EUVD-2025-204670

A vulnerability has been found in Tenda FH1201 1.2.0.14408. Affected is the function sprintf of the file /goform/SetIpBind. Such manipulation of the argument page leads to stack-based buffer overflow. The attack may be performed from remote. The exploit has been disclosed to the public and may be...

AZL-72697 CVE-2025-68114 affecting package capstone 4.0.2-4

Capstone is a disassembly framework. In versions 6.0.0-Alpha5 and prior, an unchecked vsnprintf return in SStreamconcat lets a malicious csoptmem.vsnprintf drive SStream’s index negative or past the end, leading to a stack buffer underflow/overflow when the next write occurs. Commit...

CVE-2025-68118

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.20.0, a vulnerability exists in FreeRDP’s certificate handling code on Windows platforms. The function freerdpcertificatedatahash uses the Microsoft-specific snprintf function to format certificate cache filenames...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the fact that using snprintf may result in a buffer overflow, and that scnprintf should be used instead...

SUSE CVE-2024-38576

In the Linux kernel, the following vulnerability has been resolved: rcu: Fix buffer overflow in printcpustallinfo The rcuc-starvation output from printcpustallinfo might overflow the buffer if there is a huge difference in jiffies difference. The situation might seem improbable, but computers...

The vulnerability of the formatting function of the SQL parser for Python, Sqlparse, allows a hacker to cause a service failure.

The vulnerability of the formatting function of the SQL parser for Python Sqlparse is related to the use of a regular expression with inefficient computational complexity. Exploiting this vulnerability allows an attacker to cause service failures remotely...

EyouCMS 跨站请求伪造漏洞

Zanzan Network Technology EyouCms Eyou CMS is an open source content management system CMS based on ThinkPHP by China Zanzan Network Technology. A security vulnerability exists in EyouCMS v1.6.2, which originated from allowing an attacker to execute arbitrary commands by uploading a carefully...

MGASA-2019-0353 Updated icu packages fix security vulnerability

The updated packages fix a security vulnerability: International Components for Unicode ICU for C/C++ 63.1 has an integer overflow in number::impl::DecimalQuantity::toScientificString in i18n/numberdecimalquantity.cpp. CVE-2018-18928...

Apache HTTP Server Format String Remote Code Execution

A remote code execution vulnerability has been reported in Apache HTTP servers. The vulnerability is due to the failure of the application in verifying string arguments that are passed to a formatting function. A remote attacker can exploit this vulnerability to inject and execute arbitrary code...

python: Potential integer underflow and overflow in the PyOS_vsnprintf C API function

Multiple integer overflows in the PyOSvsnprintf function in Python/mysnprintf.c in Python 2.5.2 and earlier allow context-dependent attackers to cause a denial of service memory corruption or have unspecified other impact via crafted input to string formatting operations. NOTE: the handling of...