Cross-site Scripting

pimcore/admin-ui-classic-bundle is vulnerable to Cross-site Scripting. The vulnerability is due to sprintf function in functions.js which does not perform any escaping or sanitization of the subst and str value itself. This can lead to Cross-Site Scripting vulnerabilities if the str is later...

Tenda G3 安全漏洞

Tenda G3 is a Qos Vpn router from Tenda, China. A security vulnerability exists in the Tenda G3 firmware version USG3V3.0brV15.11.0.67663ENTDE, which originates from a buffer overflow due to sprintf in a function in its httpd binary component...

PT-2025-8195

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A buffer overflow issue has been identified in the Linux kernel's MMC core, which used the sprintf function for sysfs output. This function is vulnerable to buffer overflow. The issue wa...

CVE-2017-0898

A buffer underflow was found in ruby's sprintf function. An attacker, with ability to control its format string parameter, could send a specially crafted string that would disclose heap memory or crash the interpreter...

Buffer overflow

An issue was discovered on D-Link DCS-1100 and DCS-1130 devices. The device has a custom binary called mp4ts under the /var/www/video folder. It seems that this binary dumps the HTTP VERB in the system logs. As a part of doing that it retrieves the HTTP VERB sent by the user and uses a vulnerable...

Hidden for 19 years WinRAR code execution vulnerability-vulnerability warning-the black bar safety net

The researchers found WinRAR logic vulnerabilities that can full access to the victims computer control. The exploit only requires from the compressed file to extract it can work, more than 5 million users affected. More importantly, the vulnerability has been there 19 years, forcing WinRAR...

CVE-2014-1545

Mozilla Netscape Portable Runtime NSPR before 4.10.6 allows remote attackers to execute arbitrary code or cause a denial of service out-of-bounds write via vectors involving the sprintf and console functions...

UBUNTU-CVE-2014-1545

Mozilla Netscape Portable Runtime NSPR before 4.10.6 allows remote attackers to execute arbitrary code or cause a denial of service out-of-bounds write via vectors involving the sprintf and console functions...

CVE-2011-0524

Multiple buffer overflows in the NMEA parser nmea-gen.c in gypsy 0.8 allow local users to cause a denial of service crash via unspecified vectors related to the sprintf function...

Buffer overflow

Multiple buffer overflows in the NMEA parser nmea-gen.c in gypsy 0.8 allow local users to cause a denial of service crash via unspecified vectors related to the sprintf function...

CVE-2011-0524

Multiple buffer overflows in the NMEA parser nmea-gen.c in gypsy 0.8 allow local users to cause a denial of service crash via unspecified vectors related to the sprintf function...

Buffer overflow

Buffer overflow in ovutil.dll in ovwebsnmpsrv.exe in HP OpenView Network Node Manager OV NNM 7.51 and 7.53 allows remote attackers to execute arbitrary code via unspecified variables to jovgraph.exe, which are not properly handled in a call to the sprintf function...

WebEx UCF atucfobj.dll ActiveX NewObject Method Buffer Overflow

This module exploits a stack-based buffer overflow in WebEx's WebexUCFObject ActiveX Control. If a long string is passed to the 'NewObject' method, a stack- based buffer overflow will occur when copying attacker-supplied data using the sprintf function. It is noteworthy that this vulnerability wa...

CVE-2008-7174

Multiple buffer overflows in the Jura Internet Connection Kit for the Jura Impressa F90 coffee maker allow remote attackers to cause a denial of service crash and possibly execute arbitrary code via unspecified vectors related to improper use of the gets and sprintf functions...

Thunder local overflow POC-the exploit-warning-the black bar safety net

By:mad DogB. C. T Previously been in the pass thunder and 0day, the Activex should be almost, but also not neglect, or uninstall it, today the abundance of the initial issuance to a URL, the original pixel a Thunderbolt 0day, see the instructions or remotely! Feel a, look at that vulnerability...

Firebird process_packet() Remote Stack Overflow Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Firebird SQL server. Authentication is not required to exploit this vulnerability. The specific flaw exists within the database service fbserver.exe, which binds to TCP port 3050. When processing a...

Stack overflow

Stack-based buffer overflow in the giomgr process in ESRI ArcSDE service 9.2, as used with ArcGIS, allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via a large number that requires more than 8 bytes to represent in ASCII, which triggers the overflow i...

CVE-2007-4278

Stack-based buffer overflow in the giomgr process in ESRI ArcSDE service 9.2, as used with ArcGIS, allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via a large number that requires more than 8 bytes to represent in ASCII, which triggers the overflow i...

Star Wars Jedi Knight: Jedi Academy 1.0.11 - Buffer Overflow (PoC)

source: https://www.securityfocus.com/bid/12977/info A buffer overflow is present in Jedi Academy that can be exploited remotely by client systems. The overflow is due to the use of the sprintf function in a text visualization procedure, GPrintf. The attacker can exploit this vulnerability to...

British National Corpus SARA - Remote Buffer Overflow

source: https://www.securityfocus.com/bid/10984/info sarad is reported prone to a buffer overflow vulnerability. This issue presents itself due to insufficient sanitization of user-supplied data. A remote attacker can trigger the overflow condition by supplying a large string value to the...