Total
368 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2015-6285 | 1 Cisco | 1 Email Security Appliance | 2025-04-12 | N/A |
| Format string vulnerability in Cisco Email Security Appliance (ESA) 7.6.0 and 8.0.0 allows remote attackers to cause a denial of service (memory overwrite or service outage) via format string specifiers in an HTTP request, aka Bug ID CSCug21497. | ||||
| CVE-2014-2490 | 4 Debian, Hp, Oracle and 1 more | 6 Debian Linux, Hp-ux, Jdk and 3 more | 2025-04-12 | N/A |
| Unspecified vulnerability in the Java SE component in Oracle Java SE 7u60 and SE 8u5 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Hotspot. | ||||
| CVE-2014-8625 | 1 Debian | 1 Dpkg | 2025-04-12 | N/A |
| Multiple format string vulnerabilities in the parse_error_msg function in parsehelp.c in dpkg before 1.17.22 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via format string specifiers in the (1) package or (2) architecture name. | ||||
| CVE-2015-8617 | 1 Php | 1 Php | 2025-04-12 | N/A |
| Format string vulnerability in the zend_throw_or_error function in Zend/zend_execute_API.c in PHP 7.x before 7.0.1 allows remote attackers to execute arbitrary code via format string specifiers in a string that is misused as a class name, leading to incorrect error handling. | ||||
| CVE-2009-5141 | 1 Jgaa | 1 Warftpd | 2025-04-12 | N/A |
| Format string vulnerability in War FTP Daemon (warftpd) 1.82 RC 12 allows remote authenticated users to cause a denial of service (crash) via format string specifiers in a LIST command. | ||||
| CVE-2014-9157 | 2 Debian, Graphviz | 2 Debian Linux, Graphviz | 2025-04-12 | N/A |
| Format string vulnerability in the yyerror function in lib/cgraph/scan.l in Graphviz allows remote attackers to have unspecified impact via format string specifiers in unknown vectors, which are not properly handled in an error string. | ||||
| CVE-2016-4071 | 3 Apple, Php, Redhat | 3 Mac Os X, Php, Rhel Software Collections | 2025-04-12 | N/A |
| Format string vulnerability in the php_snmp_error function in ext/snmp/snmp.c in PHP before 5.5.34, 5.6.x before 5.6.20, and 7.x before 7.0.5 allows remote attackers to execute arbitrary code via format string specifiers in an SNMP::get call. | ||||
| CVE-2012-2090 | 2 Flightgear, Simgear | 2 Flightgear, Simgear | 2025-04-11 | N/A |
| Multiple format string vulnerabilities in FlightGear 2.6 and earlier and SimGear 2.6 and earlier allow user-assisted remote attackers to cause a denial of service and possibly execute arbitrary code via format string specifiers in certain data chunk values in an aircraft xml model to (1) fgfs/flightgear/src/Cockpit/panel.cxx or (2) fgfs/flightgear/src/Network/generic.cxx, or (3) a scene graph model to simgear/simgear/scene/model/SGText.cxx. | ||||
| CVE-2012-1151 | 2 Perl, Redhat | 2 Perl, Enterprise Linux | 2025-04-11 | N/A |
| Multiple format string vulnerabilities in dbdimp.c in DBD::Pg (aka DBD-Pg or libdbd-pg-perl) module before 2.19.0 for Perl allow remote PostgreSQL database servers to cause a denial of service (process crash) via format string specifiers in (1) a crafted database warning to the pg_warn function or (2) a crafted DBD statement to the dbd_st_prepare function. | ||||
| CVE-2012-0809 | 1 Todd Miller | 1 Sudo | 2025-04-11 | N/A |
| Format string vulnerability in the sudo_debug function in Sudo 1.8.0 through 1.8.3p1 allows local users to execute arbitrary code via format string sequences in the program name for sudo. | ||||
| CVE-2012-0242 | 1 Advantech | 1 Advantech Webaccess | 2025-04-11 | N/A |
| Format string vulnerability in Advantech/BroadWin WebAccess before 7.0 allows remote attackers to execute arbitrary code via format string specifiers in a message string. | ||||
