Search
Total
267 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2018-7544 | 1 Openvpn | 1 Openvpn | 2018-04-10 | 6.4 MEDIUM | 9.1 CRITICAL |
| ** DISPUTED ** A cross-protocol scripting issue was discovered in the management interface in OpenVPN through 2.4.5. When this interface is enabled over TCP without a password, and when no other clients are connected to this interface, attackers can execute arbitrary management commands, obtain sensitive information, or cause a denial of service (SIGTERM) by triggering XMLHttpRequest actions in a web browser. This is demonstrated by a multipart/form-data POST to http://localhost:23000 with a "signal SIGTERM" command in a TEXTAREA element. NOTE: The vendor disputes that this is a vulnerability. They state that this is the result of improper configuration of the OpenVPN instance rather than an intrinsic vulnerability, and now more explicitly warn against such configurations in both the management-interface documentation, and with a runtime warning. | |||||
| CVE-2017-17132 | 1 Huawei | 2 Vp9660, Vp9660 Firmware | 2018-03-27 | 2.1 LOW | 5.5 MEDIUM |
| Huawei VP9660 V500R002C10 has a uncontrolled format string vulnerability when the license module output the log information. An authenticated local attacker could exploit this vulnerability to cause a denial of service. | |||||
| CVE-2018-6317 | 1 Claymore Dual Miner Project | 1 Claymore Dual Miner | 2018-02-15 | 6.4 MEDIUM | 9.1 CRITICAL |
| The remote management interface in Claymore Dual Miner 10.5 and earlier is vulnerable to an unauthenticated format string vulnerability, allowing remote attackers to read memory or cause a denial of service. | |||||
| CVE-2018-5704 | 2 Debian, Openocd | 2 Debian Linux, Open On-chip Debugger | 2018-02-09 | 9.3 HIGH | 9.6 CRITICAL |
| Open On-Chip Debugger (OpenOCD) 0.10.0 does not block attempts to use HTTP POST for sending data to 127.0.0.1 port 4444, which allows remote attackers to conduct cross-protocol scripting attacks, and consequently execute arbitrary commands, via a crafted web site. | |||||
| CVE-2012-2369 | 2 Cypherpunks, Pidgin | 2 Pidgin-otr, Pidgin | 2018-01-06 | 7.5 HIGH | N/A |
| Format string vulnerability in the log_message_cb function in otr-plugin.c in the Off-the-Record Messaging (OTR) pidgin-otr plugin before 3.2.1 for Pidgin might allow remote attackers to execute arbitrary code via format string specifiers in data that generates a log message. | |||||
| CVE-2012-0242 | 1 Advantech | 1 Advantech Webaccess | 2018-01-05 | 10.0 HIGH | N/A |
| Format string vulnerability in Advantech/BroadWin WebAccess before 7.0 allows remote attackers to execute arbitrary code via format string specifiers in a message string. | |||||
| CVE-2012-0809 | 1 Todd Miller | 1 Sudo | 2018-01-05 | 7.2 HIGH | N/A |
| Format string vulnerability in the sudo_debug function in Sudo 1.8.0 through 1.8.3p1 allows local users to execute arbitrary code via format string sequences in the program name for sudo. | |||||
| CVE-2007-4550 | 1 Altools | 1 Alpass | 2017-11-16 | 5.1 MEDIUM | N/A |
| Format string vulnerability in ALPass 2.7 English and 3.02 Korean might allow user-assisted remote attackers to execute arbitrary code via format string specifiers in an fnm field in a folder-name record in an ALPASS DB (APW) file. | |||||
| CVE-2007-0344 | 1 Colloquy | 1 Colloquy | 2017-10-19 | 7.5 HIGH | N/A |
| Multiple format string vulnerabilities in (1) _invitedToRoom: and (2) _invitedToDirectChat: in Colloquy 2.1 and earlier allow remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via format string specifiers in the channel name of an INVITE request, related to the implementation of AlertSheet and AlertPanel in Apple AppKit. | |||||
| CVE-2014-8170 | 2 Ovirt, Redhat | 2 Ovirt-node, Enterprise Virtualization | 2017-10-11 | 9.0 HIGH | 8.8 HIGH |
