147 matches found
Qnap QTS and QuTS hero Use of Externally-Controlled Format String (CVE-2024-50400)
A use of externally-controlled format string vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow remote attackers who have gained administrator access to obtain secret data or modify memory. We have already fixed the...
EUVD-2023-52297
Malicious code in bioql PyPI...
ComSndFTP Server 1.3.7 Beta Denial Of Service
!/usr/bin/perl ComSndFTP Server Remote Format String Denial of Service DoS use strict; use warnings; use IO::Socket; $| = 1; my $host = "192.168.172.136"; my $port = "21""; my $payload = '%s%p%x%d'; print "Connecting... "; my $sock = IO::Socket::INET-new PeerAddr = $host, PeerPort = $port, Proto ...
CVE-2023-48221 wire-avs remote format string vulnerability
wire-avs provides Audio, Visual, and Signaling AVS functionality sure the secure messaging software Wire. Prior to versions 9.2.22 and 9.3.5, a remote format string vulnerability could potentially allow an attacker to cause a denial of service or possibly execute arbitrary code. The issue has bee...
CVE-2023-48221 wire-avs remote format string vulnerability
wire-avs provides Audio, Visual, and Signaling AVS functionality sure the secure messaging software Wire. Prior to versions 9.2.22 and 9.3.5, a remote format string vulnerability could potentially allow an attacker to cause a denial of service or possibly execute arbitrary code. The issue has bee...
PT-2023-30738 · Wire-Avs · Wire-Avs
Name of the Vulnerable Software and Affected Versions: wire-avs versions prior to 9.2.22 wire-avs versions prior to 9.3.5 Description: A remote format string issue could potentially allow an attacker to cause a denial of service or possibly execute arbitrary code. Recommendations: For versions...
GHSA-2J6V-XPF3-XVRV Use of Externally-Controlled Format String in wire-avs
Impact A remote format string vulnerability allowed an attacker to cause a denial of service or possibly execute arbitrary code. Patches The issue has been fixed in wire-avs 7.1.12 and is already included on all Wire products currently used version is 8.0.x Workarounds No workaround known...
Axis Communications MPQTPACS 5.20.x - Server-Side Include Daemon Remote Format String
Axis Communications MPQTPACS 5.20.x - Server-Side Include Daemon Remote Format String !/usr/bin/env python2.7 SOF Remote Format String Exploit Axis Communications MPQT/PACS Server Side Include SSI Daemon Research and development by bashis 2016 This format string vulnerability has following...
PHP Remote Formatting String Vulnerability
PHP is an open source general-purpose computer scripting language. A remote format string vulnerability exists in PHP that can be exploited by a remote attacker to crash an application or execute arbitrary code by submitting a special request. A remote attacker could exploit the vulnerability to...
NSI Rwhoisd 1.5 - Remote Format String Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/3474/info Rwhoisd is a publicly available RWHOIS server daemon for Unix based systems developed and maintained by Network Solutions Inc. Rwhoisd contains a remotely exploitable format string vulnerability. It is possible ...
SonicWALL Global VPN Client 4.0.782 Remote Format String Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/26689/info SonicWALL Global VPN Client is prone to a remote format-string vulnerability because it fails to properly sanitize user-supplied input before passing it as the format specifier to a formatted-printing function...
Alt-N MDaemon 8.1.1 IMAP Server Remote Format String Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/16854/info Alt-N MDaemon IMAP Server is affected by a remote format-string vulnerability. This issue is due to the application's failure to properly sanitize user-supplied input before using it in the format-specifier...
WarFTP Daemon 1.82 RC 11 Remote Format String Vulnerability
No description provided by source. Exploit Title: War FTP Daemon Remote Format String Vulnerability crash: http://img826.imageshack.us/img826/6222/69004160.png Date: 2012-08-30 Author: coolkaveh [email protected] https://twitter.com/coolkaveh Vendor Homepage: http://www.warftp.org Version:...
Vinagre < 2.24.2 show_error() Remote Format String PoC
No description provided by source. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Core Security Technologies - CoreLabs Advisory http://www.coresecurity.com/corelabs/ Vinagre showerror format string vulnerability 1. Advisory Information Title: Vinagre showerror format string vulnerability Advisory...
SurgeMail and WebMail <= 3.0 - 'Page' Command Remote Format String Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/27990/info SurgeMail and WebMail are prone to a remote format-string vulnerability because the applications fail to properly sanitize user-supplied input before including it in the format-specifier argument of a...
Berlios gpsd <= 2.7.x Remote Format String Vulnerability
No description provided by source. / Added , on line 75 /str0ke / / Copyright Johnh and KF 2005 Gpsd remote format string exploit By: Johnhatdigitalmunitiondotcom Bug Found By: kfatdigitalmunitiondotcom http://www.digitalmunition.com/DMA2005-0125a.txt Features: Version ident Debian machines provi...
GNU Mailutils imap4d 0.5 < 0.6.90 Remote Format String Exploit
No description provided by source. / gun-imapd.c gnu mailutils-0.5 - mailutils-0.6.90 remote formatstring exploit written and tested on FC3. this is a first testing version and the onlyone to go public. by [email protected] / include stdio.h include string.h include unistd.h include stdlib.h...
Xine 0.99.4 M3U Remote Format String Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/22252/info The 'xine' program is prone to a remote format-string vulnerability because the application fails to properly sanitize user-supplied input before including it in the format-specifier argument of a...
Epic Games Unreal Tournament Server 436.0 Engine Remote Format String Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/9840/info A format string vulnerability has been reported to exists in the Unreal Tournament server engine. This issue is due to a failure of the server application to properly sanitize user supplied network data...
Perdition 1.17 IMAPD __STR_VWRITE Remote Format String Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/26270/info Perdition IMAP proxy server is prone to a remote format-string vulnerability because it fails to properly sanitize user-supplied input before passing it as the format specifier to a formatted-printing function...