EUVD-2026-16532

A security vulnerability has been detected in Shenzhen Ruiming Technology Streamax Crocus bis 1.3.44. Affected is an unknown function of the file /RemoteFormat.do of the component Endpoint. Such manipulation of the argument State leads to sql injection. It is possible to launch the attack remotel...

CVE-2026-4910

A security vulnerability has been detected in Shenzhen Ruiming Technology Streamax Crocus up to 1.3.44. Affected is an unknown function of the file /RemoteFormat.do of the component Endpoint. Such manipulation of the argument State leads to sql injection. It is possible to launch the attack...

Shenzhen Ruiming Streamax Crocus 安全漏洞

Shenzhen Ruiming Streamax Crocus is a vehicle monitoring device developed by Shenzhen Ruiming. Versions of Shenzhen Ruiming Streamax Crocus prior to 1.3.44 contained a security vulnerability. This vulnerability stemmed from improper handling of the State parameter in the file/RemoteFormat.do, whi...

Qnap QTS and QuTS hero Use of Externally-Controlled Format String (CVE-2024-50400)

A use of externally-controlled format string vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow remote attackers who have gained administrator access to obtain secret data or modify memory. We have already fixed the...

EUVD-2023-52297

Malicious code in bioql PyPI...

ComSndFTP Server 1.3.7 Beta Denial Of Service

!/usr/bin/perl ComSndFTP Server Remote Format String Denial of Service DoS use strict; use warnings; use IO::Socket; $| = 1; my $host = "192.168.172.136"; my $port = "21""; my $payload = '%s%p%x%d'; print "Connecting... "; my $sock = IO::Socket::INET-new PeerAddr = $host, PeerPort = $port, Proto ...

CVE-2023-48221 wire-avs remote format string vulnerability

wire-avs provides Audio, Visual, and Signaling AVS functionality sure the secure messaging software Wire. Prior to versions 9.2.22 and 9.3.5, a remote format string vulnerability could potentially allow an attacker to cause a denial of service or possibly execute arbitrary code. The issue has bee...

CVE-2023-48221 wire-avs remote format string vulnerability

wire-avs provides Audio, Visual, and Signaling AVS functionality sure the secure messaging software Wire. Prior to versions 9.2.22 and 9.3.5, a remote format string vulnerability could potentially allow an attacker to cause a denial of service or possibly execute arbitrary code. The issue has bee...

PT-2023-30738 · Wire-Avs · Wire-Avs

Name of the Vulnerable Software and Affected Versions: wire-avs versions prior to 9.2.22 wire-avs versions prior to 9.3.5 Description: A remote format string issue could potentially allow an attacker to cause a denial of service or possibly execute arbitrary code. Recommendations: For versions...

GHSA-2J6V-XPF3-XVRV Use of Externally-Controlled Format String in wire-avs

Impact A remote format string vulnerability allowed an attacker to cause a denial of service or possibly execute arbitrary code. Patches The issue has been fixed in wire-avs 7.1.12 and is already included on all Wire products currently used version is 8.0.x Workarounds No workaround known...

Multiple Dell iDRAC Product Remote Format String Vulnerabilities

The Dell iDRAC7 and iDRAC8 are both remote access control cards from Dell USA. A remote format string vulnerability exists in multiple Dell iDRAC products. A remote attacker could exploit this vulnerability to execute arbitrary code in the context of an application or cause a denial of service...

Axis Communications MPQTPACS 5.20.x - Server-Side Include Daemon Remote Format String

Axis Communications MPQTPACS 5.20.x - Server-Side Include Daemon Remote Format String !/usr/bin/env python2.7 SOF Remote Format String Exploit Axis Communications MPQT/PACS Server Side Include SSI Daemon Research and development by bashis 2016 This format string vulnerability has following...

PHP Remote Formatting String Vulnerability

PHP is an open source general-purpose computer scripting language. A remote format string vulnerability exists in PHP that can be exploited by a remote attacker to crash an application or execute arbitrary code by submitting a special request. A remote attacker could exploit the vulnerability to...

NSI Rwhoisd 1.5 - Remote Format String Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/3474/info Rwhoisd is a publicly available RWHOIS server daemon for Unix based systems developed and maintained by Network Solutions Inc. Rwhoisd contains a remotely exploitable format string vulnerability. It is possible ...

Alt-N MDaemon 8.1.1 IMAP Server Remote Format String Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/16854/info Alt-N MDaemon IMAP Server is affected by a remote format-string vulnerability. This issue is due to the application's failure to properly sanitize user-supplied input before using it in the format-specifier...

SonicWALL Global VPN Client 4.0.782 Remote Format String Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/26689/info SonicWALL Global VPN Client is prone to a remote format-string vulnerability because it fails to properly sanitize user-supplied input before passing it as the format specifier to a formatted-printing function...

PHP 3.0.16/4.0.2 - Remote Format Overflow Exploit

No description provided by source. / PHP 3.0.16/4.0.2 remote format overflow exploit. Copyright c 2000 Field Marshal Count August Anton Wilhelm Neithardt von Gneisenau [email protected] my regards to sheib and darkx All rights reserved Pascal Boucheraine's paper was enlightening THERE IS NO...

Vinagre < 2.24.2 show_error() Remote Format String PoC

No description provided by source. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Core Security Technologies - CoreLabs Advisory http://www.coresecurity.com/corelabs/ Vinagre showerror format string vulnerability 1. Advisory Information Title: Vinagre showerror format string vulnerability Advisory...

WarFTP Daemon 1.82 RC 11 Remote Format String Vulnerability

No description provided by source. Exploit Title: War FTP Daemon Remote Format String Vulnerability crash: http://img826.imageshack.us/img826/6222/69004160.png Date: 2012-08-30 Author: coolkaveh [email protected] https://twitter.com/coolkaveh Vendor Homepage: http://www.warftp.org Version:...

Perdition 1.17 IMAPD __STR_VWRITE Remote Format String Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/26270/info Perdition IMAP proxy server is prone to a remote format-string vulnerability because it fails to properly sanitize user-supplied input before passing it as the format specifier to a formatted-printing function...