| ovirt_safe_delete_config in ovirtfunctions.py and other unspecified locations in ovirt-node 3.0.0-474-gb852fd7 as packaged in Red Hat Enterprise Virtualization 3 do not properly quote input strings, which allows remote authenticated users and physically proximate attackers to execute arbitrary commands via a ; (semicolon) in an input string. | |||||
| CVE-2007-2027 | 1 Elinks | 1 Elinks | 2017-10-11 | 4.4 MEDIUM | N/A |
| Untrusted search path vulnerability in the add_filename_to_string function in intl/gettext/loadmsgcat.c for Elinks 0.11.1 allows local users to cause Elinks to use an untrusted gettext message catalog (.po file) in a "../po" directory, which can be leveraged to conduct format string attacks. | |||||
| CVE-2007-1006 | 1 Ekiga | 1 Ekiga | 2017-10-11 | 10.0 HIGH | N/A |
| Multiple format string vulnerabilities in the gm_main_window_flash_message function in Ekiga before 2.0.5 allow attackers to cause a denial of service and possibly execute arbitrary code via a crafted Q.931 SETUP packet. | |||||
| CVE-2007-0017 | 1 Videolan | 1 Vlc Media Player | 2017-10-11 | 6.8 MEDIUM | N/A |
| Multiple format string vulnerabilities in (1) the cdio_log_handler function in modules/access/cdda/access.c in the CDDA (libcdda_plugin) plugin, and the (2) cdio_log_handler and (3) vcd_log_handler functions in modules/access/vcdx/access.c in the VCDX (libvcdx_plugin) plugin, in VideoLAN VLC 0.7.0 through 0.8.6 allow user-assisted remote attackers to execute arbitrary code via format string specifiers in an invalid URI, as demonstrated by a udp://-- URI in an M3U file. | |||||
| CVE-2008-6519 | 1 Imatix | 1 Xitami | 2017-09-29 | 10.0 HIGH | N/A |
| Format string vulnerability in Xitami Web Server 2.2a through 2.5c2, and possibly other versions, allows remote attackers to cause a denial of service (daemon crash) and possibly execute arbitrary code via format string specifiers in a Long Running Web Process (LRWP) request, which triggers incorrect logging code involving the sendfmt function in the SMT kernel. | |||||
| CVE-2008-7074 | 1 Memcode | 1 I.scribe | 2017-09-29 | 9.3 HIGH | N/A |
| Format string vulnerability in MemeCode Software i.Scribe 1.88 through 2.00 before Beta9 allows remote SMTP servers to cause a denial of service (crash) and possibly execute arbitrary code via format string specifiers in a server response, which is not properly handled "when displaying the signon message." | |||||
| CVE-2008-3734 | 1 Ipswitch | 2 Ws Ftp Home, Ws Ftp Pro | 2017-09-29 | 9.3 HIGH | N/A |
| Format string vulnerability in Ipswitch WS_FTP Home 2007.0.0.2 and WS_FTP Professional 2007.1.0.0 allows remote FTP servers to cause a denial of service (application crash) or possibly execute arbitrary code via format string specifiers in a connection greeting (response). | |||||
| CVE-2008-1127 | 1 Crytek | 1 Crysis | 2017-09-29 | 6.0 MEDIUM | N/A |
| Format string vulnerability in the cryactio function in Crysis 1.1.1.5879 allows remote authenticated users to execute arbitrary code via format string specifiers in the user name, which is triggered when the game character is killed. | |||||
| CVE-2010-0743 | 2 Iscsitarget, Zaal | 2 Iscsitarget, Tgt | 2017-09-19 | 5.0 MEDIUM | N/A |
| Multiple format string vulnerabilities in isns.c in (1) Linux SCSI target framework (aka tgt or scsi-target-utils) 1.0.3, 0.9.5, and earlier and (2) iSCSI Enterprise Target (aka iscsitarget) 0.4.16 allow remote attackers to cause a denial of service (tgtd daemon crash) or possibly have unspecified other impact via vectors that involve the isns_attr_query and qry_rsp_handle functions, and are related to (a) client appearance and (b) client disappearance messages. | |||||
| CVE-2009-4775 | 1 Ipswitch | 1 Ws Ftp | 2017-09-19 | 4.3 MEDIUM | N/A |
