GNU C Library 缓冲区错误漏洞

The GNU C Library glibc, libc6 is an open source, free C language compiler released under the LGPL license. A security vulnerability exists in the GNU C Library that stems from a buffer overflow out-of-bounds write in sprintf when certain buffer sizes are correct...

PT-2022-36762 · Git +1 · Mruby

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided description. Description: The issue is related to a crash caused by a negative-size-param, which occurs in the mrb str format function, followed by mrb f sprintf and mrb vm exec. ...

CVE-2022-36587

In Tenda G3 USG3V3.0brV15.11.0.67663ENTDE, there is a buffer overflow vulnerability caused by sprintf in function in the httpd binary...

CVE-2022-36587

In Tenda G3 USG3V3.0brV15.11.0.67663ENTDE, there is a buffer overflow vulnerability caused by sprintf in function in the httpd binary...

CVE-2022-36587

In Tenda G3 USG3V3.0brV15.11.0.67663ENTDE, there is a buffer overflow vulnerability caused by sprintf in function in the httpd binary...

Tenda G3 安全漏洞

Tenda G3 is a Qos Vpn router from Tenda, China. A security vulnerability exists in the Tenda G3 firmware version USG3V3.0brV15.11.0.67663ENTDE, which originates from a buffer overflow due to sprintf in a function in its httpd binary component...

CVE-2022-30521

The LAN-side Web-Configuration Interface has Stack-based Buffer Overflow vulnerability in the D-Link Wi-Fi router firmware DIR-890L DIR890LA1FW107b09.bin and previous versions. The function created at 0x17958 of /htdocs/cgibin will call sprintf without checking the length of strings in parameters...

CVE-2021-34587

In Bender/ebee Charge Controllers in multiple versions a long URL could lead to webserver crash. The URL is used as input of an sprintf to a stack variable...

CVE-2021-34587

In Bender/ebee Charge Controllers in multiple versions a long URL could lead to webserver crash. The URL is used as input of an sprintf to a stack variable...

Stack overflow

In Bender/ebee Charge Controllers in multiple versions a long URL could lead to webserver crash. The URL is used as input of an sprintf to a stack variable...

VulFi - Plugin To IDA Pro Which Can Be Used To Assist During Bug Hunting In Binaries

The VulFi Vulnerability Finder tool is a plugin to IDA Pro which can be used to assist during bug hunting in binaries. Its main objective is to provide a single view with all cross-references to the most interesting functions such as strcpy, sprintf, system, etc.. For cases where a Hexrays...

GSD-2022-1001295 mmc: core: use sysfs_emit() instead of sprintf()

mmc: core: use sysfsemit instead of sprintf This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.17.2 by commit...

Buffer overflow

D-Link DIR-645 1.03 A1 is vulnerable to Buffer Overflow. The hnapmain function in the cgibin handler uses sprintf to format the soapaction header onto the stack and has no limit on the size...

Security update for libcaca (important)

openSUSE Security Update: Security update for libcaca Announcement ID: openSUSE-SU-2022:0769-1 Rating: important References: 1184751 1184752 Cross-References: CVE-2021-30498 CVE-2021-30499 CVSS scores: CVE-2021-30498 NVD : 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVE-2021-30498 SUSE: 9.8...

Debian DLA-2890-1 : libspf2 - LTS security update

The remote Debian 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-2890 advisory. - libspf2 before 1.2.11 has a four-byte heap-based buffer overflow that might allow remote attackers to execute arbitrary code via an unauthenticated e-mail messag...

CVE-2021-33912

libspf2 before 1.2.11 has a four-byte heap-based buffer overflow that might allow remote attackers to execute arbitrary code via an unauthenticated e-mail message from anywhere on the Internet with a crafted SPF DNS record, because of incorrect sprintf usage in SPFrecordexpanddata in spfexpand.c...

CVE-2021-33912

libspf2 before 1.2.11 has a four-byte heap-based buffer overflow that might allow remote attackers to execute arbitrary code via an unauthenticated e-mail message from anywhere on the Internet with a crafted SPF DNS record, because of incorrect sprintf usage in SPFrecordexpanddata in spfexpand.c...

PT-2025-8195

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A buffer overflow issue has been identified in the Linux kernel's MMC core, which used the sprintf function for sysfs output. This function is vulnerable to buffer overflow. The issue wa...

Huawei EulerOS: Security Advisory for python (EulerOS-SA-2021-1911)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Solaris 10 1/13 (Intel) - (dtprintinfo) Local Privilege Escalation Exploit(3)

Exploit Title: Solaris 10 1/13 Intel - 'dtprintinfo' Local Privilege Escalation 3 Exploit Author: Marco Ivaldi Vendor Homepage: https://www.oracle.com/solaris/solaris10/ Version: Solaris 10 Tested on: Solaris 10 1/13 Intel / raptordtprintcheckdirintel2.c - Solaris/Intel FMT LPE Copyright c 2020...