CVE-2026-29974

An issue was discovered in kosma minmea 0.3.0. The minmeascan functions format specifier copies NMEA field data to a caller-provided buffer without a size parameter. Applications using minmeascan on untrusted input are vulnerable to a stack buffer overflow...

PT-2026-39143

Name of the Vulnerable Software and Affected Versions kosma minmea version 0.3.0 Description A stack buffer overflow exists in the minmea scan function. The format specifier within this function copies NMEA field data into a buffer provided by the caller without utilizing a size parameter. This c...

CLSA-2026-1775749004 ImageMagick: Fix of 4 CVEs

CVE-2026-25968: stack buffer overflow in MSL image-processing language via WriteMSLImage recursion - CVE-2026-25897: out-of-bounds heap write in SUN decoder on 32-bit systems via integer overflow in pixel buffer allocation - CVE-2025-53014: out-of-bounds read in InterpretImageFilename when...

CVE-2017-18694

An issue was discovered on Samsung mobile devices with software through 2016-10-25 Exynos5 chipsets. Attackers can read kernel addresses in the log because an incorrect format specifier is used. The Samsung ID is SVE-2016-7551 January 2017...

EUVD-2017-9785

Malware in sbrugna...

EUVD-2018-1813

Malware in sbrugna...

Linux Distros Unpatched Vulnerability : CVE-2018-1000052

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - fmtlib version prior to version 4.1.0 before commit 0555cea5fc0bf890afe0071a558e44625a34ba85 contains a Memory corruption SIGSEGV, CWE-134 vulnerability in...

Security update for ImageMagick

This update for ImageMagick fixes the following issues: CVE-2025-53014: Fixed an off-by-one error may cause an out-of-bounds memory access bsc1246530 CVE-2025-53019: Fixed format specifiers in a filename template may cause a memory leak bsc1246534 CVE-2025-53101: Fixed input manipulation may lead...

PT-2025-22199

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A vulnerability in the Linux kernel has been resolved, related to the trace event verifier. The verifier checks the formats of trace events to ensure they do not point to memory that is...

(Pwn2Own) Silicon Labs Gecko OS Debug Interface Format String Information Disclosure Vulnerability

This vulnerability allows network-adjacent attackers to disclose sensitive information on affected installations of Silicon Labs Gecko OS. Authentication is not required to exploit this vulnerability. The specific flaw exists within the debug interface. The issue results from the lack of proper...

CVE-2024-6145

Actiontec WCB6200Q Cookie Format String Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Actiontec WCB6200Q routers. Authentication is not required to exploit this vulnerability. The specific flaw exis...

EulerOS 2.0 SP8 : git (EulerOS-SA-2023-1594)

According to the versions of the git packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Git is distributed revision control system. gitattributes are a mechanism to allow defining attributes for paths. These attributes can be defined b...

CVE-2022-43619

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-1935 1.03 routers. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the...

Design/Logic Flaw

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-1935 1.03 routers. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the...

PT-2021-20794 · Foxit · Foxit Pdf Reader

Name of the Vulnerable Software and Affected Versions: Foxit PDF Reader affected versions not specified Description: This issue allows remote attackers to disclose sensitive information on affected installations. User interaction is required, where the target must visit a malicious page or open a...

CVE-2017-18694

An issue was discovered on Samsung mobile devices with software through 2016-10-25 Exynos5 chipsets. Attackers can read kernel addresses in the log because an incorrect format specifier is used. The Samsung ID is SVE-2016-7551 January 2017...

Format string

An issue was discovered on Samsung mobile devices with software through 2016-10-25 Exynos5 chipsets. Attackers can read kernel addresses in the log because an incorrect format specifier is used. The Samsung ID is SVE-2016-7551 January 2017...

CVE-2017-18694

CVE-2017-18694 affects Samsung mobile devices with Exynos5 software up to 2016-10-25. Root cause: an incorrect format specifier in the logging path allows reading kernel addresses from logs, enabling information disclosure. Impact per sources: kernel addresses disclosed; no exploitation details p...

CVE-2020-5204

In uftpd before 2.11, there is a buffer overflow vulnerability in handlePORT in ftpcmd.c that is caused by a buffer that is 16 bytes large being filled via sprintf with user input based on the format specifier string %d.%d.%d.%d. The 16 byte size is correct for valid IPv4 addresses...

Buffer overflow

In uftpd before 2.11, there is a buffer overflow vulnerability in handlePORT in ftpcmd.c that is caused by a buffer that is 16 bytes large being filled via sprintf with user input based on the format specifier string %d.%d.%d.%d. The 16 byte size is correct for valid IPv4 addresses...