Netatalk 格式化字符串错误漏洞

Netatalk is an open-source software developed by Netatalk Inc. It provides AFP file server functionality for Classic Mac OS and macOS on Unix-like operating systems. Versions 3.0.3 to 4.4.2 of Netatalk contain a vulnerability related to formatted string errors. This vulnerability arises from...

GHSA-2C6H-4899-WJXR scaly: Multiple soundness issues in Rust safe APIs

Affected versions contain multiple safe APIs that can trigger undefined behavior: - Array::index can perform an out-of-bounds read. - String::getlength can perform an out-of-bounds read. - String::appendcharacter can perform an invalid write. - String::tocstring can perform an out-of-bounds write...

MiracleLinux 7 : php-5.4.16-48.0.8.el7.AXS7 (AXSA:2025-10753:07)

The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2025-10753:07 advisory. CVE-2025-1735: add error checking for pgsql extension escape functions, mainly to fix possible issues with multi-byte encoding of Postgres databases CVEs:...

RUSTSEC-2026-0080 Multiple soundness issues in `scaly` safe APIs

Affected versions contain multiple safe APIs that can trigger undefined behavior: - Array::index can perform an out-of-bounds read. - String::getlength can perform an out-of-bounds read. - String::appendcharacter can perform an invalid write. - String::tocstring can perform an out-of-bounds write...

QNAP Systems QTS和QNAP Systems QuTS hero 格式化字符串错误漏洞

QNAP Systems QTS and QNAP Systems QuTS hero are both software with data storage and management capabilities from QNAP Systems, a Taiwan, China-based company. A formatting string error vulnerability exists in QNAP Systems QTS and QNAP Systems QuTS hero, which arises from the use of externally...

kernel: afs: Fix merge preference rule failure condition

In the Linux kernel, the following vulnerability has been resolved: afs: Fix merge preference rule failure condition syzbot reported a lock held when returning to userspace1. This is because if argc is less than 0 and the function returns directly, the held inode lock is not released. Fix this by...

QNAP QTS and QuTS hero formatting string error vulnerability

QNAP QTS is a NAS operating system developed by QNAPSystems, Inc. designed for network attached storage devices, providing data management, backup, multimedia entertainment, etc. QNAP QuTS hero is an enterprise-grade operating system developed by QNAP for its networked storage devices NAS, which ...

EUVD-2018-12145

Malware in sbrugna...

EUVD-2011-1588

Malware in sbrugna...

QNAP operating system 格式化字符串错误漏洞

The QNAP operating system is an operating system from Taiwan, China-based QNAP Technology QNAP. A Formatting String Error vulnerability exists in the QNAP operating system, which arises from the use of externally controlled formatting strings that could lead to the acquisition of secret data or...

QNAP operating system 格式化字符串错误漏洞

The QNAP operating system is an operating system from Taiwan, China-based QNAP Technology QNAP. A Formatting String Error vulnerability exists in the QNAP operating system, which arises from the use of externally controlled formatting strings that could lead to the acquisition of secret data or...

ROS-20250930-07

Vulnerability of ImageMagick console graphic editor related to format string error in function "InterpretImageFilename" function. Exploitation of the vulnerability could allow a remote attacker to execute arbitrary code on the target system, execute arbitrary code on the target system Vulnerabili...

IBM webMethods Integration 格式化字符串错误漏洞

IBM webMethods Integration is a hybrid enterprise iPaaS from International Business Machines IBM. A Formatting String Error vulnerability exists in IBM webMethods Integration versions 10.15 and 11.1, which stems from improper validation of parameter formatting strings passed to an external source...

CVE-2025-38528 bpf: Reject %p% format string in bprintf-like helpers

In the Linux kernel, the following vulnerability has been resolved: bpf: Reject %p% format string in bprintf-like helpers static const char fmt = "%p%"; bpftraceprintkfmt, sizeoffmt; The above BPF program isn't rejected and causes a kernel warning at runtime: Please remove unsupported %\x00 in...

SonicWALL SonicOS SSLVPN 格式化字符串错误漏洞

SonicWALL SonicOS SSLVPN is a virtual private network for secure remote access from SonicWALL USA. A Formatting String Error vulnerability exists in SonicWALL SonicOS SSLVPN that originates from an externally controlled formatting string and could result in a service interruption...

QNAP Qsync Central 格式化字符串错误漏洞

QNAP Qsync Central is a cloud-based file synchronization service on a NAS from Taiwan, China-based QNAP Technology QNAP. A Formatting String Error vulnerability exists in QNAP Qsync Central, which originates from an externally controlled formatting string and could allow a remote attacker to obta...

CVE-2025-30077

Open Networking Foundation SD-RAN ONOS onos-lib-go 0.10.28 allows an index out-of-range panic in asn1/aper GetBitString via a zero value of numBits...

Improper Neutralization

Overview Affected versions of this package are vulnerable to Improper Neutralization when importing a macro in a template whose filename is also a template. This will result in a SyntaxError: f-string: invalid syntax error message because the filename is not properly escaped, indicating that it i...

QNAP Systems QTS和QNAP Systems QuTS hero 格式化字符串错误漏洞

QNAP Systems QTS and QNAP Systems QuTS hero are both products of China Weilian Technology QNAP Systems.QNAP Systems QTS is an entry operating system.QNAP Systems QuTS hero is an operating system. A format string error vulnerability exists in QNAP Systems QTS prior to version 5.2.1.2930 build...

Actiontec Electronics WEB6000Q Formatting String Error Vulnerability

The Actiontec Electronics WEB6000Q is a wireless extender from Actiontec Electronics, Inc. The Actiontec Electronics WEB6000Q suffers from a Formatting String Error vulnerability. An attacker could exploit this vulnerability to execute code in an HTTP server environment...