8509 matches found
Arbitrary Code Execution
php is vulnerable to arbitrary code execution. If the odbcresultall function was used to display data from a database, and the database table contents were under an attacker's control, a format string vulnerability was possible which could allow arbitrary code execution...
CVE-2020-1992
A format string vulnerability in the Varrcvr daemon of PAN-OS on PA-7000 Series devices with a Log Forwarding Card LFC allows remote attackers to crash the daemon creating a denial of service condition or potentially execute code with root privileges. This issue affects Palo Alto Networks PAN-OS...
CVE-2020-1992
A format string vulnerability in the Varrcvr daemon of PAN-OS on PA-7000 Series devices with a Log Forwarding Card LFC allows remote attackers to crash the daemon creating a denial of service condition or potentially execute code with root privileges. This issue affects Palo Alto Networks PAN-OS...
Format string
A format string vulnerability in the Varrcvr daemon of PAN-OS on PA-7000 Series devices with a Log Forwarding Card LFC allows remote attackers to crash the daemon creating a denial of service condition or potentially execute code with root privileges. This issue affects Palo Alto Networks PAN-OS...
CVE-2020-1992 PAN-OS on PA-7000 Series: Varrcvr daemon network-based denial of service or privilege escalation
A format string vulnerability in the Varrcvr daemon of PAN-OS on PA-7000 Series devices with a Log Forwarding Card LFC allows remote attackers to crash the daemon creating a denial of service condition or potentially execute code with root privileges. This issue affects Palo Alto Networks PAN-OS...
PAN-OS on PA-7000 Series: Varrcvr daemon network-based denial of service or privilege escalation
A format string vulnerability in the Varrcvr daemon of PAN-OS on PA-7000 Series devices with a Log Forwarding Card LFC allows remote attackers to crash the daemon creating a denial of service condition or potentially execute code with root privileges. This issue affects Palo Alto Networks PAN-OS...
Palo Alto Networks PAN-OS 8.1.x < 8.1.13 Privilege Escalation (PAN-97584)
The version of Palo Alto Networks PAN-OS running on the remote host is 8.1.x prior to 8.1.13. It is, therefore, affected by a format string vulnerability in the PAN-OS log daemon logd on Panorama due to improper handling of user-supplied input. An authenticated, local attacker can exploit this, b...
CVE-2020-1979
A format string vulnerability in the PAN-OS log daemon logd on Panorama allows a network based attacker with knowledge of registered firewall devices and access to Panorama management interfaces to execute arbitrary code, bypassing the restricted shell and escalating privileges. This issue affect...
Format string
A format string vulnerability in the PAN-OS log daemon logd on Panorama allows a network based attacker with knowledge of registered firewall devices and access to Panorama management interfaces to execute arbitrary code, bypassing the restricted shell and escalating privileges. This issue affect...
CVE-2020-1979
The CVE-2020-1979 entry describes a format-string vulnerability in Palo Alto Networks PAN-OS log daemon (logd) on Panorama. Affected are PAN-OS 8.1.x versions before 8.1.13; PAN-OS 7.1, 9.0, and later are not affected. An authenticated, local attacker with access to Panorama management interfaces...
PAN-OS: A format string vulnerability in PAN-OS log daemon (logd) on Panorama allows local privilege escalation
A format string vulnerability in the PAN-OS log daemon logd on Panorama allows a network based attacker with knowledge of registered firewall devices and access to Panorama management interfaces to execute arbitrary code, bypassing the restricted shell and escalating privileges. This issue affect...
The vulnerability of the Cisco Discovery protocol implementation in the Cisco IOS XR operating system allows a perpetrator to execute arbitrary code or trigger a reboot of the vulnerable device.
The vulnerability of the Cisco Discovery protocol implementation in the Cisco IOS XR operating system is related to the use of uncontrolled format strings. Exploiting this vulnerability allows a malicious actor to execute arbitrary code or trigger a restart of the vulnerable device remotely...
Debian: Security Advisory (DLA-2131-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] [DLA 2131-1] rrdtool security update
Package : rrdtool Version : 1.4.8-1.2+deb8u1 CVE ID : CVE-2014-6262 Multiple format string vulnerabilities in RRDtool, as used in Zenoss Core before 4.2.5 and other products, allow remote attackers to execute arbitrary code or cause a denial of service application crash via a crafted third argume...
CVE-2019-5143
An exploitable format string vulnerability exists in the iwconsole coniowritestr functionality of the Moxa AWK-3131A firmware version 1.13. A specially crafted time server entry can cause an overflow of the time server buffer, resulting in remote code execution. An attacker can send commands whil...
CVE-2019-5143
An exploitable format string vulnerability exists in the iwconsole coniowritestr functionality of the Moxa AWK-3131A firmware version 1.13. A specially crafted time server entry can cause an overflow of the time server buffer, resulting in remote code execution. An attacker can send commands whil...
Format string
An exploitable format string vulnerability exists in the iwconsole coniowritestr functionality of the Moxa AWK-3131A firmware version 1.13. A specially crafted time server entry can cause an overflow of the time server buffer, resulting in remote code execution. An attacker can send commands whil...
CVE-2019-5143
The CVE-2019-5143 issue affects Moxa AWK-3131A firmware v1.13. It is a classic buffer overflow (CWE-120) in iw_console conio_writestr that occurs when a time-server entry is crafted; this can overflow the time server buffer and enable remote code execution. Exploitation requires authentication as...
CVE-2019-5143
An exploitable format string vulnerability exists in the iwconsole coniowritestr functionality of the Moxa AWK-3131A firmware version 1.13. A specially crafted time server entry can cause an overflow of the time server buffer, resulting in remote code execution. An attacker can send commands whil...
Moxa AWK-3131A iw_console conio_writestr Remote Code Execution Vulnerability
Summary An exploitable format string vulnerability exists in the iwconsole coniowritestr functionality of the Moxa AWK-3131A firmware version 1.13. A specially crafted time server entry can cause an overflow of the time server buffer, resulting in remote code execution. An attacker can send...