47 matches found
Use of Externally-Controlled Format String
Overview Affected versions of this package are vulnerable to Use of Externally-Controlled Format String in the timeofday function when processing crafted timezone zones. An attacker can access portions of server memory by supplying specially crafted input to the timeofday function. Remediation A...
Use of Externally-Controlled Format String
Overview json is a JSON implementation as a Ruby extension in C. Affected versions of this package are vulnerable to Use of Externally-Controlled Format String in JSON.parsedoc, allowduplicatekey: false. An attacker can cause denial of service or disclose sensitive information via malicious forma...
Qnap QTS and QuTS hero Use of Externally-Controlled Format String (CVE-2025-53407)
A use of externally-controlled format string vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to obtain secret data or modify memory. We have already fixed the vulnerabili...
Qnap QTS and QuTS hero Use of Externally-Controlled Format String (CVE-2024-50397)
A use of externally-controlled format string vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow remote attackers who have gained user access to obtain secret data or modify memory. We have already fixed the vulnerability i...
Qnap QTS and QuTS hero Use of Externally-Controlled Format String (CVE-2024-50403)
A use of externally-controlled format string vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow remote attackers who have gained administrator access to obtain secret data or modify memory. We have already fixed the...
EUVD-2024-45081
Malicious code in bioql PyPI...
EUVD-2024-54211
Malicious code in bioql PyPI...
EUVD-2022-7269
Malicious code in bioql PyPI...
EUVD-2024-38055
Malicious code in bioql PyPI...
EUVD-2024-21344
Malicious code in bioql PyPI...
EUVD-2024-45079
Malicious code in bioql PyPI...
EUVD-2024-41441
Malicious code in bioql PyPI...
Use of Externally-Controlled Format String
Overview Magick.NET-Q8-x64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package are...
CVE-2025-40600
Use of Externally-Controlled Format String vulnerability in the SonicOS SSL VPN interface allows a remote unauthenticated attacker to cause service disruption...
CVE-2025-22482
A use of externally-controlled format string vulnerability has been reported to affect Qsync Central. If exploited, the vulnerability could allow remote attackers who have gained user access to obtain secret data or modify memory. We have already fixed the vulnerability in the following version:...
CVE-2024-50399
A use of externally-controlled format string vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow remote attackers who have gained administrator access to obtain secret data or modify memory. We have already fixed the...
CVE-2024-50396
A use of externally-controlled format string vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow remote attackers to obtain secret data or modify memory. We have already fixed the vulnerability in the following versions: QT...
CVE-2023-21420
Use of Externally-Controlled Format String vulnerabilities in STST TA prior to SMR Jan-2023 Release 1 allows arbitrary code execution...
PT-2024-10311 · Qnap · Qnap Qts +1
Name of the Vulnerable Software and Affected Versions: QNAP QTS versions prior to 5.2.2.2950 build 20241114 QNAP QuTS hero versions prior to 5.2.2.2952 build 20241116 Description: A use of externally-controlled format string issue has been reported to affect several QNAP operating system versions...
CVE-2024-50400
A use of externally-controlled format string vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow remote attackers who have gained administrator access to obtain secret data or modify memory. We have already fixed the...