| Format string vulnerability in Ipswitch WS_FTP Professional 12 before 12.2 allows remote attackers to cause a denial of service (crash) via format string specifiers in the status code portion of an HTTP response. | |||||
| CVE-2009-3663 | 1 Jasper | 1 Httpdx | 2017-09-19 | 10.0 HIGH | N/A |
| Format string vulnerability in the h_readrequest function in http.c in httpdx Web Server 1.4 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via format string specifiers in the Host header. | |||||
| CVE-2015-8617 | 1 Php | 1 Php | 2017-09-10 | 10.0 HIGH | 9.8 CRITICAL |
| Format string vulnerability in the zend_throw_or_error function in Zend/zend_execute_API.c in PHP 7.x before 7.0.1 allows remote attackers to execute arbitrary code via format string specifiers in a string that is misused as a class name, leading to incorrect error handling. | |||||
| CVE-2014-8625 | 1 Debian | 1 Dpkg | 2017-09-08 | 6.8 MEDIUM | N/A |
| Multiple format string vulnerabilities in the parse_error_msg function in parsehelp.c in dpkg before 1.17.22 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via format string specifiers in the (1) package or (2) architecture name. | |||||
| CVE-2014-9157 | 2 Debian, Graphviz | 2 Debian Linux, Graphviz | 2017-09-08 | 7.5 HIGH | N/A |
| Format string vulnerability in the yyerror function in lib/cgraph/scan.l in Graphviz allows remote attackers to have unspecified impact via format string specifiers in unknown vectors, which are not properly handled in an error string. | |||||
| CVE-2016-1895 | 1 Netapp | 1 Data Ontap | 2017-09-06 | 4.0 MEDIUM | 6.5 MEDIUM |
| NetApp Data ONTAP before 8.2.5 and 8.3.x before 8.3.2P12 allow remote authenticated users to cause a denial of service via vectors related to unsafe user input string handling. | |||||
| CVE-2013-6809 | 1 Philippe Jounin | 1 Tftpd32 | 2017-08-29 | 5.0 MEDIUM | N/A |
| Format string vulnerability in the client in Tftpd32 before 4.50 allows remote servers to cause a denial of service (crash) or possibly execute arbitrary code via format string specifiers in the Remote File field. | |||||
| CVE-2014-1683 | 1 Skybluecanvas | 1 Skybluecanvas | 2017-08-29 | 6.8 MEDIUM | N/A |
| The bashMail function in cms/data/skins/techjunkie/fragments/contacts/functions.php in SkyBlueCanvas CMS before 1.1 r248-04, when the pid parameter is 4, allows remote attackers to execute arbitrary commands via shell metacharacters in the (1) name, (2) email, (3) subject, or (4) message parameter to index.php. | |||||
| CVE-2013-4147 | 1 Yard Radius Project | 1 Yard Radius | 2017-08-29 | 7.5 HIGH | N/A |
| Multiple format string vulnerabilities in Yet Another Radius Daemon (YARD RADIUS) 1.1.2 allow context-dependent attackers to cause a denial of service (crash) or possibly execute arbitrary code via format string specifiers in a request in the (1) log_msg function in log.c or (2) version or (3) build_version function in version.c. | |||||
| CVE-2012-1152 | 1 Ingy | 1 Yaml\ | 2017-08-29 | 5.0 MEDIUM | N/A |
| Multiple format string vulnerabilities in the error reporting functionality in the YAML::LibYAML (aka YAML-LibYAML and perl-YAML-LibYAML) module 0.38 for Perl allow remote attackers to cause a denial of service (process crash) via format string specifiers in a (1) YAML stream to the Load function, (2) YAML node to the load_node function, (3) YAML mapping to the load_mapping function, or (4) YAML sequence to the load_sequence function. | |||||
| CVE-2012-3569 | 2 Microsoft, Vmware | 4 Windows, Ovf Tool, Player and 1 more | 2017-08-29 | 9.3 HIGH | N/A |
| Format string vulnerability in VMware OVF Tool 2.1 on Windows, as used in VMware Workstation 8.x before 8.0.5, VMware Player 4.x before 4.0.5, and other products, allows user-assisted remote attackers to execute arbitrary code via a crafted OVF file. | |||||
