CVE-2017-6680

A vulnerability in the AutoVNF logging function of Cisco Ultra Services Framework could allow an unauthenticated, remote attacker to create arbitrary directories on the affected system. More Information: CSCvc76652. Known Affected Releases: 21.0.0...

Design/Logic Flaw

A vulnerability in the AutoVNF logging function of Cisco Ultra Services Framework could allow an unauthenticated, remote attacker to create arbitrary directories on the affected system. More Information: CSCvc76652. Known Affected Releases: 21.0.0...

CVE-2017-6694

CVE-2017-6694 affects Cisco Ultra Services Platform's Virtual Network Function Manager (VNFM) logging function. A vulnerability allows an authenticated, local attacker to view sensitive data (cleartext credentials) on an affected system, via the VNFM logging interface. Affected release: 21.0.v0.6...

Critical MySQL Vulnerability Disclosed

A researcher has published details and a limited proof-of-concept exploit for a critical vulnerability in MySQL that has been patched by some vendors, but not yet by Oracle. The vulnerability allows an attacker to remotely or locally exploit a vulnerable MySQL database and execute arbitrary code,...

BitDefender Antivirus Logging Function Format String - Ver2 (CVE-2005-3154)

The SOFTWIN BitDefender Antivirus AV product is an anti-virus scanner capable of on-demand as well as email scanning operations. The AV scanner logs by default all results of scans that it performs on the host machine. The logs include positive as well negative virus pattern matches. There exists...

Epic Games Unreal Engine Logging Function - Remote Denial of Service Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/25374/info The Unreal Engine is prone to a remote denial-of-service vulnerability because the application fails to properly bounds-check user-supplied input. Successfully exploiting this issue allows remote attackers to...

Apache HTTP Server auth_ldap Logging Function Format String (CVE-2005-3656; CVE-2006-0150)

There exists a format string vulnerability in the authldap module used with Apache HTTP server. The vulnerability is a result of the failure to properly verify string arguments passed to a logging function, resulting in a memory corruption condition. A remote attacker can exploit this vulnerabili...

MIT Kerberos V5 KAdminD klog_vsyslog Server Stack Buffer Overflow (CVE-2007-0957)

Kerberos is a protocol suite which allows for the negotiation of authenticated, and optionally encrypted, communication between two points on a network. MIT Kerberos V5 is an implementation of this protocol suite. There exists a buffer overflow vulnerability in MIT Kerberos. The vulnerability is...

IBM solidDB Logging Function Format String (CVE-2008-1705)

IBM solidDB is a relational database management system offered by Solid, an IBM Company. solidDB includes an in-memory database as well as a traditional database, which employ both the same SQL interface, and a high availability option. There exists a Format String vulnerability in the IBM solidD...

CVE-2008-1107

Multiple stack-based buffer overflows in the Danske Bank e-Sec Control Module ActiveX control DanskeSikker.ocx 3.1.0.48, and possibly earlier versions, allow remote attackers to execute arbitrary code via long arguments to unspecified methods, which are not properly handled by a logging function...

Stack overflow

Multiple stack-based buffer overflows in the Danske Bank e-Sec Control Module ActiveX control DanskeSikker.ocx 3.1.0.48, and possibly earlier versions, allow remote attackers to execute arbitrary code via long arguments to unspecified methods, which are not properly handled by a logging function...

Danske Bank Danske e-Sec ActiveX buffer overflow

Buffer overflow in logging function...

CVE-2008-1107

Multiple stack-based buffer overflows in the Danske Bank e-Sec Control Module ActiveX control DanskeSikker.ocx 3.1.0.48, and possibly earlier versions, allow remote attackers to execute arbitrary code via long arguments to unspecified methods, which are not properly handled by a logging function...

CVE-2008-1705

Format string vulnerability in the logging function in IBM solidDB 06.00.1018 and earlier allows remote attackers to execute arbitrary code via format string specifiers in the 1 user name, 2 peer name, and possibly unspecified other fields...

Format string

Format string vulnerability in the logging function in IBM solidDB 06.00.1018 and earlier allows remote attackers to execute arbitrary code via format string specifiers in the 1 user name, 2 peer name, and possibly unspecified other fields...

IBM solidDB 6.0.10 - Format String Denial of Service

IBM solidDB 6.0.10 - Format String Denial of Service source: https://www.securityfocus.com/bid/28468/info IBM solidDB is prone to a format-string vulnerability affecting the logging function and three denial-of-service vulnerabilities. Attackers can exploit these issues to execute arbitrary code ...

IBM solidDB 6.0.10 - Format String / Denial of Service

source: https://www.securityfocus.com/bid/28468/info IBM solidDB is prone to a format-string vulnerability affecting the logging function and three denial-of-service vulnerabilities. Attackers can exploit these issues to execute arbitrary code or to deny service to legitimate users. solidDB...

Format string

Format string vulnerability in the logging function in the IM Server aka IMserve or IMserver in Ipswitch Instant Messaging IM 2.0.8.1 and earlier allows remote authenticated users to cause a denial of service daemon crash and possibly have unspecified other impact via format string specifiers in ...

CVE-2008-0945

Format string vulnerability in the logging function in the IM Server aka IMserve or IMserver in Ipswitch Instant Messaging IM 2.0.8.1 and earlier allows remote authenticated users to cause a denial of service daemon crash and possibly have unspecified other impact via format string specifiers in ...

Format string

Format string vulnerability in the logging function in Larson Network Print Server LstNPS 9.4.2 build 105 and earlier for Windows might allow remote attackers to execute arbitrary code via format string specifiers in a USEP command on TCP port 3114...