.fc19 / rubygem-actionpack-3.2.13-4.fc19 / etc (2014-0970)

Avoid potential format string vulnerabilities where user-provided data is interpolated into the log message before String% is called. CVE-2013-4389. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted t...

4.3CVSS8.2AI score0.03135EPSS
Exploits1References5
NVD
NVD
added 2014/01/26 1:55 a.m.22 views

CVE-2013-7296

The JBIG2Stream::readSegments method in JBIG2Stream.cc in Poppler before 0.24.5 does not use the correct specifier within a format string, which allows context-dependent attackers to cause a denial of service segmentation fault and application crash via a crafted PDF file...

5CVSS6.1AI score0.02231EPSS
Exploits0References9
Prion
Prion
added 2014/01/26 1:55 a.m.28 views

Format string

The JBIG2Stream::readSegments method in JBIG2Stream.cc in Poppler before 0.24.5 does not use the correct specifier within a format string, which allows context-dependent attackers to cause a denial of service segmentation fault and application crash via a crafted PDF file...

5CVSS6.7AI score0.02231EPSS
Exploits0References9Affected Software1
Debian CVE
Debian CVE
added 2014/01/26 1:0 a.m.30 views

CVE-2013-7296

The JBIG2Stream::readSegments method in JBIG2Stream.cc in Poppler before 0.24.5 does not use the correct specifier within a format string, which allows context-dependent attackers to cause a denial of service segmentation fault and application crash via a crafted PDF file...

5CVSS5.9AI score0.02231EPSS
Exploits0
NVD
NVD
added 2014/01/24 4:55 p.m.23 views

CVE-2013-1886

Format string vulnerability in the token processing system pki-tps in Red Hat Certificate System RHCS 8.1 and possibly Dogtag Certificate System 9 and 10 allows remote authenticated users to cause a denial of service crash and possibly execute arbitrary code via format string specifiers in...

7.5CVSS7.3AI score0.0222EPSS
Exploits0References5
Prion
Prion
added 2014/01/24 4:55 p.m.17 views

Format string

Format string vulnerability in the token processing system pki-tps in Red Hat Certificate System RHCS 8.1 and possibly Dogtag Certificate System 9 and 10 allows remote authenticated users to cause a denial of service crash and possibly execute arbitrary code via format string specifiers in...

7.5CVSS7.8AI score0.0222EPSS
Exploits0References5Affected Software2
CVE
CVE
added 2014/01/24 4:0 p.m.67 views

CVE-2013-1886

CVE-2013-1886 is a format-string vulnerability in Red Hat Certificate System (RHCS) pki-tps (token processing system). The flaw, affecting RHCS 8.1 and possibly Dogtag Certificate System 9–10, could allow a remote authenticated user to crash the Apache HTTP Server or potentially execute arbitrary...

7.5CVSS7.5AI score0.0222EPSS
Exploits0References5Affected Software2
Cvelist
Cvelist
added 2014/01/24 4:0 p.m.30 views

CVE-2013-1886

Format string vulnerability in the token processing system pki-tps in Red Hat Certificate System RHCS 8.1 and possibly Dogtag Certificate System 9 and 10 allows remote authenticated users to cause a denial of service crash and possibly execute arbitrary code via format string specifiers in...

7.3AI score0.0222EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2014/01/24 12:0 a.m.31 views

Fedora 20 : qt3-3.3.8b-56.fc20 (2013-22847)

This update fixes CVE-2013-4549 XML Entity Expansion Denial of Service in Qt 3. See the Qt Project Security Advisory for details: http://lists.qt-project.org/pipermail/announce/2013-December/000036.ht ml In addition, this update fixes : - QTBUG-35459, a too low character limit for XML entities...

5CVSS6.2AI score0.03105EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2014/01/24 12:0 a.m.38 views

Fedora 19 : qt3-3.3.8b-56.fc19 (2013-22883)

This update fixes CVE-2013-4549 XML Entity Expansion Denial of Service in Qt 3. See the Qt Project Security Advisory for details: http://lists.qt-project.org/pipermail/announce/2013-December/000036.ht ml In addition, this update fixes : - QTBUG-35459, a too low character limit for XML entities...

5CVSS6.2AI score0.03105EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2014/01/13 12:0 a.m.13 views

Fedora 19 : mingw-poppler-0.22.5-2.fc19 (2014-0204)

Fix DoS due to a format string error. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. %NASLMINLEVEL...

5.5AI score
Exploits0References2
0day.today
0day.today
added 2014/01/12 12:0 a.m.32 views

ACE Stream Media 2.1 - (acestream://) Format String Exploit PoC

Exploit for multiple platform in category local exploits ACE Stream Media 2.1 acestream:// Format String Exploit PoC Vendor: ACE Stream Product web page: http://www.acestream.org Affected version: Ace Player HD 2.1.9 VLC 2.0.5 Summary: Ace Stream is an innovative multimedia platform of a new...

6.9AI score
Exploits0
Check Point Advisories
Check Point Advisories
added 2014/01/07 12:0 a.m.3 views

NetWin SurgeMail Webmail Server page Parameter Format String - Ver2 (CVE-2008-1055)

A format string vulnerability has been reported in NetWin SurgeMail and WebMail. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

7.5CVSS7.3AI score0.07946EPSS
Exploits1
Check Point Advisories
Check Point Advisories
added 2014/01/07 12:0 a.m.2 views

Solaris rwalld Format String - Ver2 (CVE-2002-0573)

A format string vulnerability has been reported in Sun Solaris. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

7.5CVSS7.2AI score0.09217EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2014/01/06 12:0 a.m.35 views

Fedora 20 : poppler-0.24.3-3.fc20 (2014-0156)

Use correct format string for a syntax error. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues...

5CVSS5.4AI score0.02231EPSS
Exploits0References3
seebug.org
seebug.org
added 2014/01/06 12:0 a.m.27 views

Ace Stream Media "acestream://"格式字符串漏洞

Ace Stream Media是新一代的创新媒体平台。 该漏洞是由于解析“acestream://”URI时格式字符串错误,攻击者可以利用通过含“acestream://”流URI的播放列表文件漏洞破坏内存。 0 Ace Stream Media 2.x 目前厂商暂无提供补丁或者升级程序,我们建议使用此软件的用户随时关注厂商的主页以获取最新版本: http://acestream.org/ ACE Stream Media 2.1 acestream:// Format String Exploit PoC Vendor: ACE Stream Product web page:...

7.1AI score
Exploits0
Rows per page
Query Builder