CVE Daily
← All tags

Tag: Format String Vulnerability

All CVEs associated with "Format String Vulnerability". Page 1/1 • 11 CVEs.

CVEs tagged with this topic. Filters apply to the whole list (loaded from JSON).

CVSS ≥ 0.0
2025-08-16
Low

CVE-2025-38539

In the Linux kernel, the following vulnerability has been resolved: tracing: Add down_write(trace_event_sem) when adding trace event When a module is loaded, it adds trace events defined by the mod…

CVSS: N/A CWE: N/A
Read more
Low

CVE-2025-38528

In the Linux kernel, the following vulnerability has been resolved: bpf: Reject %p% format string in bprintf-like helpers static const char fmt[] = "%p%"; bpf_trace_printk(fmt, sizeof(fmt)); T…

CVSS: N/A CWE: N/A
Read more
2025-08-13
Critical

CVE-2012-10055

ComSndFTP FTP Server version 1.3.7 Beta contains a format string vulnerability in its handling of the USER command. By sending a specially crafted username containing format specifiers, a remote atta…

CVSS: 9.3 CWE: CWE-134
Read more
2025-07-29
Critical

CVE-2025-40600

Use of Externally-Controlled Format String vulnerability in the SonicOS SSL VPN interface allows a remote unauthenticated attacker to cause service disruption.

CVSS: 9.8 CWE: CWE-134
Read more
2025-07-21
High

CVE-2025-46123

An issue was discovered in CommScope Ruckus Unleashed prior to 200.15.6.212.14 and 200.17.7.0.139, and in Ruckus ZoneDirector prior to 10.5.1.0.279, where the authenticated configuration endpoint `/a…

CVSS: 7.2 CWE: CWE-134
Read more
Critical

CVE-2025-46121

An issue was discovered in CommScope Ruckus Unleashed prior to 200.15.6.212.14 and 200.17.7.0.139, where the functions `stamgr_cfg_adpt_addStaFavourite` and `stamgr_cfg_adpt_addStaIot` pass a client…

CVSS: 9.8 CWE: CWE-134
Read more
2025-07-14
Low

CVE-2025-53014

ImageMagick is free and open-source software used for editing and manipulating digital images. Versions prior to 7.1.2-0 and 6.9.13-26 have a heap buffer overflow in the `InterpretImageFilename` func…

CVSS: 3.7 CWE: CWE-125
Read more
2025-03-20
High

CVE-2025-1040

AutoGPT versions 0.3.4 and earlier are vulnerable to a Server-Side Template Injection (SSTI) that could lead to Remote Code Execution (RCE). The vulnerability arises from the improper handling of use…

CVSS: 8.8 CWE: CWE-77
Read more
2025-03-11
High

CVE-2024-45324

A use of externally-controlled format string vulnerability [CWE-134] in FortiOS version 7.4.0 through 7.4.4, version 7.2.0 through 7.2.9, version 7.0.0 through 7.0.15 and before 6.4.15, FortiProxy ve…

CVSS: 7.2 CWE: CWE-134
Read more
2025-02-11
Medium

CVE-2023-40721

A use of externally-controlled format string vulnerability [CWE-134] in Fortinet FortiOS version 7.4.0 through 7.4.1 and before 7.2.6, FortiProxy version 7.4.0 and before 7.2.7, FortiPAM version 1.1.…

CVSS: 6.7 CWE: CWE-134
Read more
2024-05-07
Medium

CVE-2021-34970

Foxit PDF Reader print Method Use of Externally-Controlled Format String Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected…

CVSS: 5.5 CWE: CWE-134
Read more