CWE-134

High likelihood

Use of Externally-Controlled Format String

Parent: CWE-668 - Exposure of Resource to Wrong Sphere

The product uses a function that accepts a format string as an argument, but the format string originates from an external source.

387 vulnerabilities with CWE-134
CVE-2021-28846 MEDIUM
TRENDnet TEW-755AP/755AP2KAC/821DAP2KAC/825DAP 1.11B03 - Denial of Service via Format String in apply_cgi
CVSS 6.5
CVE-2021-32785 MEDIUM
Apache 2.x <2.4.9 - Command Injection
CVSS 5.3
CVE-2021-35331 HIGH
Tcl 8.6.11 - Use-After-Free in nmakehlp.c
CVSS 7.8
CVE-2021-33535 HIGH
Weidmueller Industrial WLAN Devices < 1.16.18 - Authenticated Remote Code Execution via Time Server Buffer Overflow
CVSS 8.8
CVE-2021-29740 HIGH
IBM Spectrum Scale 5.0.0-5.0.5.6 and 5.1.0-5.1.0.3 - Format String Vulnerability
CVSS 7.8
CVE-2021-30145 HIGH
mpv <=0.33.0 - Code Execution via Crafted m3u Playlist
CVSS 7.8
CVE-2021-20307 CRITICAL
libpano13 < 2.9.19 - Format String Vulnerability in panoFileOutputNamesCreate()
CVSS 9.8
CVE-2020-36619 MEDIUM
multimon-ng < 1.2.0 - Format String Vulnerability in demod_flex.c add_ch Function
CVSS 5.5
CVE-2020-36323 HIGH
Rust < 1.52.0 - Use-After-Free via String Join Optimization
CVSS 8.2
CVE-2020-29018 HIGH
FortiWeb 6.3.0-6.3.5 - Authenticated Format String Injection via Redir Parameter
CVSS 8.8
CVE-2020-35869 CRITICAL
rusqlite < 0.23.0 - Use of Externally-Controlled Format String in Trace Log
CVSS 9.8
CVE-2020-27524 HIGH
Audi A7 MMI <N+R_CN_AU_P0395 - Info Disclosure
CVSS 7.1
CVE-2020-27523 HIGH
Solstice-Pod < 5.0.2 - Unauthenticated Denial of Service via Format String in WEBRTC Parameters
CVSS 7.5
CVE-2020-27853 CRITICAL
Wire < 3.21.2936/3.21.3932/3.21.3959, 5.3-6.3, < 3.49.918, < 3.61 - RCE via SDP Media Attribute Format String
CVSS 9.8
CVE-2020-15203 HIGH
Tensorflow <2.3.1 - Memory Corruption
CVSS 7.5
CVE-2020-16142 LOW
Mercedes-Benz COMAND - Format String Injection via Bluetooth Device Name
CVSS 3.5
CVE-2020-15634 MEDIUM
NETGEAR R6700 Firmware < 1.0.4.98 - Unauthenticated Remote Code Execution via String Table File Upload
CVSS 6.3
CVE-2020-13160 CRITICAL
AnyDesk < 5.5.3 - Remote Code Execution via Format String Vulnerability
CVSS 9.8
CVE-2020-1992 HIGH
PAN-OS 9.0.0-9.0.6 - Use-After-Free in Varrcvr Daemon via WildFire Log Forwarding
CVSS 8.1
CVE-2020-1979 HIGH
PAN-OS < 8.1.13 - Remote Code Execution via Format String in Log Daemon
CVSS 8.1
CVE-2020-3118 HIGH KEV
Cisco IOS XR >=6.6.0 <6.6.12 - Unauthenticated Remote Code Execution via Cisco Discovery Protocol Format String
CVSS 8.8
CVE-2019-5143 HIGH
Moxa AWK-3131A Firmware 1.13 - Authenticated Remote Code Execution via Format String in iw_console conio_writestr
CVSS 8.8
CVE-2019-11287 HIGH
RabbitMQ 3.7.0-3.7.20 and 3.8.0 - Denial of Service via X-Reason HTTP Header Format String
CVSS 7.5
CVE-2019-18420 MEDIUM
Xen < 4.12.1 - Denial of Service via VCPUOP_initialise Hypercall Format String
CVSS 6.5
CVE-2019-13318 MEDIUM
Foxit Reader < 9.5.0.20723 and PhantomPDF < 8.3.10.42705 - Information Disclosure via util.printf Format String
CVSS 5.5
Details
Vulnerabilities 387
Exploit Likelihood High
Links
MITRE CWE Entry Search this CWE With Exploits