CVE-2026-6643

A stack-based buffer overflow vulnerability was found in the VPN Clients on the ADM. The issue stems from the use of unbounded sscanf and passing user-controlled data directly to printf. Due to the lack of PIE and Stack Canary protections, an authenticated remote attacker can exploit these to...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-004329)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-004329 advisory. In the Android kernel in sync debug fs driver there is a kernel pointer leak due to the usage of printf with %p. This could lead to local information disclosure with...

BIT-SQLITE-2020-13434

SQLite through 3.32.0 has an integer overflow in sqlite3strvappendf in printf.c...

B. Braun SpaceCom2 格式化字符串错误漏洞

B. Braun SpaceCom2, a hardware device from B. Braun, is used to connect to an external device to record data in a patient data management system, PC, or USB memory stick. A remote, unauthenticated attacker could use this vulnerability to gain user-level command-line access by passing a raw extern...

1ib (>=1.0.9 <=1.0.11), 4front-cli (>=0.0.1 <=0.0.20) +375 more potentially affected by CVE-2021-23354 via printf (>=0.0.4 <=0.6.0)

printf NPM version =0.0.4, =1.0.9, =0.0.1, =1.0.0, =0.1.0, =0.1.0, =0.1.0, =0.2.0, =0.1.0, =0.1.5, =1.3.0, =1.2.26, =1.2.31, =7.54.0 and more Source cves: CVE-2021-23354 Source advisory: OSV:GHSA-XFHP-GMH8-R8V2...

1ib (>=1.0.9 <=1.0.11), 4front-cli (>=0.0.1 <=0.0.20) +375 more potentially affected by CVE-2021-23354 via printf (>=0.0.4 <=0.6.0)

printf NPM version =0.0.4, =1.0.9, =0.0.1, =1.0.0, =0.1.0, =0.1.0, =0.1.0, =0.2.0, =0.1.0, =0.1.5, =1.3.0, =1.2.26, =1.2.31, =7.54.0 and more Source cves: CVE-2021-23354 Source advisory: SNYK:JS-PRINTF-1072096...

Apple iOS SQLite Buffer Overflow Vulnerability

Apple iOS is the latest operating system that runs on Apple's iPhone and iPod touch devices. Multiple buffer overflows in the printf implementation of Apple iOS SQLite allow attackers to exploit vulnerabilities to conduct denial of service attacks or execute arbitrary code...

array index error in dtoa implementation of many products

Array index error in the 1 dtoa implementation in dtoa.c aka pdtoa.c and the 2 gdtoa aka new dtoa implementation in gdtoa/misc.c in libc, as used in multiple operating systems and products including in FreeBSD 6.4 and 7.2, NetBSD 5.0, OpenBSD 4.5, Mozilla Firefox 3.0.x before 3.0.15 and 3.5.x...

w3m: Format string vulnerability

Background w3m is a multi-platform text-based web browser. Description w3m in -dump or -backend mode does not correctly handle printf format string specifiers in the Common Name CN field of an X.509 SSL certificate. Impact An attacker could entice a user to visit a malicious website that would lo...

ANDR : Format String Vulnerability

Format string vulnerability Andrey Kolischak March, 2001 [email protected] Format string vulnerability It is no secret that most of the software, in addition to specific vulnerabilities, contains “holes” associated with an incorrect programming style. If some of these holes, such as buffer overflows,...