Vulnerabilities > Use of Externally-Controlled Format String
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-05-01 | CVE-2023-22923 | Use of Externally-Controlled Format String vulnerability in Zyxel Nbg-418N Firmware 1.00(Aadz.3)C0/1.00(Aarp.10)C0/1.00(Aarp.13)C0 A format string vulnerability in a binary of the Zyxel NBG-418N v2 firmware versions prior to V1.00(AARP.14)C0 could allow a remote authenticated attacker to cause denial-of-service (DoS) conditions on an affected device. | 6.5 |
| 2023-05-01 | CVE-2023-25492 | Use of Externally-Controlled Format String vulnerability in Lenovo products A valid, authenticated user may be able to trigger a denial of service of the XCC web user interface or other undefined behavior through a format string injection vulnerability in a web interface API. | 8.8 |
| 2023-03-29 | CVE-2022-43619 | Use of Externally-Controlled Format String vulnerability in Dlink Dir-1935 Firmware 1.03 This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-1935 1.03 routers. | 6.8 |
| 2023-02-16 | CVE-2023-23783 | Use of Externally-Controlled Format String vulnerability in Fortinet Fortiweb A use of externally-controlled format string in Fortinet FortiWeb version 7.0.0 through 7.0.1, FortiWeb 6.4 all versions allows attacker to execute unauthorized code or commands via specially crafted command arguments. | 7.8 |
| 2023-02-09 | CVE-2023-21420 | Use of Externally-Controlled Format String vulnerability in Samsung Android 10.0/11.0 Use of Externally-Controlled Format String vulnerabilities in STST TA prior to SMR Jan-2023 Release 1 allows arbitrary code execution. | 7.8 |
| 2022-12-21 | CVE-2022-4639 | Use of Externally-Controlled Format String vulnerability in Sslh Project Sslh 2.0 A vulnerability, which was classified as critical, has been found in sslh. | 9.8 |
| 2022-12-19 | CVE-2020-36619 | Use of Externally-Controlled Format String vulnerability in Multimon-Ng Project Multimon-Ng A vulnerability was found in multimon-ng. | 9.8 |
| 2022-12-09 | CVE-2022-3724 | Use of Externally-Controlled Format String vulnerability in Wireshark Crash in the USB HID protocol dissector in Wireshark 3.6.0 to 3.6.8 allows denial of service via packet injection or crafted capture file on Windows | 7.5 |
| 2022-11-04 | CVE-2022-3023 | Use of Externally-Controlled Format String vulnerability in Pingcap Tidb Use of Externally-Controlled Format String in GitHub repository pingcap/tidb prior to 6.4.0, 6.1.3. | 9.8 |
| 2022-10-25 | CVE-2022-35244 | Use of Externally-Controlled Format String vulnerability in Goabode Iota All-In-One Security KIT Firmware 6.9X/6.9Z A format string injection vulnerability exists in the XCMD getVarHA functionality of abode systems, inc. | 9.8 |