8515 matches found
CVE-2025-38528
CVE-2025-38528: In the Linux kernel, a BPF format-string handling flaw in bpf_bprintf_prepare could fail to reject a crafted %\x00 sequence, allowing a runtime kernel warning when a BPF program uses %p% (as shown by the example). A patch fixes this by ensuring punctuation isn’t skipped during pro...
CVE-2025-38528
In the Linux kernel, the following vulnerability has been resolved: bpf: Reject %p% format string in bprintf-like helpers static const char fmt = "%p%"; bpftraceprintkfmt, sizeoffmt; The above BPF program isn't rejected and causes a kernel warning at runtime: Please remove unsupported %\x00 in...
CVE-2025-38528 bpf: Reject %p% format string in bprintf-like helpers
In the Linux kernel, the following vulnerability has been resolved: bpf: Reject %p% format string in bprintf-like helpers static const char fmt = "%p%"; bpftraceprintkfmt, sizeoffmt; The above BPF program isn't rejected and causes a kernel warning at runtime: Please remove unsupported %\x00 in...
PT-2025-33571
Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The Linux kernel contains a flaw in the BPF subsystem where the %p% format string in bprintf-like helpers is not rejected. This results in a kernel warning at runtime, specifically...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the bpf rejection of the %p% format string, which may result in a kernel warning...
CVE-2012-10055
ComSndFTP FTP Server version 1.3.7 Beta contains a format string vulnerability in its handling of the USER command. By sending a specially crafted username containing format specifiers, a remote attacker can overwrite a hardcoded function pointer in memory specifically WSACleanup from Ws232.dll...
CVE-2012-10055
ComSndFTP FTP Server version 1.3.7 Beta contains a format string vulnerability in its handling of the USER command. By sending a specially crafted username containing format specifiers, a remote attacker can overwrite a hardcoded function pointer in memory specifically WSACleanup from Ws232.dll...
CVE-2012-10055 ComSndFTP v1.3.7 Beta USER Format String RCE
ComSndFTP FTP Server version 1.3.7 Beta contains a format string vulnerability in its handling of the USER command. By sending a specially crafted username containing format specifiers, a remote attacker can overwrite a hardcoded function pointer in memory specifically WSACleanup from Ws232.dll...
CVE-2012-10055 ComSndFTP v1.3.7 Beta USER Format String RCE
ComSndFTP FTP Server version 1.3.7 Beta contains a format string vulnerability in its handling of the USER command. By sending a specially crafted username containing format specifiers, a remote attacker can overwrite a hardcoded function pointer in memory specifically WSACleanup from Ws232.dll...
CVE-2012-10055
CVE-2012-10055 affects ComSndFTP FTP Server v1.3.7 Beta. The vulnerability is a format-string flaw in the handling of the USER command that can overwrite a hardcoded function pointer (WSACleanup from Ws2_32.dll) in memory, enabling an attacker to redirect control flow and bypass DEP via a ROP cha...
ComSndFTP FTP Server 安全漏洞
ComSndFTP FTP Server is an FTP server software from ComSndFTP, Inc. A security vulnerability exists in ComSndFTP FTP Server version 1.3.7 Beta that stems from a format string vulnerability in the handling of the USER command, which could lead to the execution of arbitrary code...
PT-2025-33090 · Unknown +1 · Comsndftp Ftp Server +1
Name of the Vulnerable Software and Affected Versions: ComSndFTP FTP Server version 1.3.7 Beta Description: ComSndFTP FTP Server version 1.3.7 Beta contains a format string vulnerability in its handling of the USER command. Sending a specially crafted username with format specifiers allows a remo...
CVE-2025-40600
Use of Externally-Controlled Format String vulnerability in the SonicOS SSL VPN interface allows a remote unauthenticated attacker to cause service disruption...
CVE-2025-40600
Use of Externally-Controlled Format String vulnerability in the SonicOS SSL VPN interface allows a remote unauthenticated attacker to cause service disruption...
CVE-2025-40600
Use of Externally-Controlled Format String vulnerability in the SonicOS SSL VPN interface allows a remote unauthenticated attacker to cause service disruption...
CVE-2025-46123
An issue was discovered in CommScope Ruckus Unleashed prior to 200.15.6.212.14 and 200.17.7.0.139, and in Ruckus ZoneDirector prior to 10.5.1.0.279, where the authenticated configuration endpoint /admin/conf.jsp writes the Wi-Fi guest password to memory with snprintf using the attacker-supplied...
CVE-2025-46121
An issue was discovered in CommScope Ruckus Unleashed prior to 200.15.6.212.14 and 200.17.7.0.139, where the functions stamgrcfgadptaddStaFavourite and stamgrcfgadptaddStaIot pass a client hostname directly to snprintf as the format string. A remote attacker can exploit this flaw either by sendin...
CVE-2025-46123
An issue was discovered in CommScope Ruckus Unleashed prior to 200.15.6.212.14 and 200.17.7.0.139, and in Ruckus ZoneDirector prior to 10.5.1.0.279, where the authenticated configuration endpoint /admin/conf.jsp writes the Wi-Fi guest password to memory with snprintf using the attacker-supplied...
CVE-2025-46121
An issue was discovered in CommScope Ruckus Unleashed prior to 200.15.6.212.14 and 200.17.7.0.139, where the functions stamgrcfgadptaddStaFavourite and stamgrcfgadptaddStaIot pass a client hostname directly to snprintf as the format string. A remote attacker can exploit this flaw either by sendin...
CVE-2025-46121
An issue was discovered in CommScope Ruckus Unleashed prior to 200.15.6.212.14 and 200.17.7.0.139, where the functions stamgrcfgadptaddStaFavourite and stamgrcfgadptaddStaIot pass a client hostname directly to snprintf as the format string. A remote attacker can exploit this flaw either by sendin...