348 matches found
ALPINE-CVE-2020-13434
SQLite through 3.32.0 has an integer overflow in sqlite3strvappendf in printf.c...
CVE-2020-13434
SQLite through 3.32.0 has an integer overflow in sqlite3strvappendf in printf.c...
Arbitrary Code Execution
glibc is vulnerable to arbitrary code execution. An integer overflow flaw was found in the implementation of the printf functions family. This could allow an attacker to bypass FORTIFYSOURCE protections and execute arbitrary code using a format string flaw in an application, even though these...
CVE-2019-9444
In the Android kernel in sync debug fs driver there is a kernel pointer leak due to the usage of printf with %p. This could lead to local information disclosure with system execution privileges needed. User interaction is not needed for exploitation...
Stack overflow
Stack-based buffer overflow in the printf function implementations in PostgreSQL before 9.0.19, 9.1.x before 9.1.15, 9.2.x before 9.2.10, 9.3.x before 9.3.6, and 9.4.x before 9.4.1, when running on a Windows system, allows remote authenticated users to cause a denial of service crash and possibly...
CVE-2015-0242
CVE-2015-0242 is a PostgreSQL vulnerability affecting Windows builds of PostgreSQL prior to 9.0.19, 9.1.x before 9.1.15, 9.2.x before 9.2.10, 9.3.x before 9.3.6, and 9.4.x before 9.4.1. It causes a stack-based buffer overflow in the printf implementations when handling a floating-point number wit...
DEBIAN-CVE-2019-9444
In the Android kernel in sync debug fs driver there is a kernel pointer leak due to the usage of printf with %p. This could lead to local information disclosure with system execution privileges needed. User interaction is not needed for exploitation...
CVE-2019-9444
In the Android kernel in sync debug fs driver there is a kernel pointer leak due to the usage of printf with %p. This could lead to local information disclosure with system execution privileges needed. User interaction is not needed for exploitation...
CVE-2019-9444
In the Android kernel in sync debug fs driver there is a kernel pointer leak due to the usage of printf with %p. This could lead to local information disclosure with system execution privileges needed. User interaction is not needed for exploitation...
CVE-2019-9444
In the Android kernel in sync debug fs driver there is a kernel pointer leak due to the usage of printf with %p. This could lead to local information disclosure with system execution privileges needed. User interaction is not needed for exploitation...
Buffer Overflow
curl is vulnerable to buffer overflow vulnerability. The vulnerability occurs when doing a large floating point output in libcurl's implementation of the printf functions. The application accepts input format strings without doing a necessary input filtering. A remote attacker could send a format...
CVE-2019-7711
An issue was discovered in the Interpeak IPCOMShell TELNET server on Green Hills INTEGRITY RTOS 5.0.4. The undocumented shell command "prompt" sets the user controlled shell's prompt value, which is used as a format string input to printf, resulting in an information leak of memory addresses...
ALPINE-CVE-2019-8904
dobidnote in readelf.c in libmagic.a in file 5.35 has a stack-based buffer over-read, related to fileprintf and filevprintf...
Denial Of Service (DoS)
php is vulnerable to denial of service DoS attacks. The vulnerability exists through an Array index error in the 1 dtoa implementation in dtoa.c aka pdtoa.c and the 2 gdtoa aka new dtoa implementation in gdtoa/misc.c in libc, as used in multiple operating systems and products including in FreeBSD...
curl: printf floating point buffer overflow
curl before version 7.52.0 is vulnerable to a buffer overflow when doing a large floating point output in libcurl's implementation of the printf functions. If there are any application that accepts a format string from the outside without necessary input filtering, it could allow remote attacks...
Microctfs - Small CTF Challenges Running On Docker
Small CTF challenges running on Docker logviewer Build and Start logviewer challenge exposed on port 8000 cd logviewer docker build -t logviewer . docker run -d -p 8000:80 --name logchallenge logviewer Restart logviewer challenge docker rm -f logchallenge && docker run -d -p 8000:80 --name...
DEBIAN-CVE-2016-9586
curl before version 7.52.0 is vulnerable to a buffer overflow when doing a large floating point output in libcurl's implementation of the printf functions. If there are any application that accepts a format string from the outside without necessary input filtering, it could allow remote attacks...
Format string
curl before version 7.52.0 is vulnerable to a buffer overflow when doing a large floating point output in libcurl's implementation of the printf functions. If there are any application that accepts a format string from the outside without necessary input filtering, it could allow remote attacks...
CVE-2016-9586
curl before version 7.52.0 is vulnerable to a buffer overflow when doing a large floating point output in libcurl's implementation of the printf functions. If there are any application that accepts a format string from the outside without necessary input filtering, it could allow remote attacks...
CVE-2016-9586
curl before version 7.52.0 is vulnerable to a buffer overflow when doing a large floating point output in libcurl's implementation of the printf functions. If there are any application that accepts a format string from the outside without necessary input filtering, it could allow remote attacks...