Total
319 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2022-33938 | 1 Goabode | 2 Iota All-in-one Security Kit, Iota All-in-one Security Kit Firmware | 2023-12-10 | N/A | 9.8 CRITICAL |
A format string injection vulnerability exists in the ghome_process_control_packet functionality of Abode Systems, Inc. iota All-In-One Security Kit 6.9Z and 6.9X. A specially-crafted XCMD can lead to memory corruption, information disclosure and denial of service. An attacker can send a malicious XML payload to trigger this vulnerability. | |||||
CVE-2022-27177 | 1 Netflix | 1 Consoleme | 2023-12-10 | 7.5 HIGH | 9.8 CRITICAL |
A Python format string issue leading to information disclosure and potentially remote code execution in ConsoleMe for all versions prior to 1.2.2 | |||||
CVE-2021-41193 | 1 Wire | 1 Wire-audio Video Signaling | 2023-12-10 | 7.5 HIGH | 9.8 CRITICAL |
wire-avs is the audio visual signaling (AVS) component of Wire, an open-source messenger. A remote format string vulnerability in versions prior to 7.1.12 allows an attacker to cause a denial of service or possibly execute arbitrary code. The issue has been fixed in wire-avs 7.1.12. There are currently no known workarounds. | |||||
CVE-2022-26674 | 1 Asus | 2 Rt-ax88u, Rt-ax88u Firmware | 2023-12-10 | 7.5 HIGH | 9.8 CRITICAL |
ASUS RT-AX88U has a Format String vulnerability, which allows an unauthenticated remote attacker to write to arbitrary memory address and perform remote arbitrary code execution, arbitrary system operation or disrupt service. | |||||
CVE-2022-24051 | 2 Fedoraproject, Mariadb | 2 Fedora, Mariadb | 2023-12-10 | 4.6 MEDIUM | 7.8 HIGH |
MariaDB CONNECT Storage Engine Format String Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of MariaDB. Authentication is required to exploit this vulnerability. The specific flaw exists within the processing of SQL queries. The issue results from the lack of proper validation of a user-supplied string before using it as a format specifier. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of the service account. Was ZDI-CAN-16193. | |||||
CVE-2021-42911 | 1 Draytek | 6 Vigor2960, Vigor2960 Firmware, Vigor300b and 3 more | 2023-12-10 | 7.5 HIGH | 9.8 CRITICAL |
A Format String vulnerability exists in DrayTek Vigor 2960 <= 1.5.1.3, DrayTek Vigor 3900 <= 1.5.1.3, and DrayTek Vigor 300B <= 1.5.1.3 in the mainfunction.cgi file via a crafted HTTP message containing malformed QUERY STRING, which could let a remote malicious user execute arbitrary code. | |||||
CVE-2022-1215 | 1 Freedesktop | 1 Libinput | 2023-12-10 | 7.2 HIGH | 7.8 HIGH |
A format string vulnerability was found in libinput | |||||
CVE-2022-31753 | 1 Huawei | 3 Emui, Harmonyos, Magic Ui | 2023-12-10 | 5.0 MEDIUM | 7.5 HIGH |
The voice wakeup module has a vulnerability of using externally-controlled format strings. Successful exploitation of this vulnerability may affect system availability. | |||||
CVE-2021-37735 | 2 Arubanetworks, Siemens | 3 Aruba Instant, Scalance W1750d, Scalance W1750d Firmware | 2023-12-10 | 5.0 MEDIUM | 5.3 MEDIUM |
A remote denial of service vulnerability was discovered in Aruba Instant version(s): Aruba Instant 6.5.x.x: 6.5.4.18 and below; Aruba Instant 8.5.x.x: 8.5.0.10 and below; Aruba Instant 8.6.x.x: 8.6.0.4 and below. Aruba has released patches for Aruba Instant (IAP) that address this security vulnerability. | |||||
CVE-2021-25489 | 2 Google, Samsung | 2 Android, Exynos | 2023-12-10 | 4.9 MEDIUM | 5.5 MEDIUM |
Assuming radio permission is gained, missing input validation in modem interface driver prior to SMR Oct-2021 Release 1 results in format string bug leading to kernel panic. | |||||
CVE-2021-43041 | 1 Kaseya | 1 Unitrends Backup | 2023-12-10 | 6.5 MEDIUM | 8.8 HIGH |
