CVE-2023-27853

NETGEAR Nighthawk WiFi6 Router prior to V1.0.10.94 contains a format string vulnerability in a SOAP service that could allow an attacker to execute arbitrary code on the device...

CVE-2023-27853

NETGEAR Nighthawk WiFi6 Router prior to V1.0.10.94 contains a format string vulnerability in a SOAP service that could allow an attacker to execute arbitrary code on the device...

CVE-2023-27853

NETGEAR Nighthawk WiFi6 Router prior to V1.0.10.94 has a format string vulnerability in its SOAP service that could allow arbitrary code execution. Root cause: uncontrolled format strings in SOAP. Affected versions: before 1.0.10.94. Impact: remote code execution on the device. Remediation: updat...

Debian: Security Advisory (DSA-841-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian: Security Advisory (DLA-105-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

PT-2023-2030 · NetGear · Netgear Nighthawk Wifi6 Router

Name of the Vulnerable Software and Affected Versions: NETGEAR Nighthawk WiFi6 Router versions prior to V1.0.10.94 Description: The issue is related to a format string vulnerability in a SOAP service of the NETGEAR Nighthawk WiFi6 Router. This vulnerability could allow an attacker to execute...

CVE-2015-10088

A vulnerability, which was classified as critical, was found in ayttm up to 0.5.0.89. This affects the function httpconnect in the library libproxy/proxy.c. The manipulation leads to format string. It is possible to initiate the attack remotely. The complexity of an attack is rather high. The...

Format string

A vulnerability, which was classified as critical, was found in ayttm up to 0.5.0.89. This affects the function httpconnect in the library libproxy/proxy.c. The manipulation leads to format string. It is possible to initiate the attack remotely. The complexity of an attack is rather high. The...

UBUNTU-CVE-2015-10088

A vulnerability, which was classified as critical, was found in ayttm up to 0.5.0.89. This affects the function httpconnect in the library libproxy/proxy.c. The manipulation leads to format string. It is possible to initiate the attack remotely. The complexity of an attack is rather high. The...

CVE-2015-10088

A vulnerability, which was classified as critical, was found in ayttm up to 0.5.0.89. This affects the function httpconnect in the library libproxy/proxy.c. The manipulation leads to format string. It is possible to initiate the attack remotely. The complexity of an attack is rather high. The...

CVE-2015-10088 ayttm proxy.c http_connect format string

A vulnerability, which was classified as critical, was found in ayttm up to 0.5.0.89. This affects the function httpconnect in the library libproxy/proxy.c. The manipulation leads to format string. It is possible to initiate the attack remotely. The complexity of an attack is rather high. The...

CVE-2015-10088

CVE-2015-10088 affects ayttm up to 0.5.0.89, specifically the http_connect function in libproxy/proxy.c, where a format string vulnerability exists. The issue can be executed remotely and is described as high severity with complex exploitability. A patch is available (hash: 40e04680018614a7d2b685...

PT-2023-10267 · Ayttm · Ayttm

Name of the Vulnerable Software and Affected Versions: ayttm versions up to 0.5.0.89 Description: A critical vulnerability was found in ayttm, affecting the function http connect in the library libproxy/proxy.c. The manipulation leads to a format string issue, which can be initiated remotely. The...

K15903: Multiple PHP vulnerabilities

Security Advisory Description Description CVE-2012-3365 The SQLite functionality in PHP before 5.3.15 allows remote attackers to bypass the openbasedir protection mechanism via unspecified vectors. CVE-2012-2329 Buffer overflow in the apacherequestheaders function in sapi/cgi/cgimain.c in PHP 5.4...

K5794: Security Advisory: Perl integer sign error in format string processing - CVE-2005-3962

Security Advisory Description Note : Versions that are not listed in this Solution have not been evaluated for vulnerability to this security advisory. For information about F5 Networks' security policy regarding evaluating older and unsupported versions of F5 Networks products, refer to K4602:...

K5534: Apache mod_proxy message format vulnerability CAN-2004-0700

Security Advisory Description Note : Versions that are not listed in this article have not been evaluated for vulnerability to this security advisory. For information about the F5 security policy regarding evaluating older and unsupported versions of F5 products, refer to K4602: Overview of the F...

K51484039: PHP 'snmp.c' remote format string vulnerability CVE-2016-4071

Security Advisory Description Format string vulnerability in the phpsnmperror function in ext/snmp/snmp.c in PHP before 5.5.34, 5.6.x before 5.6.20, and 7.x before 7.0.5 allows remote attackers to execute arbitrary code via format string specifiers in an SNMP::get call. CVE-2016-4071 Impact There...

CVE-2023-23783

A use of externally-controlled format string in Fortinet FortiWeb version 7.0.0 through 7.0.1, FortiWeb 6.4 all versions allows attacker to execute unauthorized code or commands via specially crafted command arguments...

CVE-2023-23783

CVE-2023-23783 relates to Fortinet FortiWeb, where a vulnerability stems from an externally-controlled format string in the command line interface. Affected products include FortiWeb 7.0.0–7.0.1 and FortiWeb 6.4 (all versions). The root cause is improper handling of format strings, which could al...

FortiWeb - format string vulnerability in the CLI

A format string vulnerability CWE-134 in the command line interpreter of FortiWeb may allow an authenticated user to execute unauthorized code or commands via specially crafted command arguments...