Buffer under-read in String#unpack

Stringunpack receives format specifiers as its parameter, and can be specified the position of parsing the data by the specifier @. If a big number is passed with @, the number is treated as the negative value, and out-of-buffer read is occurred. So, if a script accepts an external input as the...

Buffer overflow

logger.c in the logger plugin in WeeChat before 1.9.1 allows a crash via strftime date/time specifiers, because a buffer is not initialized...

DEBIAN-CVE-2017-14727

logger.c in the logger plugin in WeeChat before 1.9.1 allows a crash via strftime date/time specifiers, because a buffer is not initialized...

UBUNTU-CVE-2017-14727

logger.c in the logger plugin in WeeChat before 1.9.1 allows a crash via strftime date/time specifiers, because a buffer is not initialized...

CVE-2017-9212

The Bluetooth stack on the BMW 330i 2011 allows a remote crash of the CD/Multimedia software via %x or %c format string specifiers in a device name...

CVE-2017-9212

The Bluetooth stack on the BMW 330i 2011 allows a remote crash of the CD/Multimedia software via %x or %c format string specifiers in a device name...

CVE-2016-4864

CVE-2016-4864 affects H2O web server: versions 2.0.3 and earlier and 2.1.0-beta2 and earlier are vulnerable to a DoS via format string specifiers in template files processed by fastcgi, mruby, proxy, redirect or reproxy. Connected sources confirm this vulnerability class and affected ranges, with...

CVE-2015-8106

Format string vulnerability in the CmdKeywords function in funct1.c in latex2rtf before 2.3.10 allows remote attackers to execute arbitrary code via format string specifiers in the \keywords command in a crafted TeX file...

PHP 5.6.x < 5.6.20 Multiple Vulnerabilities

According to its banner, the version of PHP running on the remote web server is 5.6.x prior to 5.6.20. It is, therefore, affected by multiple vulnerabilities : - A buffer over-write condition exists in the finfoopen function due to improper validation of magic files. An unauthenticated, remote...

CVE-2015-4067

Dell NetVault Backup (libnv6) is affected by an integer overflow in the handling of serialized object template string specifiers, causing a heap-based buffer overflow that enables remote arbitrary code execution. Affected products/versions: Dell NetVault Backup before 10.0.5. Exploit scenario: re...

Format string

Format string vulnerability in BACnOPCServer.exe in the SOAP web interface in SCADA Engine BACnet OPC Server before 2.1.371.24 allows remote attackers to execute arbitrary code via format string specifiers in a request...

Format string

Format string vulnerability in the rrdtool module 1.4.7 for Python, as used in Zenoss, allows context-dependent attackers to cause a denial of service crash via format string specifiers to the rrdtool.graph function...

Updated graphviz packages fix CVE-2014-9157

Updated graphviz packages fix security vulnerability: Format string vulnerability in the yyerror function in lib/cgraph/scan.l in Graphviz allows remote attackers to have unspecified impact via format string specifiers in unknown vector, which are not properly handled in an error string...

CVE-2014-9157

Format string vulnerability in the yyerror function in lib/cgraph/scan.l in Graphviz allows remote attackers to have unspecified impact via format string specifiers in unknown vectors, which are not properly handled in an error string...

ruby: off-by-one stack-based buffer overflow in the encodes() function

Off-by-one error in the encodes function in pack.c in Ruby 1.9.3 and earlier, and 2.x through 2.1.2, when using certain format string specifiers, allows context-dependent attackers to cause a denial of service segmentation fault via vectors that trigger a stack-based buffer overflow...

openSUSE Security Update : openSUSE-2014- (openSUSE-2014--1)

MozillaFirefox was updated to version 31 to fix various security issues and bugs : - MFSA 2014-56/CVE-2014-1547/CVE-2014-1548 Miscellaneous memory safety hazards - MFSA 2014-57/CVE-2014-1549 bmo1020205 Buffer overflow during Web Audio buffering for playback - MFSA 2014-58/CVE-2014-1550 bmo1020411...

Gedit 2.x Filename Format String Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/13699/info gEdit is prone to a format-string vulnerability. Exploitation may occur when the program is invoked with a filename that includes malicious format specifiers. Attackers could exploit this issue to corrupt...

CVE-2014-1315

Format string vulnerability in CoreServicesUIAgent in Apple OS X 10.9.x through 10.9.2 allows remote attackers to execute arbitrary code or cause a denial of service application crash via format string specifiers in a URL...

CVE-2013-1886

Format string vulnerability in the token processing system pki-tps in Red Hat Certificate System RHCS 8.1 and possibly Dogtag Certificate System 9 and 10 allows remote authenticated users to cause a denial of service crash and possibly execute arbitrary code via format string specifiers in...

Format string

Format string vulnerability in the client in Tftpd32 before 4.50 allows remote servers to cause a denial of service crash or possibly execute arbitrary code via format string specifiers in the Remote File field...