Total
319 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2020-35869 | 1 Rusqlite Project | 1 Rusqlite | 2023-12-10 | 7.5 HIGH | 9.8 CRITICAL |
| An issue was discovered in the rusqlite crate before 0.23.0 for Rust. Memory safety can be violated because rusqlite::trace::log mishandles format strings. | |||||
| CVE-2020-27853 | 1 Wire | 3 Wire, Wire - Audio\, Video\, And Signaling, Wire Secure Messenger | 2023-12-10 | 7.5 HIGH | 9.8 CRITICAL |
| Wire before 2020-10-16 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a format string. This affects Wire AVS (Audio, Video, and Signaling) 5.3 through 6.x before 6.4, the Wire Secure Messenger application before 3.49.918 for Android, and the Wire Secure Messenger application before 3.61 for iOS. This occurs via the value parameter to sdp_media_set_lattr in peerflow/sdp.c. | |||||
| CVE-2020-15203 | 2 Google, Opensuse | 2 Tensorflow, Leap | 2023-12-10 | 5.0 MEDIUM | 7.5 HIGH |
| In Tensorflow before versions 1.15.4, 2.0.3, 2.1.2, 2.2.1 and 2.3.1, by controlling the `fill` argument of tf.strings.as_string, a malicious attacker is able to trigger a format string vulnerability due to the way the internal format use in a `printf` call is constructed. This may result in segmentation fault. The issue is patched in commit 33be22c65d86256e6826666662e40dbdfe70ee83, and is released in TensorFlow versions 1.15.4, 2.0.3, 2.1.2, 2.2.1, or 2.3.1. | |||||
| CVE-2020-29018 | 1 Fortinet | 1 Fortiweb | 2023-12-10 | 6.5 MEDIUM | 8.8 HIGH |
| A format string vulnerability in FortiWeb 6.3.0 through 6.3.5 may allow an authenticated, remote attacker to read the content of memory and retrieve sensitive data via the redir parameter. | |||||
| CVE-2020-1992 | 1 Paloaltonetworks | 3 Pa-7050, Pa-7080, Pan-os | 2023-12-10 | 9.3 HIGH | 9.8 CRITICAL |
| A format string vulnerability in the Varrcvr daemon of PAN-OS on PA-7000 Series devices with a Log Forwarding Card (LFC) allows remote attackers to crash the daemon creating a denial of service condition or potentially execute code with root privileges. This issue affects Palo Alto Networks PAN-OS 9.0 versions before 9.0.7; PAN-OS 9.1 versions before 9.1.2 on PA-7000 Series devices with an LFC installed and configured. This issue requires WildFire services to be configured and enabled. This issue does not affect PAN-OS 8.1 and earlier releases. This issue does not affect any other PA Series firewalls. | |||||
| CVE-2020-16142 | 1 Mercedes-benz | 2 C220, Comand | 2023-12-10 | 2.9 LOW | 3.5 LOW |
| On Mercedes-Benz C Class AMG Premium Plus c220 BlueTec vehicles, the Bluetooth stack mishandles %x and %c format-string specifiers in a device name in the COMAND infotainment software. | |||||
| CVE-2020-13160 | 3 Anydesk, Freebsd, Linux | 3 Anydesk, Freebsd, Linux Kernel | 2023-12-10 | 7.5 HIGH | 9.8 CRITICAL |
| AnyDesk before 5.5.3 on Linux and FreeBSD has a format string vulnerability that can be exploited for remote code execution. | |||||
| CVE-2020-15634 | 1 Netgear | 2 R6700, R6700 Firmware | 2023-12-10 | 5.8 MEDIUM | 6.3 MEDIUM |
| This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR R6700 routers with firmware 1.0.4.84_10.0.58. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of string table file uploads. The issue results from the lack of proper validation of a user-supplied string before using it as a format specifier. An attacker can leverage this vulnerability to execute code in the context of the web server. Was ZDI-CAN-9755. | |||||
| CVE-2019-18420 | 3 Debian, Fedoraproject, Xen | 3 Debian Linux, Fedora, Xen | 2023-12-10 | 6.3 MEDIUM | 6.5 MEDIUM |
| An issue was discovered in Xen through 4.12.x allowing x86 PV guest OS users to cause a denial of service via a VCPUOP_initialise hypercall. hypercall_create_continuation() is a variadic function which uses a printf-like format string to interpret its parameters. Error handling for a bad format character was done using BUG(), which crashes Xen. One path, via the VCPUOP_initialise hypercall, has a bad format character. The BUG() can be hit if VCPUOP_initialise executes for a sufficiently long period of time for a continuation to be created. Malicious guests may cause a hypervisor crash, resulting in a Denial of Service (DoS). Xen versions 4.6 and newer are vulnerable. Xen versions 4.5 and earlier are not vulnerable. Only x86 PV guests can exploit the vulnerability. HVM and PVH guests, and guests on ARM systems, cannot exploit the vulnerability. | |||||
