CVE-2010-3843

The GTK version of ettercap uses a global settings file at /tmp/.ettercapgtk and does not verify ownership of this file. When parsing this file for settings in gtkuiconfread src/interfacesgtk/ecgtkconf.c, an unchecked sscanf call allows a maliciously placed settings file to overflow a...

Buffer overflow

The GTK version of ettercap uses a global settings file at /tmp/.ettercapgtk and does not verify ownership of this file. When parsing this file for settings in gtkuiconfread src/interfacesgtk/ecgtkconf.c, an unchecked sscanf call allows a maliciously placed settings file to overflow a...

CVE-2010-3843

The GTK version of ettercap uses a global settings file at /tmp/.ettercapgtk and does not verify ownership of this file. When parsing this file for settings in gtkuiconfread src/interfacesgtk/ecgtkconf.c, an unchecked sscanf call allows a maliciously placed settings file to overflow a...

Buffer Overflow

NeoMutt is vulnerable to buffer overflow. The vulnerability exist because of incorrect sscanf usage...

Denial Of Service (DoS)

Wireshark is vulnerable to denial of service. An attacker is able to crash the EAP dissector due to insecure sscanf parsing...

CVE-2020-9428

In Wireshark 3.2.0 to 3.2.1, 3.0.0 to 3.0.8, and 2.6.0 to 2.6.14, the EAP dissector could crash. This was addressed in epan/dissectors/packet-eap.c by using more careful sscanf parsing...

CVE-2019-19555

readtextobject in read.c in Xfig fig2dev 3.2.7b has a stack-based buffer overflow because of an incorrect sscanf...

CVE-2019-19555

readtextobject in read.c in Xfig fig2dev 3.2.7b has a stack-based buffer overflow because of an incorrect sscanf...

Stack overflow

readtextobject in read.c in Xfig fig2dev 3.2.7b has a stack-based buffer overflow because of an incorrect sscanf...

CVE-2019-19555

readtextobject in read.c in Xfig fig2dev 3.2.7b has a stack-based buffer overflow because of an incorrect sscanf...

CVE-2010-3844

An unchecked sscanf call in ettercap before 0.7.5 allows an insecure temporary settings file to overflow a static-sized buffer on the stack...

Buffer overflow

An unchecked sscanf call in ettercap before 0.7.5 allows an insecure temporary settings file to overflow a static-sized buffer on the stack...

UBUNTU-CVE-2010-3844

An unchecked sscanf call in ettercap before 0.7.5 allows an insecure temporary settings file to overflow a static-sized buffer on the stack...

CVE-2010-3844

The CVE-2010-3844 entry concerns Ettercap before version 0.7.5, where an unchecked sscanf() call allows an insecure temporary settings file to overflow a stack-allocated, fixed-size buffer. Public documents in connected sources corroborate the same description. Impact indicators in the related CV...

CVE-2019-15900

An issue was discovered in slicer69 doas before 6.2 on certain platforms other than OpenBSD. On platforms without strtonum3, sscanf was used without checking for error cases. Instead, the uninitialized variable errstr was checked and in some cases returned success even if sscanf failed. The resul...

Command injection

An issue was discovered in slicer69 doas before 6.2 on certain platforms other than OpenBSD. On platforms without strtonum3, sscanf was used without checking for error cases. Instead, the uninitialized variable errstr was checked and in some cases returned success even if sscanf failed. The resul...

CVE-2019-15900

An issue was discovered in slicer69 doas before 6.2 on certain platforms other than OpenBSD. On platforms without strtonum3, sscanf was used without checking for error cases. Instead, the uninitialized variable errstr was checked and in some cases returned success even if sscanf failed. The resul...

The vulnerability of the libavformat library in the Ffmpeg multimedia environment allows attackers to compromise data integrity, gain unauthorized access to protected information, and cause service failures.

The vulnerability of the libavformat library in the Ffmpeg multimedia environment is related to the lack of checking the return value of the sscanf function. This can lead to the use of uninitialized variables. Exploiting this vulnerability could allow a malicious actor to compromise data...

CVE-2019-9717

In Libav 12.3, a denial of service in the subtitle decoder allows attackers to hog the CPU via a crafted video file in Matroska format, because srttoass in libavcodec/srtdec.c has a complex format argument to sscanf...

Format string

In Libav 12.3, a denial of service in the subtitle decoder allows attackers to hog the CPU via a crafted video file in Matroska format, because srttoass in libavcodec/srtdec.c has a complex format argument to sscanf...