Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

552 matches found

Cvelist
Cvelistadded 2020/03/11 11:30 p.m.11 views

CVE-2019-5180

An exploitable stack buffer overflow vulnerability vulnerability exists in the iocheckd service ‘I/O-Check’ functionality of WAGO PFC 200 Firmware version 03.02.0214. An attacker can send a specially crafted packet to trigger the parsing of this cache file. The destination buffer sp+0x440 is...

7.7AI score0.00061EPSS
Exploits1References1
Cvelist
Cvelistadded 2020/03/11 11:25 p.m.14 views

CVE-2019-5177

An exploitable stack buffer overflow vulnerability vulnerability exists in the iocheckd service ‘I/O-Check’ functionality of WAGO PFC 200 Firmware version 03.02.0214. The destination buffer sp+0x440 is overflowed with the call to sprintf for any domainname values that are greater than...

6.3AI score0.00159EPSS
Exploits1References1
Cvelist
Cvelistadded 2020/03/11 11:17 p.m.20 views

CVE-2019-5169

An exploitable command injection vulnerability exists in the iocheckd service ‘I/O-Check’ function of the WAGO PFC 200 Firmware version 03.02.0214. A specially crafted XML cache file written to a specific location on the device can be used to inject OS commands. An attacker can send a specially...

7.7AI score0.00292EPSS
Exploits1References1
NVD
NVDadded 2020/03/11 11:15 p.m.16 views

CVE-2019-5174

An exploitable command injection vulnerability exists in the iocheckd service ‘I/O-Check’ function of the WAGO PFC 200 version 03.02.0214. A specially crafted XML cache file written to a specific location on the device can be used to inject OS commands. An attacker can send a specially crafted...

7.8CVSS7.7AI score0.00325EPSS
Exploits1References1
NVD
NVDadded 2020/03/11 11:15 p.m.11 views

CVE-2019-5182

An exploitable stack buffer overflow vulnerability vulnerability exists in the iocheckd service ‘I/O-Check’ functionality of WAGO PFC 200 Firmware version 03.02.0214. An attacker can send a specially crafted packet to trigger the parsing of this cache file.The destination buffer sp+0x440 is...

5.5CVSS5.7AI score0.00061EPSS
Exploits1References1
Prion
Prionadded 2020/03/11 11:15 p.m.16 views

Command injection

An exploitable command injection vulnerability exists in the iocheckd service ‘I/O-Check’ function of the WAGO PFC 200 version 03.02.0214. A specially crafted XML cache file written to a specific location on the device can be used to inject OS commands. An attacker can send a specially crafted...

7.2CVSS7.7AI score0.00325EPSS
Exploits1References1Affected Software1
Prion
Prionadded 2020/03/11 11:15 p.m.14 views

Stack overflow

An exploitable stack buffer overflow vulnerability vulnerability exists in the iocheckd service ‘I/O-Check’ functionality of WAGO PFC 200 Firmware version 03.02.0214. An attacker can send a specially crafted packet to trigger the parsing of this cache file.The destination buffer sp+0x440 is...

2.1CVSS6.2AI score0.00061EPSS
Exploits1References1Affected Software1
Prion
Prionadded 2020/03/11 11:15 p.m.18 views

Command injection

An exploitable command injection vulnerability exists in the iocheckd service ‘I/O-Check’ function of the WAGO PFC 200 Firmware version 03.02.0214. A specially crafted XML cache file written to a specific location on the device can be used to inject OS commands. An attacker can send a specially...

7.2CVSS7.6AI score0.00325EPSS
Exploits1References1Affected Software1
Prion
Prionadded 2020/03/11 10:27 p.m.21 views

Command injection

An exploitable command injection vulnerability exists in the iocheckd service ‘I/O-Check’ function of the WAGO PFC 200 version 03.02.0214. At 0x1e3f0 the extracted dns value from the xml file is used as an argument to /etc/config-tools/editdnsserver %s dns-server-nr=%d dns-server-name= using...

7.2CVSS7.7AI score0.00538EPSS
Exploits1References1Affected Software1
Prion
Prionadded 2020/03/11 10:27 p.m.18 views

Command injection

An exploitable command injection vulnerability exists in the iocheckd service ‘I/O-Check’ function of the WAGO PFC 200 version 03.02.0214. An attacker can send a specially crafted XML cache file At 0x1e8a8 the extracted domainname value from the xml file is used as an argument to...