An issue was discovered in Kaseya Unitrends Backup Appliance before 10.5.5. A crafted HTTP request could induce a format string vulnerability in the privileged vaultServer application. | |||||
CVE-2021-36161 | 1 Apache | 1 Dubbo | 2023-12-10 | 7.5 HIGH | 9.8 CRITICAL |
Some component in Dubbo will try to print the formated string of the input arguments, which will possibly cause RCE for a maliciously customized bean with special toString method. In the latest version, we fix the toString call in timeout, cache and some other places. Fixed in Apache Dubbo 2.7.13 | |||||
CVE-2020-36323 | 2 Fedoraproject, Rust-lang | 2 Fedora, Rust | 2023-12-10 | 6.4 MEDIUM | 8.2 HIGH |
In the standard library in Rust before 1.52.0, there is an optimization for joining strings that can cause uninitialized bytes to be exposed (or the program to crash) if the borrowed string changes after its length is checked. | |||||
CVE-2021-30145 | 1 Mpv | 1 Mpv | 2023-12-10 | 6.8 MEDIUM | 7.8 HIGH |
A format string vulnerability in mpv through 0.33.0 allows user-assisted remote attackers to achieve code execution via a crafted m3u playlist file. | |||||
CVE-2021-28846 | 1 Trendnet | 8 Tew-755ap, Tew-755ap2kac, Tew-755ap2kac Firmware and 5 more | 2023-12-10 | 4.0 MEDIUM | 6.5 MEDIUM |
A Format String vulnerablity exists in TRENDnet TEW-755AP 1.11B03, TEW-755AP2KAC 1.11B03, TEW-821DAP2KAC 1.11B03, and TEW-825DAP 1.11B03, which could let a remote malicious user cause a denial of service due to a logic bug at address 0x40dcd0 when calling fprintf with "%s: key len = %d, too long\n" format. The two variables seem to be put in the wrong order. The vulnerability could be triggered by sending the POST request to apply_cgi with a long and unknown key in the request body. | |||||
CVE-2021-33535 | 1 Weidmueller | 16 Ie-wl-bl-ap-cl-eu, Ie-wl-bl-ap-cl-eu Firmware, Ie-wl-bl-ap-cl-us and 13 more | 2023-12-10 | 6.5 MEDIUM | 8.8 HIGH |
In Weidmueller Industrial WLAN devices in multiple versions an exploitable format string vulnerability exists in the iw_console conio_writestr functionality. A specially crafted time server entry can cause an overflow of the time server buffer, resulting in remote code execution. An attacker can send commands while authenticated as a low privilege user to trigger this vulnerability. | |||||
CVE-2021-29740 | 1 Ibm | 1 Spectrum Scale | 2023-12-10 | 7.2 HIGH | 7.8 HIGH |
IBM Spectrum Scale 5.0.0 through 5.0.5.6 and 5.1.0 through 5.1.0.3 system core component is affected by a format string security vulnerability. An attacker could execute arbitrary code in the context of process memory, potentially escalating their system privileges and taking control over the entire system with root access. IBM X-Force ID: 201474. | |||||
CVE-2021-33886 | 1 Bbraun | 3 Infusomat Large Volume Pump 871305u, Spacecom2, Spacestation 8713142u | 2023-12-10 | 5.8 MEDIUM | 8.8 HIGH |
An improper sanitization of input vulnerability in B. Braun SpaceCom2 prior to 012U000062 allows a remote unauthenticated attacker to gain user-level command-line access by passing a raw external string straight through to printf statements. The attacker is required to be on the same network as the device. | |||||
CVE-2021-20307 | 3 Debian, Fedoraproject, Libpano13 Project | 3 Debian Linux, Fedora, Libpano13 | 2023-12-10 | 7.5 HIGH | 9.8 CRITICAL |
Format string vulnerability in panoFileOutputNamesCreate() in libpano13 2.9.20~rc2+dfsg-3 and earlier can lead to read and write arbitrary memory values. | |||||
CVE-2020-27524 | 1 Audi | 2 A7, Mmi Multiplayer | 2023-12-10 | 4.8 MEDIUM | 7.1 HIGH |
On Audi A7 MMI 2014 vehicles, the Bluetooth stack in Audi A7 MMI Multiplayer with version (N+R_CN_AU_P0395) mishandles %x and %s format string specifiers in a device name. This may lead to memory content leaks and potentially crash the services. |