CVE-2019-15547

An issue was discovered in the ncurses crate through 5.99.0 for Rust. There are format string issues in printw functions because C format arguments are mishandled...

CVE-2019-7230

The ABB IDAL FTP server mishandles format strings in a username during the authentication process. Attempting to authenticate with the username %s%p%x%d will crash the server. Sending %08x.AAAA.%08x.%08x will log memory content from the stack...

Arbitrary Code Execution

CUPS provides a portable printing layer for Linux, UNIX, and similar operating systems. A string reference count bug was found in cupsd, causing premature freeing of string objects. An attacker can submit a malicious print job that exploits this flaw to dismantle ACLs protecting privileged...

CVE-2018-6875

Format String vulnerability in KeepKey version 4.0.0 allows attackers to trigger information display of information that should not be accessible, related to text containing characters that the device's font lacks...

DEBIAN-CVE-2018-5207

When using an incomplete variable argument, Irssi before 1.0.6 may access data beyond the end of the string...

The vulnerability of the PHP interpreter, which allows attackers to trigger a service failure or exert other effects.

The vulnerability of the raphemestripos function ext/intl/grapheme/graphemestring.c in the PHP interpreter exists due to the reading of data beyond the specified buffer. Exploiting this vulnerability may allow an attacker to cause a service failure reading beyond the memory limit, or it may have...

Qwik SMTP 0.3 - Remote Root Format String Exploit

No description provided by source. / qwik-smtp Remote Root Exploit ------------------------------- Bug found by: Dark Eagle darkeagle at list d0t ru Exploit coded by: Carlos Barros barros at barrossecurity d0t com Home Page: http://www.barrossecurity.com Exploitation techinique: This bug is a...

OpenFTPD (<= 0.30.2) Remote Exploit

No description provided by source. / hoagieopenftpd.c LINUX/X86 OPENFTPD REMOTE EXLPOIT = 0.30.2 Searching for those warez ftpd's out there and leeching 'free' movies Remote Linux/OpenFTPD exploit for the format string bug in the message system. This vulnerability was rediscovered by a VOID.AT...

OpenFTPD <= 0.30.1 (message system) Remote Shell Exploit

No description provided by source. / shouts to mitakeet :D exploit for openftpd format string bug. tested on most current version only. -infamous42md AT hotpop DOT com is real email only tricky part is find a place to stick the shell, as there isn't enough room to send it with the format string...

Oracle Linux 4 : evolution (ELSA-2008-0177)

From Red Hat Security Advisory 2008:0177 : Updated evolution packages that fix a format string bug are now available for Red Hat Enterprise Linux 4 and 5. This update has been rated as having critical security impact by the Red Hat Security Response Team. Evolution is the GNOME collection of...

UBUNTU-CVE-2013-3560

The dissectdsmccundownload function in epan/dissectors/packet-mpeg-dsmcc.c in the MPEG DSM-CC dissector in Wireshark 1.8.x before 1.8.7 uses an incorrect format string, which allows remote attackers to cause a denial of service application crash via a malformed packet...

Ubuntu 12.10 : linux vulnerabilities (USN-1813-1)

Mathias Krause discovered an information leak in the Linux kernel's UDF file system implementation. A local user could exploit this flaw to examine some of the kernel's heap memory. CVE-2012-6548 Mathias Krause discovered an information leak in the Linux kernel's ISO 9660 CDROM file system driver...

Ubuntu 12.04 LTS : linux vulnerabilities (USN-1809-1)

Mathias Krause discovered an information leak in the Linux kernel's UDF file system implementation. A local user could exploit this flaw to examine some of the kernel's heap memory. CVE-2012-6548 Mathias Krause discovered an information leak in the Linux kernel's ISO 9660 CDROM file system driver...

Ubuntu 12.04 LTS : linux-lts-quantal vulnerabilities (USN-1812-1)

Mathias Krause discovered an information leak in the Linux kernel's UDF file system implementation. A local user could exploit this flaw to examine some of the kernel's heap memory. CVE-2012-6548 Mathias Krause discovered an information leak in the Linux kernel's ISO 9660 CDROM file system driver...

USN-1811-1: Linux kernel (OMAP4) vulnerabilities

Mathias Krause discovered an information leak in the Linux kernel's UDF file system implementation. A local user could exploit this flaw to examine some of the kernel's heap memory. CVE-2012-6548 Mathias Krause discovered an information leak in the Linux kernel's ISO 9660 CDROM file system driver...

RHEL 4 : evolution (RHSA-2008:0178)

Updated evolution packages that fix a format string bug are now available for Red Hat Enterprise Linux 4.5 Extended Update Support. This update has been rated as having critical security impact by the Red Hat Security Response Team. Evolution is the GNOME collection of personal information...

RHEL 3 / 4 : RealPlayer (RHSA-2005:762)

An updated RealPlayer package that fixes a format string bug is now available. This update has been rated as having critical security impact by the Red Hat Security Response Team. RealPlayer is a media player that provides media playback locally and via streaming. A format string bug was discover...

Slackware: Security Advisory (SSA:2005-283-01)

The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Mandrake Linux Security Advisory : lpr (MDKSA-2000:054)

There is a format string bug in lpr with its calls to the syslog facility. There are no known exploits at ths time, but it may be possible for a user to gain local root access. This new lpr fixes this problem. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package...

SuSE9 Security Update : vim and gvim (YOU Patch Number 11722)

This update of Vim addresses a format-string bug in 'helptags'. This bug can be exploited to execute code with the privileges of the user running Vim. CVE-2007-2953 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The text description of this plugin is C Novell, Inc...