The vulnerability of the yajl_string_decode function in the yajl_encode.c component of the YAJL-ruby library allows a attacker to cause a service failure.

The vulnerability of the yajlstringdecode function in the yajlencode.c component of the YAJL-ruby library is related to insufficient processing of the format string. Exploiting this vulnerability could allow a malicious actor to cause a service failure by using a specially created JSON file...

The vulnerability of the STST TA component in Samsung Teegris’ Android operating system allows a hacker to execute arbitrary code.

The vulnerability of the STST TA component in Samsung Teegris’ Android operating system security system is related to the use of uncontrolled format strings. Exploiting this vulnerability could allow an attacker to execute arbitrary code...

mariadb: lack of proper validation of a user-supplied string before using it as a format specifier

MariaDB CONNECT Storage Engine Format String Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of MariaDB. Authentication is required to exploit this vulnerability. The specific flaw exists within the processing of SQL...

Rocky Linux 8 : libinput (RLSA-2022:5331)

The remote Rocky Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2022:5331 advisory. - A format string vulnerability was found in libinput CVE-2022-1215 Note that Nessus has not tested for this issue but has instead relied only on the application...

RockyLinux 8 : mariadb:10.5 (RLSA-2022:5826)

The remote RockyLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2022:5826 advisory. mariadb: MariaDB through 10.5.9 allows attackers to trigger a convertconsttoint use-after-free when the BIGINT data type is used CVE-2021-46669 mariadb:...

GLSA-202310-14 : libinput: format string vulnerability when using xf86-input-libinput

The remote host is affected by the vulnerability described in GLSA-202310-14 libinput: format string vulnerability when using xf86-input-libinput - A format string vulnerability was found in libinput CVE-2022-1215 Note that Nessus has not tested for this issue but has instead relied only on the...

libinput: format string vulnerability when using xf86-input-libinput

Background A library to handle input devices in Wayland and, via xf86-input-libinput, in X.org. Description An attacker may be able to run malicious code by exploiting a format string vulnerability. Please review the CVE identifier referenced below for details. Impact When a device is detected by...

CVE-2023-5746

A vulnerability regarding use of externally-controlled format string is found in the cgi component. This allows remote attackers to execute arbitrary code via unspecified vectors. The following models with Synology Camera Firmware versions before 1.0.5-0185 may be affected: BC500 and TC500...

Format string

A vulnerability regarding use of externally-controlled format string is found in the cgi component. This allows remote attackers to execute arbitrary code via unspecified vectors. The following models with Synology Camera Firmware versions before 1.0.5-0185 may be affected: BC500 and TC500...

CVE-2023-5746

A vulnerability regarding use of externally-controlled format string is found in the cgi component. This allows remote attackers to execute arbitrary code via unspecified vectors. The following models with Synology Camera Firmware versions before 1.0.5-0185 may be affected: BC500 and TC500...

CVE-2022-26941

A format string vulnerability exists in Motorola MTM5000 series firmware AT command handler for the AT+CTGL command. An attacker-controllable string is improperly handled, allowing for a write-anything-anywhere scenario. This can be leveraged to obtain arbitrary code execution inside the tedsapp...

Format string

A format string vulnerability exists in Motorola MTM5000 series firmware AT command handler for the AT+CTGL command. An attacker-controllable string is improperly handled, allowing for a write-anything-anywhere scenario. This can be leveraged to obtain arbitrary code execution inside the tedsapp...

CVE-2022-26941

CVE-2022-26941 affects Motorola MTM5000 series firmware; the AT+CTGL command handler contains a format-string vulnerability where an attacker-controlled string can be misinterpreted, enabling a write-anything-anywhere condition and arbitrary code execution inside the teds_app binary that runs wit...

CVE-2022-26941 Format string vulnerability in AT+CTGL command in Motorola MTM5000

A format string vulnerability exists in Motorola MTM5000 series firmware AT command handler for the AT+CTGL command. An attacker-controllable string is improperly handled, allowing for a write-anything-anywhere scenario. This can be leveraged to obtain arbitrary code execution inside the tedsapp...

CVE-2022-26941 Format string vulnerability in AT+CTGL command in Motorola MTM5000

A format string vulnerability exists in Motorola MTM5000 series firmware AT command handler for the AT+CTGL command. An attacker-controllable string is improperly handled, allowing for a write-anything-anywhere scenario. This can be leveraged to obtain arbitrary code execution inside the tedsapp...

Motorola MTM5000 Formatting String Error Vulnerability

The Motorola MTM5000 is a mobile radio from Motorola, USA. A security vulnerability exists in the Motorola MTM5000 that stems from a format string vulnerability in the AT+CTGL command in the command handler, which results in a write-anywhere scenario that can be exploited to obtain arbitrary code...

The vulnerability of the Advanced Open VPN function in the microprogramming software for Wi-Fi routers from ASUS, RT-AX88U, allows a intruder to gain unauthorized access to protected information and execute arbitrary code.

The vulnerability of the Advanced Open VPN function in the microprogramming software for Wi-Fi routers from ASUS, the RT-AX88U, is related to the use of uncontrolled format strings. Exploiting this vulnerability could allow an attacker operating remotely to gain unauthorized access to protected...

Format string

ASUS router RT-AX88U has a vulnerability of using externally controllable format strings within its Advanced Open VPN function. An authenticated remote attacker can exploit the exported OpenVPN configuration to execute an externally-controlled format string attack, resulting in sensitivity...

CVE-2023-41349 ASUS RT-AX88U - externally-controlled format string

ASUS router RT-AX88U has a vulnerability of using externally controllable format strings within its Advanced Open VPN function. An authenticated remote attacker can exploit the exported OpenVPN configuration to execute an externally-controlled format string attack, resulting in sensitivity...

CVE-2023-41349 ASUS RT-AX88U - externally-controlled format string

ASUS router RT-AX88U has a vulnerability of using externally controllable format strings within its Advanced Open VPN function. An authenticated remote attacker can exploit the exported OpenVPN configuration to execute an externally-controlled format string attack, resulting in sensitivity...