| CVE-2020-1979 | 1 Paloaltonetworks | 1 Pan-os | 2023-12-10 | 4.6 MEDIUM | 7.8 HIGH |
| A format string vulnerability in the PAN-OS log daemon (logd) on Panorama allows a network based attacker with knowledge of registered firewall devices and access to Panorama management interfaces to execute arbitrary code, bypassing the restricted shell and escalating privileges. This issue affects only PAN-OS 8.1 versions earlier than PAN-OS 8.1.13 on Panorama. This issue does not affect PAN-OS 7.1, PAN-OS 9.0, or later PAN-OS versions. | |||||
| CVE-2018-10389 | 1 Open Tftp Server Project | 1 Open Tftp Server | 2023-12-10 | 7.5 HIGH | 9.8 CRITICAL |
| Format string vulnerability in the logMess function in TFTP Server MT 1.65 and earlier allows remote attackers to perform a denial of service or execute arbitrary code via format string sequences in a TFTP error packet. | |||||
| CVE-2019-11287 | 5 Debian, Fedoraproject, Pivotal Software and 2 more | 5 Debian Linux, Fedora, Rabbitmq and 2 more | 2023-12-10 | 5.0 MEDIUM | 7.5 HIGH |
| Pivotal RabbitMQ, versions 3.7.x prior to 3.7.21 and 3.8.x prior to 3.8.1, and RabbitMQ for Pivotal Platform, 1.16.x versions prior to 1.16.7 and 1.17.x versions prior to 1.17.4, contain a web management plugin that is vulnerable to a denial of service attack. The "X-Reason" HTTP Header can be leveraged to insert a malicious Erlang format string that will expand and consume the heap, resulting in the server crashing. | |||||
| CVE-2018-10388 | 1 Open Tftp Server Project | 1 Open Tftp Server | 2023-12-10 | 7.5 HIGH | 9.8 CRITICAL |
| Format string vulnerability in the logMess function in TFTP Server SP 1.66 and earlier allows remote attackers to perform a denial of service or execute arbitrary code via format string sequences in a TFTP error packet. | |||||
| CVE-2019-13318 | 2 Foxitsoftware, Microsoft | 3 Phantompdf, Reader, Windows | 2023-12-10 | 4.3 MEDIUM | 5.5 MEDIUM |
| This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit Reader 9.5.0.20723. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the processing of the util.printf Javascript method. The application processes the %p parameter in the format string, allowing heap addresses to be returned to the script. An attacker can leverage this in conjunction with other vulnerabilities to execute code in the context of the current process. Was ZDI-CAN-8544. | |||||
| CVE-2010-3438 | 3 Debian, Fedoraproject, Libpoe-component-irc-perl Project | 3 Debian Linux, Fedora, Libpoe-component-irc-perl | 2023-12-10 | 7.5 HIGH | 9.8 CRITICAL |
| libpoe-component-irc-perl before v6.32 does not remove carriage returns and line feeds. This can be used to execute arbitrary IRC commands by passing an argument such as "some text\rQUIT" to the 'privmsg' handler, which would cause the client to disconnect from the server. | |||||
| CVE-2012-0824 | 1 Gnu | 1 Gnusound | 2023-12-10 | 7.5 HIGH | 9.8 CRITICAL |
| gnusound 0.7.5 has format string issue | |||||
| CVE-2014-6262 | 2 Debian, Zenoss | 2 Debian Linux, Zenoss Core | 2023-12-10 | 5.0 MEDIUM | 7.5 HIGH |
| Multiple format string vulnerabilities in the python module in RRDtool, as used in Zenoss Core before 4.2.5 and other products, allow remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted third argument to the rrdtool.graph function, aka ZEN-15415, a related issue to CVE-2013-2131. | |||||
| CVE-2019-5143 | 1 Moxa | 2 Awk-3131a, Awk-3131a Firmware | 2023-12-10 | 6.5 MEDIUM | 8.8 HIGH |
| An exploitable format string vulnerability exists in the iw_console conio_writestr functionality of the Moxa AWK-3131A firmware version 1.13. A specially crafted time server entry can cause an overflow of the time server buffer, resulting in remote code execution. An attacker can send commands while authenticated as a low privilege user to trigger this vulnerability. | |||||
| CVE-2011-1588 | 3 Debian, Opensuse, Xfce | 3 Debian Linux, Opensuse, Thunar | 2023-12-10 | 6.8 MEDIUM | 7.8 HIGH |
| Thunar before 1.3.1 could crash when copy and pasting a file name with % format characters due to a format string error. | |||||
| CVE-2019-12297 | 1 Motorola | 4 Cx2, Cx2 Firmware, M2 and 1 more | 2023-12-10 | 7.5 HIGH | 9.8 CRITICAL |
| An issue was discovered in scopd on Motorola routers CX2 1.01 and M2 1.01. There is a Use of an Externally Controlled Format String, reachable via TCP port 8010 or UDP port 8080. | |||||