3205 matches found
QNAP Qsync Central 格式化字符串错误漏洞
QNAP Qsync Central is a cloud-based file synchronization service for NAS devices provided by QNAP Technology Co., Ltd. Versions of QNAP Qsync Central prior to 5.0.0.4 contained a vulnerability related to formatted strings. This vulnerability stemmed from the use of externally controlled formatted...
PT-2026-7532
Name of the Vulnerable Software and Affected Versions Qsync Central versions prior to 5.0.0.4 Description A use of externally-controlled format string issue exists in Qsync Central. A remote attacker who obtains a user account may be able to obtain secret data or modify memory. The issue involves...
CVE-2025-64157
A use of externally-controlled format string vulnerability in Fortinet FortiOS 7.6.0 through 7.6.4, FortiOS 7.4.0 through 7.4.9, FortiOS 7.2.0 through 7.2.11, FortiOS 7.0 all versions allows an authenticated admin to execute unauthorized code or commands via specifically crafted configuration...
CVE-2025-64157
A use of externally-controlled format string vulnerability in Fortinet FortiOS 7.6.0 through 7.6.4, FortiOS 7.4.0 through 7.4.9, FortiOS 7.2.0 through 7.2.11, FortiOS 7.0 all versions allows an authenticated admin to execute unauthorized code or commands via specifically crafted configuration...
CVE-2025-64157
CVE-2025-64157 affects Fortinet FortiOS versions 7.0–7.6.4 (and 7.4.x, 7.2.x, 7.6.x ranges as listed) where an authenticated administrator can trigger unauthorized code execution via specifically crafted configuration due to an externally-controlled format string. Multiple connected sources (Fort...
Fortinet FortiOS 格式化字符串错误漏洞
Fortinet FortiOS is a security operating system developed by Fortinet Corporation, specifically for use on the FortiGate network security platform. This system provides users with various security features such as firewalls, antivirus protection, IPSec/SSLVPN, web content filtering, and anti-spam...
MiracleLinux 8 : libinput-1.16.3-3.el8 (AXSA:2022-3673:01)
The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2022-3673:01 advisory. libinput: format string vulnerability may lead to privilege escalation CVE-2022-1215 Tenable has extracted the preceding description block directly from the...
MiracleLinux 9 : libinput-1.19.3-2.el9 (AXSA:2022-3984:02)
The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2022-3984:02 advisory. libinput: format string vulnerability may lead to privilege escalation CVE-2022-1215 Tenable has extracted the preceding description block directly from the...
MiracleLinux 7 : rh-mariadb105-galera-26.4.11-1.el7, rh-mariadb105-mariadb-10.5.16-2.el7 (AXSA:2022-3624:01)
The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2022-3624:01 advisory. mariadb: convertconsttoint use-after-free when the BIGINT data type is used CVE-2021-46669 mariadb: lack of proper validation of the length of...
Qnap QTS and QuTS hero Use of Externally-Controlled Format String (CVE-2025-53591)
A use of externally-controlled format string vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to obtain secret data or modify memory. We have already fixed the vulnerabili...
MiracleLinux 3 : qt-3.3.6-23.1AXS3 (AXBA:2008-211:01)
The remote MiracleLinux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXBA:2008-211:01 advisory. - The UTF-8 decoder in codecs/qutfcodec.cpp in Qt 3.3.8 and 4.2.3 does not reject long UTF-8 sequences as required by the standard, which allows remo...
MiracleLinux 4 : coreutils-8.4-31.2.0.1.AXS4 (AXSA:2014-028:01)
The remote MiracleLinux 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2014-028:01 advisory. These are the GNU core utilities. This package is the combination of the old GNU fileutils, sh-utils, and textutils packages. Security issues fixed...
Qnap QTS and QuTS hero Use of Externally-Controlled Format String (CVE-2025-53406)
A use of externally-controlled format string vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to obtain secret data or modify memory. We have already fixed the vulnerabili...
Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-000785)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000785 advisory. Format string vulnerability in the b43requestfirmware function in drivers/net/wireless/b43/main.c in the Broadcom B43 wireless driver in the Linux kernel through 3.9...
MiracleLinux 7 : udisks2-2.7.3-9.el7 (AXSA:2019-4045:02)
The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2019-4045:02 advisory. udisks: Format string vulnerability in udiskslog in udiskslogging.c CVE-2018-17336 Tenable has extracted the preceding description block directly from the...
Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-002008)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002008 advisory. Format string vulnerability in the b43requestfirmware function in drivers/net/wireless/b43/main.c in the Broadcom B43 wireless driver in the Linux kernel through 3.9...
Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-002476)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002476 advisory. Format string vulnerability in the b43requestfirmware function in drivers/net/wireless/b43/main.c in the Broadcom B43 wireless driver in the Linux kernel through 3.9...
Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-002103)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002103 advisory. fs/ext3/super.c in the Linux kernel before 3.8.4 uses incorrect arguments to functions in certain circumstances related to printk input, which allows local users to...
Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-001082)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001082 advisory. Format string vulnerability in the registerdisk function in block/genhd.c in the Linux kernel through 3.9.4 allows local users to gain privileges by leveraging root...
MiracleLinux 7 : python-jinja2-2.7.2-4.0.1.el7.AXS7 (AXSA:2025-11572:05)
The remote MiracleLinux 7 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2025-11572:05 advisory. CVE-2024-56326: fix format string vulnerability impacting users of applications which execute untrusted template CVEs: CVE-2024-56326 Jinja is an extensible...