348 matches found
CVE-2023-25139
A vulnerability was found in glibc. When the printf family of functions is called with a format specifier that uses an apostrophe enable grouping and a minimum width specifier, the resulting output could be larger than reasonably expected by a caller that computed a tight bound on the buffer size...
PT-2023-1016 · Vim +8 · Vim +8
Name of the Vulnerable Software and Affected Versions: Vim versions prior to 9.0.1144 Description: The issue is related to a heap-based buffer overflow in the msg puts printf function of the Vim text editor, which can be exploited to execute arbitrary code on the target system. This is a result o...
22-Year-Old Vulnerability Reported in Widely Used SQLite Database Library
A high-severity vulnerability has been disclosed in the SQLite database library, which was introduced as part of a code change dating all the way back to October 2000 and could enable attackers to crash or control programs. Tracked as CVE-2022-35737 CVSS score: 7.5, the 22-year-old issue affects...
curl security update
7.61.1-22.el86.3 - fix too eager reuse of TLS and SSH connections CVE-2022-27782 7.61.1-22.el86.2 - fix invalid type in printf argument detected by Coverity 7.61.1-22.el86.1 - fix credential leak on redirect CVE-2022-27774 - fix auth/cookie leak on redirect CVE-2022-27776 - fix OAUTH2 bearer bypa...
Linux/x86_64 - sudo enumeration Shellcode (245 bytes)
sudo vulnerability enumeration shellcode / sudo vulnerability enumeration shellcode xordynamic - Linux/x8664 Author : Kağan Çapar contact: email protected shellcode len : 245 bytes compilation: gcc -fno-stack-protector -z execstack .c -o "disasssemble only main." 0000000000001179 : 1179: 55 push...
Huawei EulerOS: Security Advisory for glibc (EulerOS-SA-2022-1122)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
in clasp-developers/clasp
Description Clasp uses printf to log errors and useful information, in one instance of this logging - the printf call specifies format operators but lacks the appropriate arguments - leading to unrelated bytes being included in the output. Impact This vulnerability is capable of allowing an...
Binaryen Stack Buffer Overflow Vulnerability
Binaryen is a compiler infrastructure and toolchain library for WebAssembly written in C++. Binaryen has a stack buffer overflow vulnerability in version 103, which originates when the software printf public function performs an operation in memory, and can be exploited by an attacker to cause...
DEBIAN-CVE-2021-46050
A Stack Overflow vulnerability exists in Binaryen 103 via the printfcommon function...
UBUNTU-CVE-2021-46050
A Stack Overflow vulnerability exists in Binaryen 103 via the printfcommon function...
Binaryen 缓冲区错误漏洞
Binaryen is a compiler infrastructure and toolchain library for WebAssembly written in C++. Binaryen has a stack buffer overflow vulnerability in version 103, which originates when the software printf public function performs an operation in memory, and can be exploited by an attacker to cause...
PT-2022-12531 · Binaryen +1 · Binaryen +1
Name of the Vulnerable Software and Affected Versions: Binaryen version 103 Description: A Stack Overflow issue exists via the printf common function. This allows for a potential overflow, which could be exploited. Recommendations: For Binaryen version 103, consider disabling the printf common...
PT-2022-5232
Name of the Vulnerable Software and Affected Versions SQLite versions 1.0.12 through 3.39.x before 3.39.2 Description The issue is related to an array-bounds overflow in the SQLite API library, which can be triggered by a remote attacker using a long sequence of string data processed by the print...
glibc: stack-based buffer overflow if the input to any of the printf family of functions is an 80-bit long double with a non-canonical bit pattern
A stack buffer overflow flaw was found in glibc in the way the printf family of functions processed an 80-bit long double with a non-canonical bit pattern. This flaw allows an attacker who can control the arguments of these functions with the non-standard long double pattern to trigger an overflo...
Moderate: Red Hat Security Advisory: glibc security and bug fix update
An update for glibc is now available for Red Hat Enterprise Linux 7.6 Advanced Update Support, Red Hat Enterprise Linux 7.6 Telco Extended Update Support, and Red Hat Enterprise Linux 7.6 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact...
CVE-2021-33886
An improper sanitization of input vulnerability in B. Braun SpaceCom2 prior to 012U000062 allows a remote unauthenticated attacker to gain user-level command-line access by passing a raw external string straight through to printf statements. The attacker is required to be on the same network as t...
B. Braun SpaceCom2 格式化字符串错误漏洞
B. Braun SpaceCom2, a hardware device from B. Braun, is used to connect to an external device to record data in a patient data management system, PC, or USB memory stick. A remote, unauthenticated attacker could use this vulnerability to gain user-level command-line access by passing a raw extern...
CVE-2021-0646
In sqlite3strvappendf of sqlite3.c, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege if the user can also inject a printf into a privileged process's SQL with no additional execution privileges needed. User interaction is n...
CVE-2021-0646
In sqlite3strvappendf of sqlite3.c, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege if the user can also inject a printf into a privileged process's SQL with no additional execution privileges needed. User interaction is n...
RHEL 7 : glibc (RHSA-2021:2998)
The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2021:2998 advisory. The glibc packages provide the standard C libraries libc, POSIX thread libraries libpthread, standard math libraries libm, and the name...