| CVE-2012-2090 | 2 Flightgear, Simgear | 2 Flightgear, Simgear | 2017-08-29 | 9.3 HIGH | N/A |
| Multiple format string vulnerabilities in FlightGear 2.6 and earlier and SimGear 2.6 and earlier allow user-assisted remote attackers to cause a denial of service and possibly execute arbitrary code via format string specifiers in certain data chunk values in an aircraft xml model to (1) fgfs/flightgear/src/Cockpit/panel.cxx or (2) fgfs/flightgear/src/Network/generic.cxx, or (3) a scene graph model to simgear/simgear/scene/model/SGText.cxx. | |||||
| CVE-2012-1151 | 1 Perl | 1 Perl | 2017-08-29 | 5.0 MEDIUM | N/A |
| Multiple format string vulnerabilities in dbdimp.c in DBD::Pg (aka DBD-Pg or libdbd-pg-perl) module before 2.19.0 for Perl allow remote PostgreSQL database servers to cause a denial of service (process crash) via format string specifiers in (1) a crafted database warning to the pg_warn function or (2) a crafted DBD statement to the dbd_st_prepare function. | |||||
| CVE-2011-4357 | 1 Brandon Long | 1 Clearsilver | 2017-08-29 | 7.5 HIGH | N/A |
| Format string vulnerability in the p_cgi_error function in python/neo_cgi.c in the Python CGI Kit (neo_cgi) module for Clearsilver 0.10.5 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via format string specifiers that are not properly handled when creating CGI error messages using the cgi_error API function. | |||||
| CVE-2011-1153 | 1 Php | 1 Php | 2017-08-17 | 7.5 HIGH | N/A |
| Multiple format string vulnerabilities in phar_object.c in the phar extension in PHP 5.3.5 and earlier allow context-dependent attackers to obtain sensitive information from process memory, cause a denial of service (memory corruption), or possibly execute arbitrary code via format string specifiers in an argument to a class method, leading to an incorrect zend_throw_exception_ex call. | |||||
| CVE-2011-0270 | 1 Hp | 1 Openview Network Node Manager | 2017-08-17 | 10.0 HIGH | N/A |
| Format string vulnerability in nnmRptConfig.exe in HP OpenView Network Node Manager (OV NNM) 7.51 and 7.53 allows remote attackers to execute arbitrary code via format string specifiers in input data that involves an invalid template name. | |||||
| CVE-2010-0388 | 1 Sun | 1 Java System Web Server | 2017-08-17 | 7.5 HIGH | N/A |
| Format string vulnerability in the WebDAV implementation in webservd in Sun Java System Web Server 7.0 Update 6 allows remote attackers to cause a denial of service (daemon crash) and possibly have unspecified other impact via format string specifiers in the encoding attribute of the XML declaration in a PROPFIND request. | |||||
| CVE-2009-2191 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2017-08-17 | 7.5 HIGH | N/A |
| Format string vulnerability in Login Window in Apple Mac OS X 10.4.11 and 10.5 before 10.5.8 allows attackers to execute arbitrary code or cause a denial of service (application crash) via format string specifiers in an application name. | |||||
| CVE-2009-1886 | 1 Samba | 1 Samba | 2017-08-17 | 9.3 HIGH | N/A |
| Multiple format string vulnerabilities in client/client.c in smbclient in Samba 3.2.0 through 3.2.12 might allow context-dependent attackers to execute arbitrary code via format string specifiers in a filename. | |||||
| CVE-2009-2916 | 1 2kgames | 1 Vietcong 2 | 2017-08-17 | 9.3 HIGH | N/A |
| Format string vulnerability in the CNS_AddTxt function in logs.dll in 2K Games Vietcong 2 1.10 and earlier might allow remote attackers to execute arbitrary code via format string specifiers in the nickname. | |||||
| CVE-2008-7159 | 1 Silcnet | 1 Silc Toolkit | 2017-08-17 | 5.8 MEDIUM | N/A |
| The silc_asn1_encoder function in lib/silcasn1/silcasn1_encode.c in Secure Internet Live Conferencing (SILC) Toolkit before 1.1.8 allows remote attackers to overwrite a stack location and possibly execute arbitrary code via a crafted OID value, related to incorrect use of a %lu format string. | |||||
