Multiple Schneider Electric Products Formatting String Error Vulnerability

Schneider Electric MEG6501-0001-U.motion KNX server and others are a web-based visualization system from Schneider Electric France. The system is mainly used for KNX-based home and building automation. A formatting string error vulnerability exists in several Schneider Electric products. An...

Non-stack format string exploit techniques-vulnerability warning-the black bar safety net

On Linux the stack format string vulnerability in the use of online has many explanations, but non-stack format string vulnerability few people introduced. This is mainly over weekends SUCTF game playfmt topic, for example, detail about the bss segment or on the heap format strings the use of...

CVE-2019-1204

An elevation of privilege vulnerability exists when Microsoft Outlook initiates processing of incoming messages without sufficient validation of the formatting of the messages. An attacker who successfully exploited the vulnerability could attempt to force Outlook to load a local or remote messag...

CVE-2019-1204

An elevation of privilege vulnerability exists when Microsoft Outlook initiates processing of incoming messages without sufficient validation of the formatting of the messages. An attacker who successfully exploited the vulnerability could attempt to force Outlook to load a local or remote messag...

Microsoft Outlook Elevation of Privilege Vulnerability

An elevation of privilege vulnerability exists when Microsoft Outlook initiates processing of incoming messages without sufficient validation of the formatting of the messages. An attacker who successfully exploited the vulnerability could attempt to force Outlook to load a local or remote messag...

cPanel Formatting String Error Vulnerability (CNVD-2019-33873)

cPanel is a set of Web-based automated colocation platform from the US-based cPanel. The platform is primarily used to automate the management of websites and servers. A formatting string error vulnerability exists in cPanel. Detailed vulnerability details are not available at this time...

curl: Heap-based buffer over-read in the curl tool warning formatting

Curl versions 7.14.1 through 7.61.1 are vulnerable to a heap-based buffer over-read in the toolmsgs.c:voutf function that may result in information exposure and denial of service...

cPanel Formatting String Error Vulnerability (CNVD-2019-33888)

cPanel is a set of Web-based automated colocation platform from the US-based cPanel. The platform is primarily used to automate the management of websites and servers. A formatting string error vulnerability exists in cPanel, no details of the vulnerability are available at this time...

cPanel Formatting String Error Vulnerability (CNVD-2019-33887)

cPanel is a set of Web-based automated colocation platform from the US-based cPanel. The platform is primarily used to automate the management of websites and servers. A formatting string error vulnerability exists in cPanel. Detailed vulnerability details are not available at this time...

Unspecified Vulnerability in Akeo Consulting Rufus

Akeo Consulting Rufus is an open source formatting tool for USB drives and other storage devices. A security vulnerability exists in Akeo Consulting Rufus 3.0 and earlier versions. An attacker can exploit the vulnerability to execute arbitrary code with elevated privileges...

DEBIAN-CVE-2019-13118

In numbers.c in libxslt 1.1.33, a type holding grouping characters of an xsl:number instruction was too narrow and an invalid character/length combination could be passed to xsltNumberFormatDecimal, leading to a read of uninitialized stack data...

CVE-2019-13118

In numbers.c in libxslt 1.1.33, a type holding grouping characters of an xsl:number instruction was too narrow and an invalid character/length combination could be passed to xsltNumberFormatDecimal, leading to a read of uninitialized stack data...

CVE-2019-13117

In numbers.c in libxslt 1.1.33, an xsl:number with certain format strings could lead to a uninitialized read in xsltNumberFormatInsertNumbers. This could allow an attacker to discern whether a byte on the stack contains the characters A, a, I, i, or 0, or any other character...

CVE-2019-12966

FeHelper through 2019-06-19 allows arbitrary code execution during a JSON format operation, as demonstrated by the "a":functionconfirm1 input...

curl: Heap-based buffer over-read in the curl tool warning formatting

Curl versions 7.14.1 through 7.61.1 are vulnerable to a heap-based buffer over-read in the toolmsgs.c:voutf function that may result in information exposure and denial of service...

Crosslinked - LinkedIn Enumeration Tool To Extract Valid Employee Names From An Organization Through Search Engine Scraping

CrossLinked simplifies the processes of searching LinkedIn to collect valid employee names when performing password spraying or another security testing against an organization. Using similar search engine scraping capabilities found in tools like subscraper and pymeta, CrossLinked will find vali...

Motorola CX2 and Motorola M2 Formatting String Error Vulnerability

The Motorola M2 and Motorola CX2 are both products of Motorola, Inc.The Motorola M2 is a smartphone.The Motorola CX2 is a wireless router. A formatting string error vulnerability exists in scopd in Motorola CX2 version 1.01 and Motorola M2 version 1.01. There is an external control over the use o...

python-jinja2: str.format_map allows sandbox escape

A flaw was found in Jinja. Python string formatting could allow an attacker to escape the sandbox. The highest threat from this vulnerability is to data confidentiality and integrity and system availability...

Buffer Overflow

PostgreSQL is an advanced object-relational database management system DBMS. An information leak flaw was found in the way the PostgreSQL database server handled certain error messages. An authenticated database user could possibly obtain the results of a query they did not have privileges to...

[SECURITY] Fedora 30 Update: simple-scan-3.32.2-2.fc30

Simple Scan is an easy-to-use application, designed to let users connect th eir scanner and quickly have the image/document in an appropriate format...