OPENSUSE-SU-2022:10160-1 Security update for v4l2loopback

This update for v4l2loopback fixes the following issues: - Fix string format vulnerability boo1202156, CVE-2022-2652...

OPENSUSE-SU-2022:10159-1 Security update for v4l2loopback

This update for v4l2loopback fixes the following issues: - Fix string format vulnerability boo1202156, CVE-2022-2652...

Security update for v4l2loopback (moderate)

openSUSE Security Update: Security update for v4l2loopback Announcement ID: openSUSE-SU-2022:10159-1 Rating: moderate References: 1202156 Cross-References: CVE-2022-2652 CVSS scores: CVE-2022-2652 NVD : 6 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:H CVE-2022-2652 SUSE: 6...

Unpatched iPhone Bug Allows Code Execution

A vulnerability in Apple iOS opens the door to remote code execution RCE, researchers found. The assessment is a revision from a previous understanding of the flaw that viewed it as a low-risk and somewhat wacky denial-of-service DoS problem affecting iPhone’s Wi-Fi feature. Apple fixed the...

CVE-2019-14023

String format issue will occur while processing HLOS data as there is no user input validation to ensure inputs are properly NULL terminated before string copy in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music in MDM9607, Nicobar,...

CVE-2019-14023

CVE-2019-14023 describes a string format issue in HLOS data processing that could allow local exploitation on Qualcomm Snapdragon targets. The vulnerability arises from inputs not being NULL-terminated before string copy in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snap...

CVE-2019-14023

String format issue will occur while processing HLOS data as there is no user input validation to ensure inputs are properly NULL terminated before string copy in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music in MDM9607, Nicobar,...

python-jinja2: Sandbox escape due to information disclosure via str.format

A flaw was found in Pallets Jinja prior to version 2.8.1 allows sandbox escape. Python's string format method added to strings can be used to discover potentially dangerous values including configuration values. The highest threat from this vulnerability is to data confidentiality and integrity a...

cPanel Injection Vulnerability (CNVD-2019-36137)

cPanel is a set of Web-based automated colocation platform from the US-based cPanel. The platform is primarily used to automate the management of websites and servers. An injection vulnerability exists in cPanel. An attacker can exploit this vulnerability to perform string format injection in...

CVE-2017-18389

cPanel before 68.0.15 allows string format injection in dovecot-xaps-plugin SEC-318...

Format string

cPanel before 68.0.15 allows string format injection in dovecot-xaps-plugin SEC-318...

CVE-2017-18389

CVE-2017-18389 affects cPanel prior to 68.0.15. The issue is a string format injection in the dovecot-xaps-plugin, as described by SEC-318. The vulnerability stems from how the plugin handles format strings, enabling potential injection through malformed input. Exploitation details, impacted vers...

python-jinja2: Sandbox escape due to information disclosure via str.format

A flaw was found in Pallets Jinja prior to version 2.8.1 allows sandbox escape. Python's string format method added to strings can be used to discover potentially dangerous values including configuration values. The highest threat from this vulnerability is to data confidentiality and integrity a...

python-jinja2: Sandbox escape due to information disclosure via str.format

A flaw was found in Pallets Jinja prior to version 2.8.1 allows sandbox escape. Python's string format method added to strings can be used to discover potentially dangerous values including configuration values. The highest threat from this vulnerability is to data confidentiality and integrity a...

PT-2018-3867 · Exiv2 +5 · Exiv2 +5

Name of the Vulnerable Software and Affected Versions: Exiv2 version 0.26 Description: The issue is related to a denial of service caused by an out-of-bounds read in the Exiv2::Internal::stringFormat function in image.cpp. This can be triggered by remote attackers using a specially crafted file,...

PYSEC-2017-134

There is a stack consumption vulnerability in the Exiv2::Internal::stringFormat function of image.cpp in Exiv2 0.26. A Crafted input will lead to a remote denial of service attack...

CVE-2017-5524

Plone 4.x through 4.3.11 and 5.x through 5.0.6 allow remote attackers to bypass a sandbox protection mechanism and obtain sensitive information by leveraging the Python string format method...

Format string

Plone 4.x through 4.3.11 and 5.x through 5.0.6 allow remote attackers to bypass a sandbox protection mechanism and obtain sensitive information by leveraging the Python string format method...

PYSEC-2017-81

Plone 4.x through 4.3.11 and 5.x through 5.0.6 allow remote attackers to bypass a sandbox protection mechanism and obtain sensitive information by leveraging the Python string format method...

PYSEC-2017-81

Plone 4.x through 4.3.11 and 5.x through 5.0.6 allow remote attackers to bypass a sandbox protection mechanism and obtain sensitive information by leveraging the Python string format method...