| CVE-2008-6395 | 1 3com | 1 Wireless 8760 Dual-radio | 2017-08-17 | 7.8 HIGH | N/A |
| The web management interface in 3Com Wireless 8760 Dual Radio 11a/b/g PoE Access Point allows remote attackers to cause a denial of service (device crash) via a malformed HTTP POST request. | |||||
| CVE-2008-6520 | 1 Imatix | 1 Xitami | 2017-08-17 | 10.0 HIGH | N/A |
| Multiple format string vulnerabilities in the SSI filter in Xitami Web Server 2.5c2, and possibly other versions, allow remote attackers to cause a denial of service (daemon crash) and possibly execute arbitrary code via format string specifiers in a URI that ends in (1) .ssi, (2) .shtm, or (3) .shtml, which triggers incorrect logging code involving the sendfmt function in the SMT kernel. | |||||
| CVE-2017-12588 | 1 Rsyslog | 1 Rsyslog | 2017-08-14 | 7.5 HIGH | 9.8 CRITICAL |
| The zmq3 input and output modules in rsyslog before 8.28.0 interpreted description fields as format strings, possibly allowing a format string attack with unspecified impact. | |||||
| CVE-2008-3940 | 1 Hp | 1 Openvms | 2017-08-08 | 4.4 MEDIUM | N/A |
| Format string vulnerability in the finger client in HP TCP/IP Services for OpenVMS 5.x allows local users to gain privileges via format string specifiers in a (1) .plan or (2) .project file. | |||||
| CVE-2008-3533 | 1 Gnome | 2 Gnome, Yelp | 2017-08-08 | 10.0 HIGH | N/A |
| Format string vulnerability in the window_error function in yelp-window.c in yelp in Gnome after 2.19.90 and before 2.24 allows remote attackers to execute arbitrary code via format string specifiers in an invalid URI on the command line, as demonstrated by use of yelp within (1) man or (2) ghelp URI handlers in Firefox, Evolution, and unspecified other programs. | |||||
| CVE-2008-1658 | 1 Freedesktop | 1 Policykit | 2017-08-08 | 4.6 MEDIUM | N/A |
| Format string vulnerability in the grant helper (polkit-grant-helper.c) in PolicyKit 0.7 and earlier allows attackers to cause a denial of service (crash) and possibly execute arbitrary code via format strings in a password. | |||||
| CVE-2008-2310 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2017-08-08 | 6.8 MEDIUM | N/A |
| Format string vulnerability in c++filt in Apple Mac OS X 10.5 before 10.5.4 allows user-assisted attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted string in (1) C++ or (2) Java source code. | |||||
| CVE-2007-6625 | 1 Novell | 1 Identity Manager | 2017-08-08 | 5.0 MEDIUM | N/A |
| The Platform Service Process (asampsp) in Fan-Out Driver Platform Services for Novell Identity Manager (IDM) 3.5.1 allows remote attackers to cause a denial of service (daemon crash) via unspecified network traffic that triggers a syslog message containing invalid format string specifiers, as demonstrated by a Nessus scan. | |||||
| CVE-2008-1206 | 1 Linux Kiss Server | 1 Linux Kiss Server | 2017-08-08 | 6.8 MEDIUM | N/A |
| Format string vulnerability in the log_message function in lks.c in Linux Kiss Server 1.2, when background (daemon) mode is disabled, allows remote attackers to cause a denial of service (crash) or execute arbitrary code via format string specifiers in an invalid command. | |||||
| CVE-2008-0989 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2017-08-08 | 6.9 MEDIUM | N/A |
| Format string vulnerability in mDNSResponderHelper in Apple Mac OS X 10.5.2 allows local users to execute arbitrary code via format string specifiers in the local hostname. | |||||
| CVE-2008-0963 | 1 Emc | 1 Diskxtender | 2017-08-08 | 9.0 HIGH | N/A |
| Format string vulnerability in EMC DiskXtender MediaStor 6.20.060 allows remote authenticated users to execute arbitrary code via a crafted message to the RPC interface. | |||||