8509 matches found
CVE-2011-1588
Thunar before 1.3.1 could crash when copy and pasting a file name with % format characters due to a format string error...
CVE-2011-1588
Thunar before 1.3.1 could crash when copy and pasting a file name with % format characters due to a format string error...
Format string
Thunar before 1.3.1 could crash when copy and pasting a file name with % format characters due to a format string error...
CVE-2011-1588
CVE-2011-1588 affects Thunar up to version 1.3.1, where a crash can occur when copying and pasting a file name containing % format characters due to a format string error. The root cause is a faulty format string handling in the relevant code path. The connected advisories indicate a fix in the O...
CVE-2011-1588
Thunar before 1.3.1 could crash when copy and pasting a file name with % format characters due to a format string error...
Cisco Ios Use of Externally-Controlled Format String
Format String vulnerability in the Link Layer Discovery Protocol LLDP subsystem of Cisco IOS Software, Cisco IOS XE Software, and Cisco IOS XR Software could allow an unauthenticated, adjacent attacker to cause a denial of service DoS condition or execute arbitrary code with elevated privileges o...
Xen Project VCPUOP_initialise DoS (XSA-296)
According to its self-reported version number, the Xen hypervisor installed on the remote host is affected by a denial of service vulnerability due to poor handling of an invalid format string in 'hypercallcreatecontinuation'. This function can be reached via a long-running 'VCPUOPinitialise'...
EulerOS 2.0 SP5 : udisks2 (EulerOS-SA-2019-2193)
According to the version of the udisks2 packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - UDisks 2.8.0 has a format string vulnerability in udiskslog in udiskslogging.c, allowing attackers to obtain sensitive information stack contents,...
ALPINE-CVE-2019-18420
An issue was discovered in Xen through 4.12.x allowing x86 PV guest OS users to cause a denial of service via a VCPUOPinitialise hypercall. hypercallcreatecontinuation is a variadic function which uses a printf-like format string to interpret its parameters. Error handling for a bad format...
VCPUOP_initialise DoS
ISSUE DESCRIPTION hypercallcreatecontinuation is a variadic function which uses a printf-like format string to interpret its parameters. Error handling for a bad format character was done using BUG, which crashes Xen. One path, via the VCPUOPinitialise hypercall, has a bad format character. The B...
NewStart CGSL CORE 5.04 / MAIN 5.04 : udisks2 Vulnerability (NS-SA-2019-0201)
The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has udisks2 packages installed that are affected by a vulnerability: - UDisks 2.8.0 has a format string vulnerability in udiskslog in udiskslogging.c, allowing attackers to obtain sensitive information stack contents, cause a...
CVE-2018-14661
It was found that usage of snprintf function in feature/locks translator of glusterfs server was vulnerable to a format string attack. A remote, authenticated attacker could use this flaw to cause remote denial of service...
CVE-2008-1333
Format string vulnerability in Asterisk Open Source 1.6.x before 1.6.0-beta6 might allow remote attackers to execute arbitrary code via logging messages that are not properly handled by 1 the astverbose logging API call, or 2 the astmanappend function...
CVE-2008-5660
Format string vulnerability in the vinagreutilsshowerror function src/vinagre-utils.c in Vinagre 0.5.x before 0.5.2 and 2.x before 2.24.2 might allow remote attackers to execute arbitrary code via format string specifiers in a crafted URI or VNC server response...
Format string
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit Reader 9.5.0.20723. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within t...
CVE-2019-13318
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit Reader 9.5.0.20723. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within t...
Amazon Linux 2 : ncurses (ALAS-2019-1302)
In ncurses 6.0, there is an attempted 0xffffffffffffffff access in the appendacs function of tinfo/parseentry.c. It could lead to a remote denial of service attack if the terminfo library code is used to process untrusted terminfo data. CVE-2017-11112 In ncurses 6.0, there is a NULL pointer...
CVE-2019-6840
A Format String: CWE-134 vulnerability exists in U.motion Server MEG6501-0001 - U.motion KNX server, MEG6501-0002 - U.motion KNX Server Plus, MEG6260-0410 - U.motion KNX Server Plus, Touch 10, MEG6260-0415 - U.motion KNX Server Plus, Touch 15, which could allow an attacker to send a crafted messa...
CVE-2019-6840
A Format String: CWE-134 vulnerability exists in U.motion Server MEG6501-0001 - U.motion KNX server, MEG6501-0002 - U.motion KNX Server Plus, MEG6260-0410 - U.motion KNX Server Plus, Touch 10, MEG6260-0415 - U.motion KNX Server Plus, Touch 15, which could allow an attacker to send a crafted messa...
CVE-2019-6840
A Format String: CWE-134 vulnerability exists in U.motion Server MEG6501-0001 - U.motion KNX server, MEG6501-0002 - U.motion KNX Server Plus, MEG6260-0410 - U.motion KNX Server Plus, Touch 10, MEG6260-0415 - U.motion KNX Server Plus, Touch 15, which could allow an attacker to send a crafted messa...