Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-134 (使用外部控制的格式字符串) — Vulnerability Class 110

110 vulnerabilities classified as CWE-134 (使用外部控制的格式字符串). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2026-6843 Nano: nano: format string vulnerability leads to denial of service — Red Hat Enterprise Linux 10 5.5 Medium2026-04-22
CVE-2026-3509 CODESYS Control Audit Log Format String DoS — CODESYS Control RTE (SL) 7.5 High2026-03-24
CVE-2026-33210 Ruby JSON has a format string injection vulnerability — json 8.2 -2026-03-20
CVE-2025-68648 Fortinet多款产品 格式化字符串错误漏洞 — FortiManager Cloud 6.5 High2026-03-10
CVE-2026-0400 SonicWALL SonicOS 安全漏洞 — SonicOS 6.5AIMediumAI2026-02-24
CVE-2025-30269 Qsync Central — Qsync Central 8.2 -2026-02-11
CVE-2025-64157 Fortinet FortiOS 格式化字符串错误漏洞 — FortiOS 6.7 Medium2026-02-10
CVE-2025-68949 n8n has a Webhook Node IP Whitelist Bypass via Partial String Matching — n8n 5.3 Medium2026-01-13
CVE-2026-22190 Panda3D <= 1.10.16 egg-mkfont Format String Information Disclosure — Panda3D 5.5 -2026-01-07
CVE-2025-53591 QTS, QuTS hero — QTS 6.5 -2026-01-02
CVE-2023-53966 SOUND4 LinkAndShare Transmitter 1.1.2 Format String Stack Buffer Overflow — SOUND4 LinkAndShare Transmitter 9.8 Critical2025-12-22
CVE-2025-48826 Planet WGR-500 安全漏洞 — WGR-500 8.8 High2025-10-07
CVE-2025-53407 QTS, QuTS hero — QTS 6.5 -2025-10-03
CVE-2025-53406 QTS, QuTS hero — QTS 6.5 -2025-10-03
CVE-2025-52429 QTS, QuTS hero — QTS 6.5 -2025-10-03
CVE-2025-48730 QTS, QuTS hero — QTS 6.5 -2025-10-03
CVE-2025-36202 IBM webMethods Integration code execution — webMethods Integration 7.5 High2025-09-22
CVE-2011-10029 Solar FTP Server <= 2.1.1 Malformed USER Denial of Service — Solar FTP Server 7.5AIHighAI2025-08-20
CVE-2012-10055 ComSndFTP v1.3.7 Beta USER Format String RCE — FTP Server 9.8AICriticalAI2025-08-13
CVE-2025-40600 SonicWALL SonicOS SSLVPN 格式化字符串错误漏洞 — SonicOS 7.5AIHighAI2025-07-29
CVE-2025-22482 Qsync Central — Qsync Central 7.1AIHighAI2025-06-06
CVE-2025-48388 FreeScout Has Insufficient Protection Against CRLF-injection — freescout 4.3AIMediumAI2025-05-29
CVE-2024-45324 Fortinet FortiOS 格式化字符串错误漏洞 — FortiPAM 7.0 High2025-03-11
CVE-2023-40721 Fortinet FortiOS,FortiProxy和FortiPAM 格式化字符串错误漏洞 — FortiPAM 6.3 Medium2025-02-11
CVE-2025-24359 ASTEVAL Vulnerable to Maliciously Crafted Format Strings Leading to Sandbox Escape — asteval 8.4 High2025-01-24
CVE-2024-12805 SonicWALL SonicOS 安全漏洞 — SonicOS 8.8 -2025-01-09
CVE-2024-50403 QTS, QuTS hero — QTS 6.5 -2024-12-06
CVE-2024-50402 QTS, QuTS hero — QTS 6.5 -2024-12-06
CVE-2024-42330 JS - Internal strings in HTTP headers — Zabbix 9.1 Critical2024-11-27
CVE-2024-50396 QTS, QuTS hero — QTS 9.1 -2024-11-22

Vulnerabilities classified as CWE-134 (使用外部控制的格式字符串) represent 110 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.