Vulnerabilities > Use of Externally-Controlled Format String
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-10-06 | CVE-2021-25489 | Use of Externally-Controlled Format String vulnerability in Google Android Assuming radio permission is gained, missing input validation in modem interface driver prior to SMR Oct-2021 Release 1 results in format string bug leading to kernel panic. | 4.9 |
| 2021-09-09 | CVE-2021-36161 | Use of Externally-Controlled Format String vulnerability in Apache Dubbo Some component in Dubbo will try to print the formated string of the input arguments, which will possibly cause RCE for a maliciously customized bean with special toString method. | 7.5 |
| 2021-08-25 | CVE-2021-33886 | Use of Externally-Controlled Format String vulnerability in Bbraun Spacecom2 An improper sanitization of input vulnerability in B. | 5.8 |
| 2021-07-22 | CVE-2021-32785 | Use of Externally-Controlled Format String vulnerability in multiple products mod_auth_openidc is an authentication/authorization module for the Apache 2.x HTTP server that functions as an OpenID Connect Relying Party, authenticating users against an OpenID Connect Provider. | 7.5 |
| 2021-07-05 | CVE-2021-35331 | Use of Externally-Controlled Format String vulnerability in TCL 8.6.11 In Tcl 8.6.11, a format string vulnerability in nmakehlp.c might allow code execution via a crafted file. | 7.8 |
| 2021-06-25 | CVE-2021-33535 | Use of Externally-Controlled Format String vulnerability in Weidmueller products In Weidmueller Industrial WLAN devices in multiple versions an exploitable format string vulnerability exists in the iw_console conio_writestr functionality. | 6.5 |
| 2021-06-01 | CVE-2021-29740 | Use of Externally-Controlled Format String vulnerability in IBM Spectrum Scale IBM Spectrum Scale 5.0.0 through 5.0.5.6 and 5.1.0 through 5.1.0.3 system core component is affected by a format string security vulnerability. | 7.2 |
| 2021-05-18 | CVE-2021-30145 | Use of Externally-Controlled Format String vulnerability in MPV A format string vulnerability in mpv through 0.33.0 allows user-assisted remote attackers to achieve code execution via a crafted m3u playlist file. | 6.8 |
| 2021-04-14 | CVE-2020-36323 | Use of Externally-Controlled Format String vulnerability in multiple products In the standard library in Rust before 1.52.0, there is an optimization for joining strings that can cause uninitialized bytes to be exposed (or the program to crash) if the borrowed string changes after its length is checked. | 8.2 |
| 2021-04-05 | CVE-2021-20307 | Use of Externally-Controlled Format String vulnerability in multiple products Format string vulnerability in panoFileOutputNamesCreate() in libpano13 2.9.20~rc2+dfsg-3 and earlier can lead to read and write arbitrary memory values. | 9.8 |