CWE-134

High likelihood

Use of Externally-Controlled Format String

Parent: CWE-668 - Exposure of Resource to Wrong Sphere

The product uses a function that accepts a format string as an argument, but the format string originates from an external source.

379 vulnerabilities with CWE-134
CVE-2023-45583 MEDIUM
Fortinet Fortiproxy < 7.0.12 - Format String Vulnerability
CVSS 6.7
CVE-2023-36640 MEDIUM
Fortinet FortiProxy <7.2.5 - Code Injection
CVSS 6.7
CVE-2023-48784 MEDIUM
FortiOS <7.4.1, <7.2.7, All 6.4 - Code Injection
CVSS 6.7
CVE-2023-41842 MEDIUM
Fortinet Fortianalyzer < 7.0.10 - Format String Vulnerability
CVSS 6.7
CVE-2023-29181 HIGH
Fortinet FortiOS <7.2.4 - RCE
CVSS 8.8
CVE-2023-6764 HIGH
Zyxel Atp100 Firmware < 5.37 - Format String Vulnerability
CVSS 8.1
CVE-2023-6399 MEDIUM
Zyxel ATP-USG FLEX- USG20-W-H <5.37.1 - DoS
CVSS 5.7
CVE-2023-24590 HIGH
Gallagher Controller 6000 <8.60.231116a - Use After Free
CVSS 7.5
CVE-2023-36639 HIGH
Fortinet FortiProxy <7.2.4 - RCE
CVSS 7.2
CVE-2023-48221 HIGH
Wire Audio, Video, And Signaling - Format String Vulnerability
CVSS 7.3
CVE-2023-5746 CRITICAL
Synology Bc500 Firmware < 1.0.5-0185 - Format String Vulnerability
CVSS 9.8
CVE-2023-41349 HIGH
ASUS router RT-AX88U - Format String Attack
CVSS 8.8
CVE-2023-39240 HIGH
Asus Rt-ax55 Firmware - Format String Vulnerability
CVSS 7.2
CVE-2023-39239 HIGH
Asus Rt-ax55 Firmware - Format String Vulnerability
CVSS 7.2
CVE-2023-39238 HIGH
Asus Rt-ax55 Firmware - Format String Vulnerability
CVSS 7.2
CVE-2023-4746 HIGH
Totolink N200re-v5 Firmware - Format String Vulnerability
CVSS 8.8
CVE-2023-35087 CRITICAL
Asus Rt-ac86u Firmware - Format String Vulnerability
CVSS 9.8
CVE-2023-35086 HIGH
Asus Rt-ac86u Firmware - Format String Vulnerability
CVSS 7.2
CVE-2023-33011 HIGH
Zyxel Usg 2200-vpn Firmware < 5.37 - Format String Vulnerability
CVSS 8.8
CVE-2023-2186 HIGH
Triangle MicroWorks' SCADA Data Gateway <= v5.01.03 - Info Disclosu...
CVSS 8.2
CVE-2023-21497 MEDIUM
Samsung Android - Format String Vulnerability
CVSS 4.4
CVE-2023-22923 MEDIUM
Zyxel Nbg-418n Firmware - Format String Vulnerability
CVSS 6.5
CVE-2023-25492 MEDIUM
Lenovo Thinkagile Hx5530 Firmware - Format String Vulnerability
CVSS 6.3
CVE-2023-25815 LOW
Git For Windows < 2.40.1 - Path Traversal
CVSS 3.3
CVE-2023-23783 MEDIUM
Fortinet Fortiweb < 6.4.2 - Format String Vulnerability
CVSS 6.7
Details
Vulnerabilities 379
Exploit Likelihood High
Links
MITRE CWE Entry Search this CWE With Exploits