205 matches found
TP-Link Tapo C110 格式化字符串错误漏洞
The TP-Link Tapo C110 is an indoor network camera produced by TP-Link Corporation. The TP-Link Tapo C110 v2 has a vulnerability related to formatted string handling. This vulnerability stems from improper processing of user control inputs in the ONVIF service. It is possible for authenticated...
CVE-2026-24091
Memory corruption while processing fastboot commands with improperly formatted input...
CVE-2026-24091
Memory corruption while processing fastboot commands with improperly formatted input...
CVE-2026-24091
Technical details about CVE-2026-24091 are not publicly available in the provided documents. Monitor for updates and new connected documents for affected products, versions, and fixes.
CVE-2026-24091
Memory corruption while processing fastboot commands with improperly formatted input...
PT-2026-45646
Memory corruption while processing fastboot commands with improperly formatted input...
Netatalk 格式化字符串错误漏洞
Netatalk is an open-source software developed by Netatalk Inc. It provides AFP file server functionality for Classic Mac OS and macOS on Unix-like operating systems. Versions 3.0.3 to 4.4.2 of Netatalk contain a vulnerability related to formatted string errors. This vulnerability arises from...
ZTE Cloud PC client uSmartView 格式化字符串错误漏洞
The ZTE Cloud PC client uSmartView is a cloud desktop remote access client software developed by ZTE Corporation. The ZTE Cloud PC client uSmartView has a vulnerability related to formatted strings. This vulnerability may lead to memory corruption and remote denial of service attacks...
Notepad++ 格式化字符串错误漏洞
Notepad++ is an open-source plain-text editor developed by Don Ho of Taiwan, China. Notepad++ has a vulnerability related to formatted string handling, which stems from string injection issues. This vulnerability may allow attackers to obtain memory address information or cause the application to...
CVE-2026-31630
In the Linux kernel, the following vulnerability has been resolved: rxrpc: proc: size address buffers for %pISpc output The AFRXRPC procfs helpers format local and remote socket addresses into fixed 50-byte stack buffers with "%pISpc". That is too small for the longest current-tree IPv6-with-port...
CVE-2026-5450
A flaw was found in glibc GNU C Library. This vulnerability occurs when an application uses the scanf family of functions with a %mc format specifier, which is used for dynamically allocating memory for character input, and provides an explicit width greater than 1024. This specific combination c...
CVE-2025-41011 HTML injection in PHP Point Of Sale
HTML injection vulnerability in PHP Point of Sale v19.4. This vulnerability allows an attacker to render HTML in the victim's browser due to a lack of proper validation of user input by sending a request to '/reports/generate/specificcustomer', ussing 'startdateformatted' y 'enddateformatted'...
CVE-2025-41011
CVE-2025-41011 — HTML injection in PHP Point of Sale v19.4 due to insufficient input validation in the /reports/generate/specific_customer endpoint (parameters: start_date_formatted, end_date_formatted). This allows rendering HTML in the victim’s browser. CVSS 4.0: Attack vector NETWORK; attack c...
Unity Linux 20.1070e Security Update: kernel (UTSA-2026-013222)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013222 advisory. In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Array index may go out of bound Klocwork reports array 'vha-hoststr' of size 16 ma...
CVE-2026-6643
A stack-based buffer overflow vulnerability was found in the VPN Clients on the ADM. The issue stems from the use of unbounded sscanf and passing user-controlled data directly to printf. Due to the lack of PIE and Stack Canary protections, an authenticated remote attacker can exploit these to...
CVE-2026-40087
LangChain is a framework for building agents and LLM-powered applications. Prior to 0.3.84 and 1.2.28, LangChain's f-string prompt-template validation was incomplete in two respects. First, some prompt template classes accepted f-string templates and formatted them without enforcing the same...
Fortinet多款产品 格式化字符串错误漏洞
Fortinet FortiManager is a product of the American company Fortinet. Fortinet FortiManager is a centralized network security management platform. Fortinet FortiAnalyzer is a centralized network security reporting solution. Fortinet FortiManager Cloud is a cloud-based network management software...
CVE-2026-24108
An issue was discovered in Tenda W20E V4.0brV15.11.0.6. Attackers may exploit the vulnerability by controlling the value of nptr. When this value is passed into the getMibPrefix function and concatenated using sprintf without proper size validation, it could lead to a buffer overflow vulnerabilit...
CVE-2026-24111
CVE-2026-24111 affects the Tenda W20E router (v4.0br_V15.11.0.6). The issue arises when the value of the parameter userInfo is passed to the function addAuthUser and handled by a call to sscanf without proper size validation, which can lead to a buffer overflow . The public descriptions consisten...
CVE-2025-23709
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in kiroro Formatted post formatted-post allows Reflected XSS.This issue affects Formatted post: from n/a through = 1.01...