Total
295 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2011-1588 | 3 Debian, Opensuse, Xfce | 3 Debian Linux, Opensuse, Thunar | 2020-08-18 | 6.8 MEDIUM | 7.8 HIGH |
Thunar before 1.3.1 could crash when copy and pasting a file name with % format characters due to a format string error. | |||||
CVE-2020-1979 | 1 Paloaltonetworks | 1 Pan-os | 2020-05-13 | 4.6 MEDIUM | 7.8 HIGH |
A format string vulnerability in the PAN-OS log daemon (logd) on Panorama allows a network based attacker with knowledge of registered firewall devices and access to Panorama management interfaces to execute arbitrary code, bypassing the restricted shell and escalating privileges. This issue affects only PAN-OS 8.1 versions earlier than PAN-OS 8.1.13 on Panorama. This issue does not affect PAN-OS 7.1, PAN-OS 9.0, or later PAN-OS versions. | |||||
CVE-2018-15749 | 1 Pulsesecure | 1 Pulse Secure Desktop Client | 2020-05-11 | 2.1 LOW | 5.5 MEDIUM |
The Pulse Secure Desktop (macOS) 5.3RX before 5.3R5 and 9.0R1 has a Format String Vulnerability. | |||||
CVE-2020-1992 | 1 Paloaltonetworks | 3 Pa-7050, Pa-7080, Pan-os | 2020-04-10 | 9.3 HIGH | 9.8 CRITICAL |
A format string vulnerability in the Varrcvr daemon of PAN-OS on PA-7000 Series devices with a Log Forwarding Card (LFC) allows remote attackers to crash the daemon creating a denial of service condition or potentially execute code with root privileges. This issue affects Palo Alto Networks PAN-OS 9.0 versions before 9.0.7; PAN-OS 9.1 versions before 9.1.2 on PA-7000 Series devices with an LFC installed and configured. This issue requires WildFire services to be configured and enabled. This issue does not affect PAN-OS 8.1 and earlier releases. This issue does not affect any other PA Series firewalls. | |||||
CVE-2005-1122 | 1 Monkey-project | 1 Monkey | 2020-03-26 | 7.5 HIGH | N/A |
Format string vulnerability in cgi.c for Monkey daemon (monkeyd) before 0.9.1 allows remote attackers to cause a denial of service and possibly execute arbitrary code via an HTTP GET request containing double-encoded format string specifiers (aka "double expansion error"). | |||||
CVE-2017-16516 | 2 Debian, Yajl-ruby Project | 2 Debian Linux, Yajl-ruby | 2020-03-10 | 5.0 MEDIUM | 7.5 HIGH |
In the yajl-ruby gem 1.3.0 for Ruby, when a crafted JSON file is supplied to Yajl::Parser.new.parse, the whole ruby process crashes with a SIGABRT in the yajl_string_decode function in yajl_encode.c. This results in the whole ruby process terminating and potentially a denial of service. | |||||
CVE-2018-12590 | 1 Ui | 2 Edgeswitch, Edgeswitch Firmware | 2020-02-13 | 9.0 HIGH | 7.2 HIGH |
Ubiquiti Networks EdgeSwitch version 1.7.3 and prior suffer from an externally controlled format-string vulnerability due to lack of protection on the admin CLI, leading to code execution and privilege escalation greater than administrators themselves are allowed. An attacker with access to an admin account could escape the restricted CLI and execute arbitrary code. | |||||
CVE-2018-6875 | 2 Keepkey, Shapeshift | 2 Keepkey, Keepkey Firmware | 2020-01-07 | 5.0 MEDIUM | 7.5 HIGH |
Format String vulnerability in KeepKey version 4.0.0 allows attackers to trigger information display (of information that should not be accessible), related to text containing characters that the device's font lacks. | |||||
CVE-2018-10389 | 1 Open Tftp Server Project | 1 Open Tftp Server | 2020-01-03 | 7.5 HIGH | 9.8 CRITICAL |
Format string vulnerability in the logMess function in TFTP Server MT 1.65 and earlier allows remote attackers to perform a denial of service or execute arbitrary code via format string sequences in a TFTP error packet. | |||||
CVE-2018-10388 | 1 Open Tftp Server Project | 1 Open Tftp Server | 2020-01-03 | 7.5 HIGH | 9.8 CRITICAL |
Format string vulnerability in the logMess function in TFTP Server SP 1.66 and earlier allows remote attackers to perform a denial of service or execute arbitrary code via format string sequences in a TFTP error packet. | |||||
