EUVD-2018-12145

Malware in sbrugna...

EUVD-2011-1588

Malware in sbrugna...

ROS-20250930-07

Vulnerability of ImageMagick console graphic editor related to format string error in function "InterpretImageFilename" function. Exploitation of the vulnerability could allow a remote attacker to execute arbitrary code on the target system, execute arbitrary code on the target system Vulnerabili...

CVE-2025-38528 bpf: Reject %p% format string in bprintf-like helpers

In the Linux kernel, the following vulnerability has been resolved: bpf: Reject %p% format string in bprintf-like helpers static const char fmt = "%p%"; bpftraceprintkfmt, sizeoffmt; The above BPF program isn't rejected and causes a kernel warning at runtime: Please remove unsupported %\x00 in...

QNAP Systems QTS和QNAP Systems QuTS hero 格式化字符串错误漏洞

QNAP Systems QTS and QNAP Systems QuTS hero are both products of China Weilian Technology QNAP Systems.QNAP Systems QTS is an entry operating system.QNAP Systems QuTS hero is an operating system. A format string error vulnerability exists in QNAP Systems QTS prior to version 5.2.1.2930 build...

Zyxel ATP Formatting String Error Vulnerability

Zyxel ATP is a firewall from China Heqin Zyxel. A format string error vulnerability exists in Zyxel ATP versions 4.32 through 5.37 Patch 1, which stems from a format string vulnerability in the IPSec VPN feature...

Fortinet FortiOS 格式化字符串错误漏洞

Fortinet FortiOS is a Fortinet security operating system dedicated to the FortiGate network security platform. Fortinet FortiProxy is a secure network proxy that protects employees from network attacks by combining a variety of detection technologies such as Web filtering, DNS filtering, DLP,...

Triangle MicroWorks SCADA Data Gateway 格式化字符串错误漏洞

Triangle MicroWorks SCADA Data Gateway is a SCADA data gateway product from Triangle MicroWorks, Inc. A formatting string error vulnerability exists in Triangle MicroWorks SCADA Data Gateway, which can be exploited by an attacker to execute arbitrary code and gain host privileges...

D-Link DIR-1935 格式化字符串错误漏洞

The D-Link DIR-1935 is a wireless router from China-based AUO D-Link. The D-Link DIR-1935 suffers from a Format String Error vulnerability that arises from failure to properly validate a user-supplied string before using it as a format descriptor...

Fortinet FortiWeb 格式化字符串错误漏洞

Fortinet FortiWeb is a web application layer firewall from Fortinet that blocks threats such as cross-site scripting, SQL injection, cookie poisoning, schema poisoning and other attacks, secures web applications and protects sensitive database content. A formatted string error vulnerability exist...

SUSE CVE-2008-7159

The silcasn1encoder function in lib/silcasn1/silcasn1encode.c in Secure Internet Live Conferencing SILC Toolkit before 1.1.8 allows remote attackers to overwrite a stack location and possibly execute arbitrary code via a crafted OID value, related to incorrect use of a %lu format string...

SUSE CVE-2011-1588

Thunar before 1.3.1 could crash when copy and pasting a file name with % format characters due to a format string error...

SUSE CVE-2018-16554

The ProcessGpsInfo function of the gpsinfo.c file of jhead 3.00 may allow a remote attacker to cause a denial-of-service attack or unspecified other impact via a malicious JPEG file, because of inconsistency between float and double in a sprintf format string during TAGGPSALT handling...

Abode Iota 格式化字符串错误漏洞

Abode Iota is a reliable Diy home security system from Abode. Abode Iota All-In-One Security Kit versions 6.9X and 6.9Z have a format string error vulnerability that stems from a format string injection vulnerability in the XCMD testWifiAP feature, which allows an attacker to modify the...

Abode Iota 格式化字符串错误漏洞

Abode Iota is a reliable Diy home security system from Abode. A format string error vulnerability exists in Abode Iota versions 6.9X and 6.9Z, which stems from the fact that an attacker can send a malicious XML payload to its XCMD getVarHA function resulting in memory corruption, information...

MariaDB 格式化字符串错误漏洞

MariaDB is a free and open source database management system from the MariaDB Mariadb Foundation and a forked version of MySQL with the Maria storage engine. A format string error vulnerability exists in MariaDB due to a format string error in the CONNECT function implementation. A remote user wi...

Unitrends Backup Formatting String Error Vulnerability

Unitrends Backup is designed to eliminate data loss, ransomware and risk. A format string error vulnerability exists in versions of Unitrends Backup prior to 10.5.5, which stems from the creation of an HTTP request that could trigger a format string vulnerability in a privileged vaultServer...

Tcl 格式化字符串错误漏洞

Tcl is a free and available open source package. It provides a powerful platform for creating integrated applications that tie together various applications, protocols, devices, and frameworks. A format string error vulnerability exists in Tcl version 8.6.11, which stems from a format string...

Weidmueller Industrial WLAN devices formatting string error vulnerability

Weidmueller Industrial WLAN devices is an industrial WIAN from Weidmueller, Germany. A Format String Error vulnerability exists in Weidmueller Industrial WLAN devices, which stems from a specially crafted time server entry that can lead to a time server buffer overflow that can be exploited by an...

Weidmueller Industrial WLAN 格式化字符串错误漏洞

Weidmueller Industrial WLAN devices is an industrial WIAN from Weidmueller, Germany. A Format String Error vulnerability exists in Weidmueller Industrial WLAN devices, which stems from a specially crafted time server entry that can lead to a time server buffer overflow that can be exploited by an...