8509 matches found
CVE-2019-14412
Maketext in cPanel before 78.0.2 allows format-string injection in the DCV checkdomainsviadns UAPI SEC-474...
CVE-2011-2475
Format string vulnerability in ECTrace.dll in the iMailGateway service in the Internet Mail Gateway in OneBridge Server and DMZ Proxy in Sybase OneBridge Mobile Data Suite 5.5 and 5.6 allows remote attackers to execute arbitrary code via format string specifiers in unspecified string fields,...
CVE-2018-10388
Format string vulnerability in the logMess function in TFTP Server SP 1.66 and earlier allows remote attackers to perform a denial of service or execute arbitrary code via format string sequences in a TFTP error packet...
CVE-2018-10389
Format string vulnerability in the logMess function in TFTP Server MT 1.65 and earlier allows remote attackers to perform a denial of service or execute arbitrary code via format string sequences in a TFTP error packet...
CVE-2015-10088
A vulnerability, which was classified as critical, was found in ayttm up to 0.5.0.89. This affects the function httpconnect in the library libproxy/proxy.c. The manipulation leads to format string. It is possible to initiate the attack remotely. The complexity of an attack is rather high. The...
CVE-2005-2237
Format string vulnerability in the swcons command in IBM AIX 5.3, and possibly other versions, might allow local users to execute arbitrary code via long command line arguments...
CVE-2002-2155
Format string vulnerability in the error handling of IRC invite responses for Trillian 0.725 and 0.73 allows remote IRC servers to execute arbitrary code via an invite to a channel with format string specifiers in the name...
CVE-2005-4846
Format string vulnerability in Logger.cc for Spey 0.3.3 allows attackers to cause a denial of service crash and possibly execute arbitrary code via format string specifiers in a syslog call...
CVE-2008-7228
Multiple format string vulnerabilities in WhiteDune before 0.29beta851 have unspecified impact and attack vectors, a different vulnerability than CVE-2008-0101...
CVE-2006-6750
Format string vulnerability in XM Easy Personal FTP Server 5.0.1 allows remote attackers to cause a denial of service application crash via format string specifiers in a long PORT command. NOTE: this issue might be related to CVE-2006-2226...
CVE-2007-5561
Format string vulnerability in the logging function in the Oracle OPMN daemon, as used on Oracle Enterprise Grid Console server 10.2.0.1, allows remote attackers to execute arbitrary code via format string specifiers in the URI in an HTTP request to port 6003, aka Oracle reference number 6296175...
CVE-2004-2160
Format string vulnerability in xmlelem.c for XMLStarlet Command Line XML Toolkit 0.9.3 may allow attackers to cause a denial of service or execute arbitrary code...
CVE-2003-0784
Format string vulnerability in tsm for the bos.rte.security fileset on AIX 5.2 allows remote attackers to gain root privileges via login, and local users to gain privileges via login, su, or passwd, with a username that contains format string specifiers...
CVE-2005-2236
Format string vulnerability in the paginit command in IBM AIX 5.3, and possibly other versions, might allow local users to execute arbitrary code via format strings in command line arguments...
CVE-2002-2236
Format string vulnerability in the awplog function in apt-www-proxy 0.1 allows remote attackers to execute arbitrary code...
CVE-2002-1789
Format string vulnerability in newsx NNTP client before 1.4.8 allows local users to execute arbitrary code via format string specifiers that are not properly handled in a call to the syslog function...
CVE-2005-3666
Multiple unspecified format string vulnerabilities in multiple unspecified implementations of Internet Key Exchange version 1 IKEv1 have multiple unspecified attack vectors and impacts, as demonstrated by the PROTOS ISAKMP Test Suite for IKEv1. NOTE: due to the lack of information in the original...
CVE-2009-5141
Format string vulnerability in War FTP Daemon warftpd 1.82 RC 12 allows remote authenticated users to cause a denial of service crash via format string specifiers in a LIST command...
Alibaba Cloud Linux 3 : 0140: libinput (ALINUX3-SA-2022:0140)
The remote Alibaba Cloud Linux 3 host has packages installed that are affected by a vulnerability as referenced in the ALINUX3-SA-2022:0140 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2022-1215: A format string vulnerability was...
Amazon Linux AMI : ghostscript (ALAS-2025-1978)
The version of ghostscript installed on the remote host is prior to 8.70-24.35. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS-2025-1978 advisory. PS interpreter - check the type of the Pattern Implementation NOTE:...