Vulnerabilities > Use of Externally-Controlled Format String
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-02-12 | CVE-2022-43869 | Use of Externally-Controlled Format String vulnerability in IBM Elastic Storage System and Spectrum Scale IBM Spectrum Scale (5.1.0.0 through 5.1.2.8 and 5.1.3.0 through 5.1.5.1) and IBM Elastic Storage System (6.1.0.0 through 6.1.2.4 and 6.1.3.0 through 6.1.4.1) could allow an authenticated user to cause a denial of service through the GUI using a format string attack. | 6.5 |
| 2023-02-09 | CVE-2023-21420 | Use of Externally-Controlled Format String vulnerability in Samsung Android 10.0/11.0 Use of Externally-Controlled Format String vulnerabilities in STST TA prior to SMR Jan-2023 Release 1 allows arbitrary code execution. | 7.8 |
| 2023-02-01 | CVE-2023-22374 | Use of Externally-Controlled Format String vulnerability in F5 products A format string vulnerability exists in iControl SOAP that allows an authenticated attacker to crash the iControl SOAP CGI process or, potentially execute arbitrary code. | 8.5 |
| 2022-12-21 | CVE-2022-4639 | Use of Externally-Controlled Format String vulnerability in Sslh Project Sslh 2.0 A vulnerability, which was classified as critical, has been found in sslh. | 9.8 |
| 2022-12-19 | CVE-2020-36619 | Use of Externally-Controlled Format String vulnerability in Multimon-Ng Project Multimon-Ng A vulnerability was found in multimon-ng. | 9.8 |
| 2022-12-09 | CVE-2022-3724 | Use of Externally-Controlled Format String vulnerability in Wireshark Crash in the USB HID protocol dissector in Wireshark 3.6.0 to 3.6.8 allows denial of service via packet injection or crafted capture file on Windows | 7.5 |
| 2022-11-04 | CVE-2022-3023 | Use of Externally-Controlled Format String vulnerability in Pingcap Tidb Use of Externally-Controlled Format String in GitHub repository pingcap/tidb prior to 6.4.0, 6.1.3. | 9.8 |
| 2022-10-25 | CVE-2022-33938 | Use of Externally-Controlled Format String vulnerability in Goabode Iota All-In-One Security KIT Firmware 6.9X/6.9Z A format string injection vulnerability exists in the ghome_process_control_packet functionality of Abode Systems, Inc. | 9.8 |
| 2022-10-25 | CVE-2022-35244 | Use of Externally-Controlled Format String vulnerability in Goabode Iota All-In-One Security KIT Firmware 6.9X/6.9Z A format string injection vulnerability exists in the XCMD getVarHA functionality of abode systems, inc. | 9.8 |
| 2022-10-25 | CVE-2022-35874 | Use of Externally-Controlled Format String vulnerability in Goabode Iota All-In-One Security KIT Firmware 6.9X/6.9Z Four format string injection vulnerabilities exist in the XCMD testWifiAP functionality of Abode Systems, Inc. | 9.8 |