262 matches found
NETGEAR Nighthawk 安全漏洞
The NETGEAR Nighthawk WiFi6 Router is a series of wireless routers from NETGEAR. The NETGEAR Nighthawk WiFi6 Router suffers from a code execution vulnerability that stems from the device containing format strings in the SOAP service, which can be exploited by an attacker to execute arbitrary code...
SUSE CVE-2006-1905
Multiple format string vulnerabilities in xiTK xitk/main.c in xine 0.99.3 allow remote attackers to execute arbitrary code via format string specifiers in a long filename on an EXTINFO line in a playlist file...
SUSE CVE-2006-2453
Multiple unspecified format string vulnerabilities in Dia have unspecified impact and attack vectors, a different set of issues than CVE-2006-2480...
SUSE CVE-2007-3388
Multiple format string vulnerabilities in 1 qtextedit.cpp, 2 qdatatable.cpp, 3 qsqldatabase.cpp, 4 qsqlindex.cpp, 5 qsqlrecord.cpp, 6 qglobal.cpp, and 7 qsvgdevice.cpp in QTextEdit in Trolltech Qt 3 before 3.3.8 20070727 allow remote attackers to execute arbitrary code via format string specifier...
SUSE CVE-2018-7186
Leptonica before 1.75.3 does not limit the number of characters in a %s format argument to fscanf or sscanf, which allows remote attackers to cause a denial of service stack-based buffer overflow or possibly have unspecified other impact via a long string, as demonstrated by the gplotRead and...
Authentication flaw
DataHub is an open-source metadata platform. The AuthServiceClient which is responsible for creation of new accounts, verifying credentials, resetting them or requesting access tokens, crafts multiple JSON strings using format strings with user-controlled data. This means that an attacker may be...
The vulnerability of the RTSP-based microprogramming software for IP cameras such as VPort P16-1MP-M12, VPort P16-1MP-M12-IR, and VPort P06-1MP-M12 allows a intruder to cause a service failure.
The vulnerability of the RTSP microprogramming software-based IP camera models VPort P16-1MP-M12, VPort P16-1MP-M12-IR, and VPort P06-1MP-M12 lies in the use of uncontrolled format strings. Exploiting this vulnerability could allow a malicious actor to cause service failure...
PT-2022-5484 · Unknown · Vport P06-1Mp-M12 +1
Name of the Vulnerable Software and Affected Versions: VPort P16-1MP-M12, VPort P16-1MP-M12-IR, VPort P06-1MP-M12 affected versions not specified Description: The issue is related to the use of uncontrolled format strings in the RTSP service of the IP camera microprogram. Exploitation of this iss...
The vulnerability of NAS storage systems (Network Attached Storage) such as NAS326, NAS540, and NAS542 lies in the use of uncontrolled format strings, which allow attackers to execute arbitrary code.
The vulnerability of NAS storage systems Network Attached Storage such as NAS326, NAS540, and NAS542 is related to the use of uncontrolled format strings. Exploiting this vulnerability could allow a remote attacker to execute arbitrary code using a specially created UDP packet...
CVE-2022-2652
Depending on the way the format strings in the card label are crafted it's possible to leak kernel stack memory. There is also the possibility for DoS due to the v4l2loopback kernel module crashing when providing the card label on request reproduce e.g. with many %s modifiers in a row...
CVE-2022-2652
CVE-2022-2652 concerns the v4l2loopback kernel module. The vulnerability arises from how format strings are crafted in the card label, allowing kernel stack memory leakage and, in some cases, a DoS via v4l2loopback crashing when the label is requested (e.g., with many %s modifiers). Multiple open...
PT-2022-17916 · Unknown +3 · V4L2Loopback +3
Name of the Vulnerable Software and Affected Versions: v4l2loopback affected versions not specified Description: The issue allows for potential kernel stack memory leakage due to improperly crafted format strings in the card label. Additionally, there is a possibility of a Denial of Service DoS...
The vulnerability of the sdp_media_set_lattr() function in the Wire Secure Messenger application, related to the use of uncontrolled format strings, allows a hacker to execute arbitrary code or cause a service failure.
The vulnerability of the sdpmediasetlattr function in the Wire Secure Messenger messaging application is related to the use of uncontrolled format strings. Exploiting this vulnerability could allow a malicious actor to execute arbitrary code or cause service failures...
The vulnerability of ASUS RT-AX88U Wi-Fi router’s microprogramming software, related to the use of uncontrolled format strings, allows a hacker to execute arbitrary code.
The vulnerability of ASUS RT-AX88U Wi-Fi router’s microprogramming software is related to the use of uncontrolled format strings. Exploiting this vulnerability could allow a remote attacker to execute arbitrary code...
CVE-2022-31753
The voice wakeup module has a vulnerability of using externally-controlled format strings. Successful exploitation of this vulnerability may affect system availability...
Format string
The voice wakeup module has a vulnerability of using externally-controlled format strings. Successful exploitation of this vulnerability may affect system availability...
CVE-2022-31753
The CVE-2022-31753 entry describes a vulnerability in the voice wakeup module where externally-controlled format strings can be exploited, potentially impacting system availability. Connected sources attribute the issue to Huawei/HarmonyOS implementations (notably HarmonyOS 2.0) and reiterate tha...
CVE-2022-31753
The voice wakeup module has a vulnerability of using externally-controlled format strings. Successful exploitation of this vulnerability may affect system availability...
ROS-20220516-10
A vulnerability in the evdevlogmsg function of the libinput library's implementation of the X.Org and Wayland display server protocols is related to the use of uncontrolled format strings. Wayland is related to the use of uncontrolled format strings. Exploitation of the vulnerability could allow ...
openSUSE: Security Advisory for rust, (openSUSE-SU-2022:0843-1)
The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...