7.2CVSS7.7AI score0.00554EPSS
Exploits1References1Affected Software1
Talos
Talosadded 2020/03/09 12:0 a.m.166 views

WAGO PFC200 iocheckd service "I/O-Check" cache Multiple Code Execution Vulnerabilities

Summary An exploitable stack buffer overflow vulnerability vulnerability exists in the iocheckd service “I/O-Check” functionality of WAGO PFC 200. A specially crafted XML cache file written to a specific location on the device can cause a stack buffer overflow, resulting in code execution. An...

7.8CVSS6.8AI score0.00159EPSS
Exploits3
GithubExploit
GithubExploitadded 2020/02/28 9:12 p.m.264 views

Exploit for Stack-based Buffer Overflow in Juniper Junos

inetutils hasn't been updated in 5 years, and neither has the of...

7.8CVSS7.8AI score0.00115EPSS
Exploits2
RedhatCVE
RedhatCVEadded 2020/02/04 3:47 p.m.14 views

CVE-2019-19601

OpenDetex 2.8.5 has a Buffer Overflow in TexOpen in detex.l because of an incorrect sprintf...

7.8CVSS3.3AI score0.00457EPSS
Exploits1References3
OSV
OSVadded 2020/01/06 8:15 p.m.11 views

CVE-2020-5204

In uftpd before 2.11, there is a buffer overflow vulnerability in handlePORT in ftpcmd.c that is caused by a buffer that is 16 bytes large being filled via sprintf with user input based on the format specifier string %d.%d.%d.%d. The 16 byte size is correct for valid IPv4 addresses...

8.8CVSS7.3AI score
Exploits0References3
NVD
NVDadded 2020/01/06 8:15 p.m.8 views

CVE-2020-5204

In uftpd before 2.11, there is a buffer overflow vulnerability in handlePORT in ftpcmd.c that is caused by a buffer that is 16 bytes large being filled via sprintf with user input based on the format specifier string %d.%d.%d.%d. The 16 byte size is correct for valid IPv4 addresses...

8.8CVSS7.3AI score0.00686EPSS
Exploits0References3
Prion
Prionadded 2020/01/06 8:15 p.m.8 views

Buffer overflow

In uftpd before 2.11, there is a buffer overflow vulnerability in handlePORT in ftpcmd.c that is caused by a buffer that is 16 bytes large being filled via sprintf with user input based on the format specifier string %d.%d.%d.%d. The 16 byte size is correct for valid IPv4 addresses...

6.5CVSS8.8AI score0.00686EPSS
Exploits0References3Affected Software1
CVE
CVEadded 2020/01/06 7:10 p.m.156 views

CVE-2020-5204

CVE-2020-5204 affects uftpd prior to 2.11. A buffer overflow exists in FTP PORT parsing (ftpcmd.c handle_PORT) where a 16-byte buffer can overflow when filling input with a format string like %d.%d.%d.%d using user input. The root cause is sprintf-based population of the IPv4-like string exceedin...

8.8CVSS7.8AI score0.00686EPSS
Exploits0References3Affected Software1
Cvelist
Cvelistadded 2020/01/06 7:10 p.m.9 views

CVE-2020-5204 Buffer overflow vulnerability in uftpd

In uftpd before 2.11, there is a buffer overflow vulnerability in handlePORT in ftpcmd.c that is caused by a buffer that is 16 bytes large being filled via sprintf with user input based on the format specifier string %d.%d.%d.%d. The 16 byte size is correct for valid IPv4 addresses...

6.5CVSS9AI score0.00686EPSS
Exploits0References3
NVD
NVDadded 2019/12/05 1:15 p.m.7 views

CVE-2019-19601

OpenDetex 2.8.5 has a Buffer Overflow in TexOpen in detex.l because of an incorrect sprintf...

7.8CVSS7.6AI score0.00457EPSS
Exploits1References3
OSV
OSVadded 2019/12/05 1:15 p.m.6 views

CVE-2019-19601

OpenDetex 2.8.5 has a Buffer Overflow in TexOpen in detex.l because of an incorrect sprintf...

7.8CVSS6.7AI score
Exploits0References3
Rows per page
Query Builder