CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

552 matches found

CNNVD•added 2026/02/11 12:0 a.m.•3 views

OpenSatKit 安全漏洞

OpenSatKit is an open-source application development toolkit developed by OpenSatKit. Version 2.2.1 of OpenSatKit contains a security vulnerability. This vulnerability stems from the use of an insecure sprintf call in the EventErrStr buffer, which may lead to a stack buffer overflow...

9.8CVSS6.1AI score0.00065EPSS

Exploits0References4

Cvelist•added 2026/02/11 12:0 a.m.•19 views

CVE-2025-70085

An issue was discovered in OpenSatKit 2.2.1. The EventErrStr buffer has a fixed size of 256 bytes. The code uses sprintf to format two filenames Source1Filename and the string returned by FileUtilFileStateStr into this buffer without any length checking and without using bounded format specifiers...

0.00065EPSS

Exploits0References4

Vulnrichment•added 2026/02/11 12:0 a.m.•2 views

CVE-2025-70085

6AI score0.00065EPSS

Exploits0References4

CVE•added 2026/02/11 12:0 a.m.•11 views

CVE-2025-70085

OpenSatKit 2.2.1 is affected by a stack-based buffer overflow in EventErrStr (256-byte) caused by unsafe sprintf usage when formatting two filenames into the buffer (Source1Filename and FileUtil_FileStateStr). Affected functions include FILE_ConcatenateCmd() and ConcatenateFiles() in file.c, with...

9.8CVSS6AI score0.00065EPSS

Exploits0References4Affected Software1

Positive Technologies•added 2026/02/11 12:0 a.m.•2 views

PT-2026-7680

Redir 3.3 contains a stack overflow vulnerability in the doproxyconnect function that allows attackers to crash the application by sending oversized input. Attackers can exploit the sprintf buffer without proper length checking to overwrite memory and cause a segmentation fault, resulting in...

8.7CVSS5.8AI score0.00056EPSS

Exploits0References4

ATTACKERKB•added 2026/02/11 12:0 a.m.•2 views

CVE-2025-70085

6AI score0.00065EPSS

Exploits0References5

Tenable Nessus•added 2026/01/27 12:0 a.m.•2 views

Unity Linux 20.1050e Security Update: kernel (UTSA-2026-005104)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005104 advisory. In the Linux kernel, the following vulnerability has been resolved: dev/parport: fix the array out-of-bounds risk Fixed array out-of-bounds issues caused by sprintf ...

7.8CVSS6.8AI score0.00022EPSS

Exploits0References3

Tenable Nessus•added 2026/01/16 12:0 a.m.•1 views

MiracleLinux 7 : ruby-2.0.0.648-33.0.1.el7.AXS7 (AXSA:2018-2583:01)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2018-2583:01 advisory. It was discovered that the Net::FTP module did not properly process filenames in combination with certain operations. A remote attacker could exploi...

9.8CVSS8.7AI score0.88646EPSS

Exploits14References12

RedhatCVE•added 2026/01/09 9:9 a.m.•3 views

CVE-2026-22189

The egg-mkfont utility in Panda3D versions up to and including 1.10.16 contains a stack-based buffer overflow vulnerability due to use of an unbounded sprintf call with attacker-controlled input. When constructing glyph filenames, egg-mkfont formats a user-supplied glyph pattern -gp into a...

9.8CVSS6.4AI score0.00165EPSS

Exploits1References1

RedhatCVE•added 2026/01/09 9:2 a.m.•1 views

CVE-2023-25085

Multiple buffer overflow vulnerabilities exist in the vtyshubus binary of Milesight UR32L v32.3.0.5 due to the use of an unsafe sprintf pattern. A specially crafted HTTP request can lead to arbitrary code execution. An attacker with high privileges can send HTTP requests to trigger these...

7.2CVSS8.1AI score0.00181EPSS

Exploits1References1

RedhatCVE•added 2026/01/09 9:2 a.m.•7 views

CVE-2023-25096

7.2CVSS8AI score0.00291EPSS

Exploits1References1

RedhatCVE•added 2026/01/09 9:2 a.m.•2 views

CVE-2023-25087

7.2CVSS8.1AI score0.00291EPSS

Exploits1References1

RedhatCVE•added 2026/01/09 9:2 a.m.•2 views

CVE-2023-25092