CVE-2024-4641 OnCell G3470A-LTE Series: Authenticated Format String Errors

OnCell G3470A-LTE Series firmware versions v1.7.7 and prior have been identified as vulnerable due to accepting a format string from an external source as an argument. An attacker could modify an externally controlled format string to cause a memory leak and denial of service...

[SECURITY] Fedora 40 Update: jFormatString-0-0.49.20131227gitf159b88.fc40

This project is derived from Sun's implementation of java.util.Formatter. It is designed to allow compile time checks as to whether or not a use of a format string will be erroneous when executed at runtime...

openSUSE Security Update : perl-DBD-Pg (openSUSE-SU-2012:0422-1)

perl-DBD-Pg was prone to format string errors which could crash applications %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update openSUSE-2012-180. The text description of this plugin is C SUSE LL...

GLSA-201405-19 : MCrypt: User-assisted execution of arbitrary code

The remote host is affected by the vulnerability described in GLSA-201405-19 MCrypt: User-assisted execution of arbitrary code Multiple vulnerabilities have been discovered in MCrypt: A boundary error in MCrypt could cause a stack-based buffer overflow CVE-2012-4409. MCrypt contains multiple form...

MCrypt: User-assisted execution of arbitrary code

Background MCrypt is a replacement of the old unix crypt1 utility. Description Multiple vulnerabilities have been discovered in MCrypt: A boundary error in MCrypt could cause a stack-based buffer overflow CVE-2012-4409. MCrypt contains multiple format string errors CVE-2012-4426. MCrypt does not...

Slackware Advisory SSA:2007-222-03 qt

The remote host is missing an update as announced via advisory SSA:2007-222-03. OpenVAS Vulnerability Test $Id: esoftslkssa200722203.nasl 6598 2017-07-07 09:36:44Z cfischer $ Description: Auto-generated from the corresponding slackware advisory Authors: Thomas Reinke Copyright: Copyright c 2012...

Slackware: Security Advisory (SSA:2007-222-03)

The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SILC Client Channel Name Format String Vulnerability

This host has SILC Client installed and is prone to Format String vulnerability. OpenVAS Vulnerability Test $Id: secpodsilcprdtschannelnameformatstringvuln.nasl 5122 2017-01-27 12:16:00Z teissa $ SILC Client & Toolkit Channel Name Format String Vulnerability Authors: Nikita MR Copyright: Copyrigh...

Gentoo Security Advisory GLSA 200502-24 (mc)

The remote host is missing updates announced in advisory GLSA 200502-24. OpenVAS Vulnerability Test $ Description: Auto generated from Gentoo's XML based advisory Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc. http://www.securityspace.com Text descriptions are largely excerpted fr...

Slackware 10.2 / 11.0 / 12.0 : qt (SSA:2007-222-03)

New qt packages are available for Slackware 10.2, 11.0, and 12.0 to fix format string errors. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Slackware Security Advisory 2007-222-03. The text itself is copyright C...

OWASP JBroFuzz 0.3 Fuzzer Released!

JBroFuzz is an OWASP Project that emerged from penetration testing. It deals with fuzzing stateless network protocols such as HTTP, SOAP, XML, LDAP, etc. Apart from fancy terminology, JBroFuzz 0.3 has inbuilt the following Generators ready to be used: basic cross site scripting checks XSS basic S...

clamav -- Multiple Vulnerabilities

Secunia reports: Some vulnerabilities have been reported in ClamAV, which potentially can be exploited by malicious people to cause a DoS Denial of Service and compromise a vulnerable system. An unspecified integer overflow error exists in the PE header parser in "libclamav/pe.c". Successful...

GLSA-200512-01 : Perl: Format string errors can lead to code execution

The remote host is affected by the vulnerability described in GLSA-200512-01 Perl: Format string errors can lead to code execution Jack Louis discovered a new way to exploit format string errors in Perl that could lead to the execution of arbitrary code. This is perfomed by causing an integer wra...

Emacs, XEmacs: Format string vulnerabilities in movemail

Background GNU Emacs and XEmacs are highly extensible and customizable text editors. movemail is an Emacs utility that can fetch mail on remote mail servers. Description Max Vozeler discovered that the movemail utility contains several format string errors. Impact An attacker could set up a...

emule/xmule/lmule multiple bugs

Multiple bugs including format string and buffer overflows...

Переполнение буфера в pmake (buffer overflow)

Переполнение буфре, ошибки форматной строки в приложении suid root на некоторых платформах...

Дырки в icecast

Ошибки форматной строки, переполнения буфера...

Серьезные дырки в cfengine

Многочисленные ошибки форматной строки позволяют получить root удаленно...

Дырки в TIS Firewall Toolkit

Многочисленные переполнения буфера и ошибки форматной строки...

Дырка в LPRng и lpr.

Ошибка форматной строки в lpd, причем последний работает как suid root. Кроме того ошибки форматной строки и преобразования данных в lpr...