CVE-2022-26392

The Baxter Spectrum WBM v16, v16D38 and Baxter Spectrum WBM v17, v17D19, v20D29 to v20D32 when in superuser mode is susceptible to format string attacks via application messaging. An attacker could use this to read memory in the WBM to access sensitive information...

CVE-2022-26393

The Baxter Spectrum WBM is susceptible to format string attacks via application messaging. An attacker could use this to read memory in the WBM to access sensitive information or cause a Denial of Service DoS on the WBM...

Baxter Spectrum 访问控制错误漏洞

The Baxter Spectrum is an infusion pump from Baxter USA. An Access Control Error vulnerability exists in Baxter Spectrum WBM versions v16, v16D38, v17, v17D19, v20D29 through v20D32, which stems from vulnerability to a format string attack delivered via an application message, and can be used by ...

Baxter Spectrum 格式化字符串错误漏洞

Baxter Spectrum is an infusion pump from Baxter, Inc. A format string error vulnerability exists in the Baxter Spectrum WBM v20D29, which stems from vulnerability to a format string attack delivered via an application message, and can be used by an attacker to read memory in the WBM to access...

Baxter Spectrum 格式化字符串错误漏洞

Baxter Spectrum is an infusion pump from Baxter USA. A format string error vulnerability exists in the Baxter Sigma and Baxter Spectrum Infusion Pumps that stems from its susceptibility to a format string attack delivered via an application message resulting in an attacker being able to use it to...

Baxter Sigma Spectrum Infusion Pump (Update A)

1. EXECUTIVE SUMMARY --------- Begin Update A part 1 of 3 --------- CVSS v3 7.5 --------- End Update A part 1 of 3 --------- ATTENTION: Exploitable remotely Vendor: Baxter Equipment: Sigma and Baxter Spectrum Infusion Pumps Vulnerabilities: Missing Encryption of Sensitive Data, Use of Externally...

Critical RCE Vulnerability Affects Zyxel NAS Devices — Firmware Patch Released

Networking equipment maker Zyxel has released patches for a critical security flaw impacting its network-attached storage NAS devices. Tracked as CVE-2022-34747 CVSS score: 9.8, the issue relates to a "format string vulnerability" affecting NAS326, NAS540, and NAS542 models. Zyxel credited...

CVE-2022-34747

A format string vulnerability in Zyxel NAS326 firmware versions prior to V5.21AAZF.12C0 could allow an attacker to achieve unauthorized remote code execution via a crafted UDP packet...

CVE-2022-34747

A format string vulnerability in Zyxel NAS326 firmware versions prior to V5.21AAZF.12C0 could allow an attacker to achieve unauthorized remote code execution via a crafted UDP packet...

CVE-2022-34747

A format string vulnerability in Zyxel NAS326 firmware versions prior to V5.21AAZF.12C0 could allow an attacker to achieve unauthorized remote code execution via a crafted UDP packet...

Format string

A format string vulnerability in Zyxel NAS326 firmware versions prior to V5.21AAZF.12C0 could allow an attacker to achieve unauthorized remote code execution via a crafted UDP packet...

CVE-2022-34747

The CVE-2022-34747 entry applies to Zyxel NAS326, NAS540, and NAS542 devices with firmware versions prior to V5.21(AAZF.12)C0. The root cause is a format-string vulnerability in UDP packet handling that could allow an attacker to achieve unauthorized remote code execution. Affected models include...

CVE-2022-34747

A format string vulnerability in Zyxel NAS326 firmware versions prior to V5.21AAZF.12C0 could allow an attacker to achieve unauthorized remote code execution via a crafted UDP packet...

PT-2022-4660 · Zyxel · Zyxel Nas326 +2

Name of the Vulnerable Software and Affected Versions: Zyxel NAS326 firmware versions prior to V5.21AAZF.12C0 Zyxel NAS540 firmware versions prior to V5.21AAZF.12C0 Zyxel NAS542 firmware versions prior to V5.21AAZF.12C0 Description: A format string vulnerability could allow an attacker to achieve...

mariadb: lack of proper validation of a user-supplied string before using it as a format specifier

MariaDB CONNECT Storage Engine Format String Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of MariaDB. Authentication is required to exploit this vulnerability. The specific flaw exists within the processing of SQL...

Ubuntu: Security Advisory (USN-90-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu: Security Advisory (USN-396-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu: Security Advisory (USN-321-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for libinput (EulerOS-SA-2022-2258)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for tcl (EulerOS-SA-2022-2281)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...