CVE-2018-16554 | 1 Jhead Project | 1 Jhead | 2019-12-31 | 6.8 MEDIUM | 7.8 HIGH |
The ProcessGpsInfo function of the gpsinfo.c file of jhead 3.00 may allow a remote attacker to cause a denial-of-service attack or unspecified other impact via a malicious JPEG file, because of inconsistency between float and double in a sprintf format string during TAG_GPS_ALT handling. | |||||
CVE-2009-2446 | 2 Mysql, Oracle | 2 Mysql, Mysql | 2019-12-17 | 8.5 HIGH | N/A |
Multiple format string vulnerabilities in the dispatch_command function in libmysqld/sql_parse.cc in mysqld in MySQL 4.0.0 through 5.0.83 allow remote authenticated users to cause a denial of service (daemon crash) and possibly have unspecified other impact via format string specifiers in a database name in a (1) COM_CREATE_DB or (2) COM_DROP_DB request. NOTE: some of these details are obtained from third party information. | |||||
CVE-2008-3963 | 2 Mysql, Oracle | 2 Mysql, Mysql | 2019-12-17 | 4.0 MEDIUM | N/A |
MySQL 5.0 before 5.0.66, 5.1 before 5.1.26, and 6.0 before 6.0.6 does not properly handle a b'' (b single-quote single-quote) token, aka an empty bit-string literal, which allows remote attackers to cause a denial of service (daemon crash) by using this token in a SQL statement. | |||||
CVE-2006-3469 | 2 Mysql, Oracle | 2 Mysql, Mysql | 2019-12-17 | 4.0 MEDIUM | N/A |
Format string vulnerability in time.cc in MySQL Server 4.1 before 4.1.21 and 5.0 before 1 April 2006 allows remote authenticated users to cause a denial of service (crash) via a format string instead of a date as the first parameter to the date_format function, which is later used in a formatted print call to display the error message. | |||||
CVE-2012-0824 | 1 Gnu | 1 Gnusound | 2019-12-04 | 7.5 HIGH | 9.8 CRITICAL |
gnusound 0.7.5 has format string issue | |||||
CVE-2010-3438 | 3 Debian, Fedoraproject, Libpoe-component-irc-perl Project | 3 Debian Linux, Fedora, Libpoe-component-irc-perl | 2019-11-14 | 7.5 HIGH | 9.8 CRITICAL |
libpoe-component-irc-perl before v6.32 does not remove carriage returns and line feeds. This can be used to execute arbitrary IRC commands by passing an argument such as "some text\rQUIT" to the 'privmsg' handler, which would cause the client to disconnect from the server. | |||||
CVE-2019-13318 | 2 Foxitsoftware, Microsoft | 3 Phantompdf, Reader, Windows | 2019-10-09 | 4.3 MEDIUM | 5.5 MEDIUM |
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit Reader 9.5.0.20723. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the processing of the util.printf Javascript method. The application processes the %p parameter in the format string, allowing heap addresses to be returned to the script. An attacker can leverage this in conjunction with other vulnerabilities to execute code in the context of the current process. Was ZDI-CAN-8544. | |||||
CVE-2018-1566 | 3 Ibm, Linux, Microsoft | 3 Db2, Linux Kernel, Windows | 2019-10-09 | 4.6 MEDIUM | 7.8 HIGH |
IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, 10.1, 10.5, and 11.1 could allow a local user to execute arbitrary code due to a format string error. IBM X-Force ID: 143023. | |||||
CVE-2018-14799 | 1 Philips | 10 Pagewriter Tc10, Pagewriter Tc10 Firmware, Pagewriter Tc20 and 7 more | 2019-10-09 | 4.6 MEDIUM | 3.7 LOW |
In Philips PageWriter TC10, TC20, TC30, TC50, TC70 Cardiographs, all versions prior to May 2018, the PageWriter device does not sanitize data entered by user. This can lead to buffer overflow or format string vulnerabilities. | |||||
CVE-2018-0175 | 2 Cisco, Rockwellautomation | 9 Ios, Ios Xe, Ios Xr and 6 more | 2019-10-09 | 7.9 HIGH | 8.0 HIGH |
Format String vulnerability in the Link Layer Discovery Protocol (LLDP) subsystem of Cisco IOS Software, Cisco IOS XE Software, and Cisco IOS XR Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition or execute arbitrary code with elevated privileges on an affected device. Cisco Bug IDs: CSCvd73664. |