| CVE-2011-4930 | 3 Condor Project, Fedoraproject, Redhat | 3 Condor, Fedora, Enterprise Mrg | 2025-04-11 | N/A |
| Multiple format string vulnerabilities in Condor 7.2.0 through 7.6.4, and possibly certain 7.7.x versions, as used in Red Hat MRG Grid and possibly other products, allow local users to cause a denial of service (condor_schedd daemon and failure to launch jobs) and possibly execute arbitrary code via format string specifiers in (1) the reason for a hold for a job that uses an XML user log, (2) the filename of a file to be transferred, and possibly other unspecified vectors. | ||||
| CVE-2013-4389 | 4 Debian, Opensuse, Redhat and 1 more | 4 Debian Linux, Opensuse, Cloudforms Managementengine and 1 more | 2025-04-11 | N/A |
| Multiple format string vulnerabilities in log_subscriber.rb files in the log subscriber component in Action Mailer in Ruby on Rails 3.x before 3.2.15 allow remote attackers to cause a denial of service via a crafted e-mail address that is improperly handled during construction of a log message. | ||||
| CVE-2011-1568 | 1 7t | 1 Igss | 2025-04-11 | N/A |
| Format string vulnerability in the logText function in shmemmgr9.dll in IGSSdataServer.exe 9.00.00.11074, and 9.00.00.11063 and earlier, in 7-Technologies Interactive Graphical SCADA System (IGSS) allows remote attackers to cause a denial of service and possibly execute arbitrary code, as demonstrated using the RMS Reports Delete command, related to the logging of messages to GSST.LOG. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2013-4258 | 1 Radscan | 1 Network Audio System | 2025-04-11 | N/A |
| Format string vulnerability in the osLogMsg function in server/os/aulog.c in Network Audio System (NAS) 1.9.3 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via format string specifiers in unspecified vectors, related to syslog. | ||||
| CVE-2011-0185 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2025-04-11 | N/A |
| Format string vulnerability in the debug-logging feature in Application Firewall in Apple Mac OS X before 10.7.2 allows local users to gain privileges via a crafted name of an executable file. | ||||
| CVE-2010-4235 | 1 Realnetworks | 2 Helix Mobile Server, Helix Server | 2025-04-11 | N/A |
| Format string vulnerability in RealNetworks Helix Server 12.x, 13.x, and 14.x before 14.2, and Helix Mobile Server 12.x, 13.x, and 14.x before 14.2, allows remote attackers to execute arbitrary code via vectors related to the x-wap-profile HTTP header. | ||||
| CVE-2010-1376 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2025-04-11 | N/A |
| Multiple format string vulnerabilities in Network Authorization in Apple Mac OS X 10.6 before 10.6.4 allow remote attackers to execute arbitrary code or cause a denial of service (application crash) via format string specifiers in a (1) afp, (2) cifs, or (3) smb URL. | ||||
| CVE-2012-1152 | 1 Ingy | 1 Yaml\ | 2025-04-11 | N/A |
| Multiple format string vulnerabilities in the error reporting functionality in the YAML::LibYAML (aka YAML-LibYAML and perl-YAML-LibYAML) module 0.38 for Perl allow remote attackers to cause a denial of service (process crash) via format string specifiers in a (1) YAML stream to the Load function, (2) YAML node to the load_node function, (3) YAML mapping to the load_mapping function, or (4) YAML sequence to the load_sequence function. | ||||
| CVE-2009-4014 | 1 Debian | 1 Lintian | 2025-04-11 | N/A |
| Multiple format string vulnerabilities in Lintian 1.23.x through 1.23.28, 1.24.x through 1.24.2.1, and 2.x before 2.3.2 allow remote attackers to have an unspecified impact via vectors involving (1) check scripts and (2) the Lintian::Schedule module. | ||||