CVE-2019-14410

LOW Year: 2019
CVSS v3 Score
3.3
Low
CVSS v2 Score
2.1
Low
Weakness Type
CWE-134
View all →

Vulnerability Description

Maketext in cPanel before 78.0.2 allows format-string injection in the Email store_filter UAPI (SEC-472).

Related Vulnerabilities

CVE-2019-14412

LOW
CVSS:3.3(Low)

Maketext in cPanel before 78.0.2 allows format-string injection in the DCV check_domains_via_dns UAPI (SEC-474).

CWE-1342019

CVE-2021-34970

LOW
CVSS:3.3(Low)

Foxit PDF Reader print Method Use of Externally-Controlled Format String Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected ...

CWE-1342021

CVE-2020-16142

LOW
CVSS:3.5(Low)

On Mercedes-Benz C Class AMG Premium Plus c220 BlueTec vehicles, the Bluetooth stack mishandles %x and %c format-string specifiers in a device name in the COMAND infotainment software.

CWE-1342020

CVE-2022-3023

MEDIUM
CVSS:4.2(Medium)

Use of Externally-Controlled Format String in GitHub repository pingcap/tidb prior to 6.4.0, 6.1.3.

CWE-1342022

CVE-2017-5524

MEDIUM
CVSS:4.3(Medium)

Plone 4.x through 4.3.11 and 5.x through 5.0.6 allow remote attackers to bypass a sandbox protection mechanism and obtain sensitive information by leveraging the Python string format method.

CWE-1342017

CVE-2017-7519

MEDIUM
CVSS:4.4(Medium)

In Ceph, a format string flaw was found in the way libradosstriper parses input from user. A user could crash an application or service using the libradosstriper library.

CWE-1342017