8509 matches found
CVE-2018-10388
Format string vulnerability in the logMess function in TFTP Server SP 1.66 and earlier allows remote attackers to perform a denial of service or execute arbitrary code via format string sequences in a TFTP error packet...
Format string
Format string vulnerability in the logMess function in TFTP Server MT 1.65 and earlier allows remote attackers to perform a denial of service or execute arbitrary code via format string sequences in a TFTP error packet...
Format string
Format string vulnerability in the logMess function in TFTP Server SP 1.66 and earlier allows remote attackers to perform a denial of service or execute arbitrary code via format string sequences in a TFTP error packet...
CVE-2018-10389
Format string vulnerability in the logMess function in TFTP Server MT 1.65 and earlier allows remote attackers to perform a denial of service or execute arbitrary code via format string sequences in a TFTP error packet...
CVE-2018-10389
CVE-2018-10389 affects the TFTP server MT up to version 1.65 and earlier. The vulnerability is a format-string issue in the logMess function, allowing remote attackers to cause a denial of service or potentially execute arbitrary code via crafted format strings in a TFTP error packet. Multiple so...
CVE-2018-10388
CVE-2018-10388 affects TFTP Server SP (versions 1.66 and earlier). The vulnerability is a format string issue in the logMess function, enabling remote attackers to cause denial of service or execute arbitrary code via format string sequences in a TFTP error packet. The available connected sources...
CVE-2018-10388
Format string vulnerability in the logMess function in TFTP Server SP 1.66 and earlier allows remote attackers to perform a denial of service or execute arbitrary code via format string sequences in a TFTP error packet...
Amazon Linux 2 : udisks2 (ALAS-2019-1377)
UDisks 2.8.0 has a format string vulnerability in udiskslog in udiskslogging.c, allowing attackers to obtain sensitive information stack contents, cause a denial of service memory corruption, or possibly have unspecified other impact via a malformed filesystem label, as demonstrated by %d or %n...
EulerOS 2.0 SP3 : graphviz (EulerOS-SA-2019-2592)
According to the version of the graphviz packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - Format string vulnerability in the yyerror function in lib/cgraph/scan.l in Graphviz allows remote attackers to have unspecified impact via forma...
CVE-2019-11287
A resource-consumption flaw was identified in the rabbitmq-server web management plugin. Utilizing a malicious 'X-Reason' HTTP header, a remote attacker could insert a malicious Erlang format string which will expand and consume heap memory, resulting in a crash. The highest threat from this...
Medium: udisks2
Issue Overview: UDisks 2.8.0 has a format string vulnerability in udiskslog in udiskslogging.c, allowing attackers to obtain sensitive information stack contents, cause a denial of service memory corruption, or possibly have unspecified other impact via a malformed filesystem label, as demonstrat...
EulerOS 2.0 SP2 : ncurses (EulerOS-SA-2019-2420)
According to the versions of the ncurses packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - There is a heap-based buffer over-read in the ncfindentry function in tinfo/comphash.c in the terminfo library in ncurses before...
EulerOS 2.0 SP2 : graphviz (EulerOS-SA-2019-2355)
According to the version of the graphviz packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - Format string vulnerability in the yyerror function in lib/cgraph/scan.l in Graphviz allows remote attackers to have unspecified impact via forma...
libpoe-component-irc-perl Formatting String Error Vulnerability
libpoe-component-irc-perl is an event-driven Perl IRC client module. A format string error vulnerability exists in versions of libpoe-component-irc-perl prior to 6.32, which can be exploited to execute arbitrary commands on a system by sending specially crafted IRC commands...
CVE-2019-11287
Pivotal RabbitMQ, versions 3.7.x prior to 3.7.21 and 3.8.x prior to 3.8.1, and RabbitMQ for Pivotal Platform, 1.16.x versions prior to 1.16.7 and 1.17.x versions prior to 1.17.4, contain a web management plugin that is vulnerable to a denial of service attack. The "X-Reason" HTTP Header can be...
CVE-2012-0824
gnusound 0.7.5 has format string issue...
CVE-2012-0824
gnusound 0.7.5 has format string issue...
Format string
gnusound 0.7.5 has format string issue...
CVE-2012-0824
gnusound 0.7.5 has format string issue...
CVE-2012-0824
CVE-2012-0824 affects gnusound 0.7.5 with a format string issue (root cause: improper format string handling). Public data in the initial doc shows CVSS metrics: CVSS v2 base 7.5 (HIGH) and CVSS v3.1 base 9.8 (CRITICAL). No explicit exploitation details or affected versions beyond 0.7.5 are provi...