CVE-2023-25102

Multiple buffer overflow vulnerabilities exist in the vtyshubus binary of Milesight UR32L v32.3.0.5 due to the use of an unsafe sprintf pattern. A specially crafted HTTP request can lead to arbitrary code execution. An attacker with high privileges can send HTTP requests to trigger these...

CVE-2023-25120

Multiple buffer overflow vulnerabilities exist in the vtyshubus binary of Milesight UR32L v32.3.0.5 due to the use of an unsafe sprintf pattern. A specially crafted HTTP request can lead to arbitrary code execution. An attacker with high privileges can send HTTP requests to trigger these...

CVE-2023-25097

Multiple buffer overflow vulnerabilities exist in the vtyshubus binary of Milesight UR32L v32.3.0.5 due to the use of an unsafe sprintf pattern. A specially crafted HTTP request can lead to arbitrary code execution. An attacker with high privileges can send HTTP requests to trigger these...

CVE-2023-25107

Multiple buffer overflow vulnerabilities exist in the vtyshubus binary of Milesight UR32L v32.3.0.5 due to the use of an unsafe sprintf pattern. A specially crafted HTTP request can lead to arbitrary code execution. An attacker with high privileges can send HTTP requests to trigger these...

CVE-2023-25116

Multiple buffer overflow vulnerabilities exist in the vtyshubus binary of Milesight UR32L v32.3.0.5 due to the use of an unsafe sprintf pattern. A specially crafted HTTP request can lead to arbitrary code execution. An attacker with high privileges can send HTTP requests to trigger these...

CVE-2023-25084

Multiple buffer overflow vulnerabilities exist in the vtyshubus binary of Milesight UR32L v32.3.0.5 due to the use of an unsafe sprintf pattern. A specially crafted HTTP request can lead to arbitrary code execution. An attacker with high privileges can send HTTP requests to trigger these...

CVE-2023-25095

Multiple buffer overflow vulnerabilities exist in the vtyshubus binary of Milesight UR32L v32.3.0.5 due to the use of an unsafe sprintf pattern. A specially crafted HTTP request can lead to arbitrary code execution. An attacker with high privileges can send HTTP requests to trigger these...

Siemens Ruggedcom ROX Integer Overflow or Wraparound (CVE-2021-38185)

GNU cpio through 2.13 allows attackers to execute arbitrary code via a crafted pattern file, because of a dstring.c dsfgetstr integer overflow that triggers an out-of-bounds heap write. NOTE: it is unclear whether there are common cases where the pattern file, associated with the -E option, is...

CVE-2026-22190

The egg-mkfont utility in Panda3D versions up to and including 1.10.16 contains an uncontrolled format string vulnerability. The -gp glyph pattern command-line option is used directly as the format string for sprintf with only a single argument supplied. If an attacker provides additional format...

CVE-2026-22189

Panda3D versions up to and including 1.10.16 egg-mkfont contains a stack-based buffer overflow vulnerability due to use of an unbounded sprintf call with attacker-controlled input. When constructing glyph filenames, egg-mkfont formats a user-supplied glyph pattern -gp into a fixed-size stack buff...

CVE-2026-22190

Panda3D versions up to and including 1.10.16 egg-mkfont contains an uncontrolled format string vulnerability. The -gp glyph pattern command-line option is used directly as the format string for sprintf with only a single argument supplied. If an attacker provides additional format specifiers,...

CVE-2026-22190 Panda3D <= 1.10.16 egg-mkfont Format String Information Disclosure

The egg-mkfont utility in Panda3D versions up to and including 1.10.16 contains an uncontrolled format string vulnerability. The -gp glyph pattern command-line option is used directly as the format string for sprintf with only a single argument supplied. If an attacker provides additional format...

CVE-2026-22190

Summary of CVE-2026-22190 (Panda3D) Affected: Panda3D up to and including 1.10.16, specifically the egg-mkfont utility. Vulnerability: Uncontrolled format string in the -gp (glyph pattern) option. The option is passed directly as the format string to sprintf() with only one argument. If an attack...

CVE-2026-22190 Panda3D <= 1.10.16 egg-mkfont Format String Information Disclosure

The egg-mkfont utility in Panda3D versions up to and including 1.10.16 contains an uncontrolled format string vulnerability. The -gp glyph pattern command-line option is used directly as the format string for sprintf with only a single argument supplied. If an attacker provides additional format...

CVE-2026-22189 Panda3D <= 1.10.16 egg-mkfont Stack Buffer Overflow

The egg-mkfont utility in Panda3D versions up to and including 1.10.16 contains a stack-based buffer overflow vulnerability due to use of an unbounded sprintf call with attacker-controlled input. When constructing glyph filenames, egg-mkfont formats a user-supplied glyph pattern -gp into a...

CVE-2026-22189

CVE-2026-22189 affects Panda3D

CVE-2026-22189 Panda3D <= 1.10.16 egg-mkfont Stack Buffer Overflow

The egg-mkfont utility in Panda3D versions up to and including 1.10.16 contains a stack-based buffer overflow vulnerability due to use of an unbounded sprintf call with attacker-controlled input. When constructing glyph filenames, egg-mkfont formats a user-supplied glyph pattern -gp into a...

PT-2026-2163

Name of the Vulnerable Software and Affected Versions Panda3D versions up to and including 1.10.16 Description The software contains a stack-based buffer overflow issue because of the use of an unbounded sprintf call with input controlled by an attacker. When creating glyph filenames, the softwar...

Malware-Analysis-Project-SLMAIL-5.5-BOF-

Malware Analysis Project Introduction to exploit development w...

CVE-2025-67419

A Denial of Service DoS vulnerability in evershop 2.1.0 and prior allows unauthenticated attackers to exhaust the application server's resources via the "GET /images" API. The application fails to limit the height of the use-element shadow tree or the dimensions of pattern tiles during the...