Vulnerabilities > Use of Externally-Controlled Format String
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-07-22 | CVE-2021-32785 | Use of Externally-Controlled Format String vulnerability in multiple products mod_auth_openidc is an authentication/authorization module for the Apache 2.x HTTP server that functions as an OpenID Connect Relying Party, authenticating users against an OpenID Connect Provider. | 7.5 |
| 2021-07-05 | CVE-2021-35331 | Use of Externally-Controlled Format String vulnerability in TCL 8.6.11 In Tcl 8.6.11, a format string vulnerability in nmakehlp.c might allow code execution via a crafted file. | 7.8 |
| 2021-06-25 | CVE-2021-33535 | Use of Externally-Controlled Format String vulnerability in Weidmueller products In Weidmueller Industrial WLAN devices in multiple versions an exploitable format string vulnerability exists in the iw_console conio_writestr functionality. | 8.8 |
| 2021-06-01 | CVE-2021-29740 | Use of Externally-Controlled Format String vulnerability in IBM Spectrum Scale IBM Spectrum Scale 5.0.0 through 5.0.5.6 and 5.1.0 through 5.1.0.3 system core component is affected by a format string security vulnerability. | 7.8 |
| 2021-05-18 | CVE-2021-30145 | Use of Externally-Controlled Format String vulnerability in MPV A format string vulnerability in mpv through 0.33.0 allows user-assisted remote attackers to achieve code execution via a crafted m3u playlist file. | 7.8 |
| 2021-04-14 | CVE-2020-36323 | Use of Externally-Controlled Format String vulnerability in multiple products In the standard library in Rust before 1.52.0, there is an optimization for joining strings that can cause uninitialized bytes to be exposed (or the program to crash) if the borrowed string changes after its length is checked. | 8.2 |
| 2021-04-05 | CVE-2021-20307 | Use of Externally-Controlled Format String vulnerability in multiple products Format string vulnerability in panoFileOutputNamesCreate() in libpano13 2.9.20~rc2+dfsg-3 and earlier can lead to read and write arbitrary memory values. | 9.8 |
| 2021-01-14 | CVE-2020-29018 | Use of Externally-Controlled Format String vulnerability in Fortinet Fortiweb A format string vulnerability in FortiWeb 6.3.0 through 6.3.5 may allow an authenticated, remote attacker to read the content of memory and retrieve sensitive data via the redir parameter. | 8.8 |
| 2020-12-31 | CVE-2020-35869 | Use of Externally-Controlled Format String vulnerability in Rusqlite Project Rusqlite An issue was discovered in the rusqlite crate before 0.23.0 for Rust. | 9.8 |
| 2020-11-11 | CVE-2020-27524 | Use of Externally-Controlled Format String vulnerability in Audi MMI Multiplayer N+Rcnaup0395 On Audi A7 MMI 2014 vehicles, the Bluetooth stack in Audi A7 MMI Multiplayer with version (N+R_CN_AU_P0395) mishandles %x and %s format string specifiers in a device name. | 7.1 |