SUSE CVE-2020-5204

In uftpd before 2.11, there is a buffer overflow vulnerability in handlePORT in ftpcmd.c that is caused by a buffer that is 16 bytes large being filled via sprintf with user input based on the format specifier string %d.%d.%d.%d. The 16 byte size is correct for valid IPv4 addresses...

SUSE CVE-2023-25139

sprintf in the GNU C Library glibc 2.37 has a buffer overflow out-of-bounds write in some situations with a correct buffer size. This is unrelated to CWE-676. It may write beyond the bounds of the destination buffer when attempting to write a padded, thousands-separated string representation of a...

Wago PFC200 iocheckd service 'I/O-Check' cache Code Execution (CVE-2019-5182)

An exploitable stack buffer overflow vulnerability vulnerability exists in the iocheckd service I/O-Check' functionality of WAGO PFC 200 Firmware version 03.02.0214. An attacker can send a specially crafted packet to trigger the parsing of this cache file.The destination buffer sp+0x440 is...

Wago PFC200 iocheckd service 'I/O-Check' cache Command Injection (CVE-2019-5175)

An exploitable command injection vulnerability exists in the iocheckd service I/O-Check' function of the WAGO PFC 200 Firmware version 03.02.0214. A specially crafted XML cache file written to a specific location on the device can be used to inject OS commands. An attacker can send a specially...

Wago PFC200 iocheckd service 'I/O-Check' cache Code Execution (CVE-2019-5178)

An exploitable stack buffer overflow vulnerability vulnerability exists in the iocheckd service I/O-Check' functionality of WAGO PFC 200 Firmware version 03.02.0214. An attacker can send a specially crafted packet to trigger the parsing of this cache file. The destination buffer sp+0x440 is...

Wago PFC200 iocheckd service 'I/O-Check' cache Code Execution (CVE-2019-5180)

An exploitable stack buffer overflow vulnerability vulnerability exists in the iocheckd service I/O-Check' functionality of WAGO PFC 200 Firmware version 03.02.0214. An attacker can send a specially crafted packet to trigger the parsing of this cache file. The destination buffer sp+0x440 is...

Wago PFC200 iocheckd service 'I/O-Check' cache Code Execution (CVE-2019-5176)

An exploitable stack buffer overflow vulnerability vulnerability exists in the iocheckd service I/O-Check' functionality of WAGO PFC 200 Firmware version 03.02.0214. An attacker can send a specially crafted packet to trigger the parsing of this cache file.The destination buffer sp+0x40 is...

ALPINE-CVE-2023-25139

sprintf in the GNU C Library glibc 2.37 has a buffer overflow out-of-bounds write in some situations with a correct buffer size. This is unrelated to CWE-676. It may write beyond the bounds of the destination buffer when attempting to write a padded, thousands-separated string representation of a...

GNU C Library 缓冲区错误漏洞

The GNU C Library glibc, libc6 is an open source, free C language compiler released under the LGPL license. A security vulnerability exists in the GNU C Library that stems from a buffer overflow out-of-bounds write in sprintf when certain buffer sizes are correct...

PT-2022-36762 · Git +1 · Mruby

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided description. Description: The issue is related to a crash caused by a negative-size-param, which occurs in the mrb str format function, followed by mrb f sprintf and mrb vm exec. ...

CVE-2022-36587

In Tenda G3 USG3V3.0brV15.11.0.67663ENTDE, there is a buffer overflow vulnerability caused by sprintf in function in the httpd binary...

CVE-2022-36587

In Tenda G3 USG3V3.0brV15.11.0.67663ENTDE, there is a buffer overflow vulnerability caused by sprintf in function in the httpd binary...

CVE-2022-36587

In Tenda G3 USG3V3.0brV15.11.0.67663ENTDE, there is a buffer overflow vulnerability caused by sprintf in function in the httpd binary...

Tenda G3 安全漏洞

Tenda G3 is a Qos Vpn router from Tenda, China. A security vulnerability exists in the Tenda G3 firmware version USG3V3.0brV15.11.0.67663ENTDE, which originates from a buffer overflow due to sprintf in a function in its httpd binary component...

The vulnerability in the implementation of the sprintf() function in the microprogramming software for DIR-890L A1 allows a hacker to execute arbitrary code.

The vulnerability of the sprintf function implementation in the microprogramming-based router software DIR-890L A1 is related to incorrect checking of string lengths in HTTP headers. Exploiting this vulnerability could allow an attacker to execute arbitrary code by connecting through port 49152...

CVE-2022-30521

The LAN-side Web-Configuration Interface has Stack-based Buffer Overflow vulnerability in the D-Link Wi-Fi router firmware DIR-890L DIR890LA1FW107b09.bin and previous versions. The function created at 0x17958 of /htdocs/cgibin will call sprintf without checking the length of strings in parameters...

CVE-2021-34587

In Bender/ebee Charge Controllers in multiple versions a long URL could lead to webserver crash. The URL is used as input of an sprintf to a stack variable...

CVE-2021-34587

In Bender/ebee Charge Controllers in multiple versions a long URL could lead to webserver crash. The URL is used as input of an sprintf to a stack variable...

Stack overflow

In Bender/ebee Charge Controllers in multiple versions a long URL could lead to webserver crash. The URL is used as input of an sprintf to a stack variable...

VulFi - Plugin To IDA Pro Which Can Be Used To Assist During Bug Hunting In Binaries

The VulFi Vulnerability Finder tool is a plugin to IDA Pro which can be used to assist during bug hunting in binaries. Its main objective is to provide a single view with all cross-references to the most interesting functions such as strcpy, sprintf, system, etc.. For cases where a Hexrays...